Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: ESET meldet Funde

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 27.05.2017, 18:12   #1
Gloriaflyx
 
ESET meldet Funde - Standard

ESET meldet Funde



Hallo liebes Trojaner-Board-Team,
wie bereits der Titel sagt, meldet ESET bei mir ein paar Funde. Leider habe ich vergessen einen Screenshot anzufertigen. was ist noch weiß ist, dass es insgesamt drei Funde waren.

Darunter:
"Variante von Win32/FusionCore.L
"Variante von Win 32/FusionCore.J (oder anderer Buchstabe)

Ich bin schon vorher mit COMODO und MBM drüber. Sie hatten beide keine Funde. Ich habe gesehen, dass ein anderer User ähnliche Funde hatte. Es scheint sich um unerwünschte Adware zu handeln.

Viele Grüße,
Gloriaflyx

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2017
durchgeführt von Gloriaflyx (Administrator) auf BALDER (27-05-2017 18:07:02)
Gestartet von C:\Users\Gloriaflyx\Desktop
Geladene Profile: Gloriaflyx (Verfügbare Profile: Gloriaflyx & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Flux Software LLC) C:\Users\Gloriaflyx\AppData\Local\FluxSoftware\Flux\flux.exe
(SunplusIT, Inc.) C:\Program Files (x86)\Integrated Camera\Monitor.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17032.10331.0_x64__8wekyb3d8bbwe\Music.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17032.10341.0_x64__8wekyb3d8bbwe\Video.UI.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\KillSwitch.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.0_none_1a733a82001933cc\TiWorker.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401896 2016-11-03] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-08-22] (IvoSoft)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1720696 2013-09-27] (SunplusIT, Inc.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2678784 2016-03-23] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3386576 2017-03-30] (COMODO)
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Run: [f.lux] => C:\Users\Gloriaflyx\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2015-09-23] (Flux Software LLC)
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
GroupPolicy: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.16.60.1
Tcpip\..\Interfaces\{674872c8-8b5a-47c5-887a-2bfeff0d36c4}: [DhcpNameServer] 192.168.44.1 192.168.44.1
Tcpip\..\Interfaces\{bb538318-92b1-40b0-88af-d342e62259b8}: [DhcpNameServer] 172.16.60.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-04-05] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default [2017-05-27]
FF user.js: detected! => C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\user.js [2016-03-04]
FF Homepage: Mozilla\Firefox\Profiles\j5h72v37.default -> hxxps://webmailer.hosteurope.de/
FF NetworkProxy: Mozilla\Firefox\Profiles\j5h72v37.default -> type", 0
FF Extension: (Ghostery) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\firefox@ghostery.com.xpi [2017-05-05]
FF Extension: (Personas Plus) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\personas@christopher.beard.xpi [2017-05-18]
FF Extension: (uBlock Origin) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\uBlock0@raymondhill.net.xpi [2017-05-15]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-10] ()
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-10] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3668857010-2765377856-186715415-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gloriaflyx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-14] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3668857010-2765377856-186715415-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-11-26] ()

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [lobonlhedgiilkfmbbbfhkaoefacipgj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [249856 2016-03-23] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10512032 2017-04-23] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-04-23] (COMODO)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-20] (Digital Wave Ltd.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-03] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [118480 2017-03-30] (COMODO)
R2 LPlatSvc; C:\WINDOWS\system32\LPlatSvc.exe [710144 2016-05-04] (Lenovo.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2017-02-10] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1326408 2017-05-14] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-03-25] ()
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [259176 2016-11-05] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [40960 2017-03-31] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [831504 2017-03-31] (COMODO)
R1 cmdHlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-03-31] (COMODO)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d62x64.sys [519680 2015-12-08] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\System32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\WINDOWS\System32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [138560 2016-06-15] (COMODO)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel Corporation)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-03-18] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvlddmkm.sys [14190520 2017-02-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [761600 2015-06-15] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51296 2016-11-05] (Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [735744 2016-03-11] (Sunplus)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-05-26] ()
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-27 18:07 - 2017-05-27 18:07 - 00019773 _____ C:\Users\Gloriaflyx\Desktop\FRST.txt
2017-05-27 18:06 - 2017-05-27 18:07 - 00000000 ____D C:\FRST
2017-05-27 18:02 - 2017-05-27 18:02 - 02429952 _____ (Farbar) C:\Users\Gloriaflyx\Desktop\FRST64.exe
2017-05-27 16:21 - 2017-05-27 16:21 - 00000000 ____D C:\Program Files (x86)\ESET
2017-05-27 16:20 - 2017-05-27 16:20 - 02870984 _____ (ESET) C:\Users\Gloriaflyx\Desktop\esetsmartinstaller_deu.exe
2017-05-26 09:31 - 2017-05-26 19:35 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-05-24 12:06 - 2017-05-24 12:06 - 01147686 _____ C:\Users\Gloriaflyx\Desktop\2_-_Spark[1].pdf
2017-05-18 21:45 - 2017-05-18 21:45 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\DBG
2017-05-17 19:14 - 2017-05-17 19:14 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-17 19:13 - 2017-05-17 19:13 - 00000020 ___SH C:\Users\Gloriaflyx\ntuser.ini
2017-05-17 19:13 - 2017-05-17 19:13 - 00000000 ____D C:\ProgramData\USOShared
2017-05-17 18:52 - 2017-05-17 18:52 - 00000000 ____D C:\Windows.old
2017-05-17 18:51 - 2017-05-17 18:51 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-17 18:51 - 2017-05-17 18:51 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-17 18:51 - 2017-05-17 18:51 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-17 18:51 - 2017-05-17 18:51 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-17 18:51 - 2017-05-17 18:51 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-17 18:51 - 2017-05-17 18:51 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-17 18:51 - 2017-05-17 18:51 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-17 18:51 - 2017-05-17 18:51 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-17 18:51 - 2017-05-17 18:51 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-17 18:49 - 2017-05-17 18:49 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-17 18:49 - 2017-05-17 17:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\system32\msmq
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files\MSBuild
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\inetpub
2017-05-17 18:47 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-17 18:47 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-17 18:05 - 2017-05-17 18:05 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-05-17 18:05 - 2017-05-17 18:05 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-05-17 18:03 - 2017-05-26 19:35 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-17 18:03 - 2017-05-17 19:15 - 00003286 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-17 18:03 - 2017-05-17 18:03 - 00003500 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-17 18:03 - 2017-05-17 18:03 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-17 18:03 - 2017-05-17 18:03 - 00002700 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task
2017-05-17 18:03 - 2017-05-17 18:03 - 00002440 _____ C:\WINDOWS\System32\Tasks\{A77B8121-4DF6-4C06-AC86-940FC3B7AF54}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002432 _____ C:\WINDOWS\System32\Tasks\{3A39D014-2508-4DC8-8EED-5D3C5194CC6A}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002360 _____ C:\WINDOWS\System32\Tasks\{B4F731ED-C11E-4F9B-A092-6083F00D4F25}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002358 _____ C:\WINDOWS\System32\Tasks\{077EA0BA-9543-46EF-AA05-A3609078E68C}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002354 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_Dolby
2017-05-17 18:03 - 2017-05-17 18:03 - 00002352 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002342 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2017-05-17 18:03 - 2017-05-17 18:03 - 00002304 _____ C:\WINDOWS\System32\Tasks\{40397F46-4625-412F-9983-FCD60BC4A9E4}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002290 _____ C:\WINDOWS\System32\Tasks\{4428CE4F-B2B8-4E7A-802D-3985A4AE3A2E}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002290 _____ C:\WINDOWS\System32\Tasks\{3C95CE29-D5CC-4534-842A-1D344CDA2CE7}
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2017-05-17 18:00 - 2017-05-17 18:00 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-17 17:58 - 2017-05-17 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spiele
2017-05-17 17:58 - 2017-05-17 17:58 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-05-17 17:57 - 2017-05-26 23:20 - 00000000 ____D C:\Users\Gloriaflyx
2017-05-17 17:57 - 2017-05-17 18:02 - 00000000 ____D C:\Users\DefaultAppPool
2017-05-17 17:57 - 2017-05-17 18:01 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Vorlagen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Startmenü
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Netzwerkumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Lokale Einstellungen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Eigene Dateien
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Druckumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Videos
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Musik
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Bilder
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Local\Verlauf
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Local\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Anwendungsdaten
2017-05-17 17:56 - 2017-05-27 16:19 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-17 17:56 - 2017-05-26 19:41 - 02729236 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-17 17:56 - 2017-05-17 17:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-17 17:56 - 2017-05-17 17:58 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-17 17:56 - 2017-05-17 17:58 - 00000000 ____D C:\Program Files\Intel
2017-05-17 17:56 - 2017-05-17 17:56 - 02011386 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-05-17 17:56 - 2017-05-17 17:56 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files\Synaptics
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files\Realtek
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files (x86)\SunplusIT Integrated Camera
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-05-17 17:56 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-17 17:56 - 2016-12-29 15:16 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-05-17 17:56 - 2016-12-29 15:16 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-05-17 17:56 - 2016-12-29 15:16 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-05-17 17:56 - 2016-12-29 15:16 - 00546752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-05-17 17:56 - 2016-12-29 15:16 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-05-17 17:56 - 2016-12-29 15:16 - 00147000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2017-05-17 17:56 - 2016-12-29 15:16 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-17 17:56 - 2016-12-29 15:16 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-05-17 17:56 - 2016-12-22 01:59 - 07651057 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-05-17 17:56 - 2016-11-03 16:32 - 00099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-05-17 17:55 - 2017-05-27 17:41 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-17 17:55 - 2017-05-26 19:35 - 00506712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-12 11:35 - 2017-05-12 11:35 - 00060895 _____ C:\Users\Gloriaflyx\Desktop\Info Exk. 10 Eltville.pdf
2017-05-12 11:34 - 2017-05-12 11:34 - 00155883 _____ C:\Users\Gloriaflyx\Desktop\Info Exk. 8 Gewässerexkursion.pdf
2017-05-11 14:13 - 2017-05-17 19:13 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-11 13:51 - 2017-05-11 13:51 - 00001258 _____ C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk
2017-05-11 13:51 - 2017-05-11 13:51 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\UNP
2017-05-10 18:28 - 2017-05-17 18:01 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-10 18:28 - 2017-05-10 18:29 - 00000000 ____D C:\Program Files\UNP
2017-05-10 10:46 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-03 18:21 - 2017-05-03 18:21 - 00063161 _____ C:\Users\Gloriaflyx\Desktop\Konto_133301317-Auszug_2017_005.PDF
2017-05-03 10:27 - 2017-05-03 10:27 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\PDFCreator
2017-05-02 21:10 - 2017-05-17 19:15 - 00002448 _____ C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-02 21:07 - 2017-05-02 21:08 - 06100264 _____ (Microsoft Corporation) C:\Users\Gloriaflyx\Downloads\setuplanguagepack.x64.en-us_.exe
2017-05-02 21:05 - 2017-05-02 21:06 - 05897000 _____ (Microsoft Corporation) C:\Users\Gloriaflyx\Downloads\setuplanguagepack.x64.de-de_.exe
2017-05-01 17:16 - 2017-05-01 17:16 - 08408221 _____ C:\Users\Gloriaflyx\Desktop\Insecta.pdf
2017-05-01 17:16 - 2017-05-01 17:16 - 07676452 _____ C:\Users\Gloriaflyx\Desktop\Intro and Molluscs.pdf
2017-05-01 17:15 - 2017-05-01 17:15 - 02090938 _____ C:\Users\Gloriaflyx\Desktop\Artenkenntnis einheimischer Tierarten.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-27 18:04 - 2014-01-17 18:49 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2017-05-27 18:02 - 2014-04-02 20:05 - 01374040 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2017-05-27 17:56 - 2014-01-17 19:41 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Skype
2017-05-27 17:55 - 2016-11-19 11:26 - 00000000 ____D C:\Users\Gloriaflyx\AppData\LocalLow\Mozilla
2017-05-27 17:54 - 2016-06-19 12:39 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\ClassicShell
2017-05-27 16:19 - 2016-06-19 12:32 - 00000000 __SHD C:\Users\Gloriaflyx\IntelGraphicsProfiles
2017-05-26 22:02 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-26 22:02 - 2010-11-21 05:27 - 00532136 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-26 21:11 - 2014-07-01 13:19 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-26 20:56 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-26 20:55 - 2014-01-17 19:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-26 19:43 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-26 19:43 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-26 19:41 - 2017-03-20 06:41 - 01236610 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-26 19:41 - 2017-03-20 06:41 - 00294824 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-26 19:35 - 2016-08-16 20:50 - 00000000 ____D C:\ProgramData\NVIDIA
2017-05-26 19:35 - 2014-01-18 11:54 - 00034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-05-26 12:43 - 2017-03-18 13:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-05-26 11:11 - 2015-08-31 10:32 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Ahnenblatt
2017-05-26 11:02 - 2017-03-29 13:14 - 00000000 ____D C:\Users\Gloriaflyx\Documents\Ahnenblatt
2017-05-26 09:32 - 2016-12-29 14:16 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-25 22:03 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\L2Schemas
2017-05-25 20:42 - 2014-02-03 22:35 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Audacity
2017-05-25 12:49 - 2014-01-17 19:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-23 21:48 - 2017-03-20 22:36 - 00000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files
2017-05-23 21:48 - 2016-11-06 12:13 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\DVDVideoSoft
2017-05-23 19:58 - 2014-01-17 18:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-23 19:57 - 2014-01-17 18:51 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-23 18:53 - 2017-03-25 11:36 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-05-23 18:53 - 2014-01-17 19:39 - 00000000 ____D C:\ProgramData\Skype
2017-05-22 22:06 - 2017-02-08 20:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-05-21 17:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-21 15:58 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-20 16:42 - 2015-09-13 16:42 - 00000000 ____D C:\Program Files (x86)\Overwolf
2017-05-19 14:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-19 11:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-18 22:52 - 2014-04-02 20:05 - 00000000 ___HD C:\VTRoot
2017-05-17 21:19 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-17 19:17 - 2016-06-19 12:32 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\Packages
2017-05-17 19:15 - 2016-06-19 12:34 - 00000000 __RHD C:\Users\Gloriaflyx\OneDrive
2017-05-17 19:13 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-17 19:13 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-17 19:13 - 2016-04-27 07:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-17 18:55 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-17 18:52 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-17 18:52 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-05-17 18:47 - 2017-03-18 22:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-05-17 18:47 - 2017-03-18 22:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-05-17 18:47 - 2017-03-18 22:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2017-05-17 18:47 - 2017-03-18 22:56 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2017-05-17 18:47 - 2017-03-18 22:56 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2017-05-17 18:47 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-05-17 18:07 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-17 18:07 - 2016-12-27 17:25 - 00000460 __RSH C:\ProgramData\ntuser.pol
2017-05-17 18:06 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-17 18:05 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-17 18:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-17 18:03 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-17 18:03 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-05-17 18:03 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-17 18:03 - 2016-06-19 12:23 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-17 18:01 - 2017-04-26 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2017-05-17 18:01 - 2017-04-26 18:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-05-17 18:01 - 2015-06-10 22:28 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Office
2017-05-17 18:01 - 2014-10-23 21:45 - 00000000 ____D C:\WINDOWS\de
2017-05-17 18:01 - 2014-03-27 11:48 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spiele
2017-05-17 17:58 - 2017-03-25 11:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-05-17 17:58 - 2017-03-20 06:41 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\IME
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\schemas
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Cursors
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-17 17:58 - 2014-07-19 18:43 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2017-05-17 17:58 - 2014-01-17 18:31 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-05-17 17:57 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-05-17 17:57 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-05-17 17:56 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-05-17 17:56 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-17 17:41 - 2014-01-17 17:39 - 00008192 __RSH C:\BOOTSECT.BAK
2017-05-17 17:36 - 2017-03-20 07:06 - 00000000 ___HD C:\$WINDOWS.~BT
2017-05-10 10:48 - 2014-07-10 22:11 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\Adobe
2017-05-03 22:34 - 2014-07-02 21:00 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\vlc
2017-05-03 10:27 - 2015-02-03 10:16 - 00000000 ____D C:\Program Files\PDFCreator
2017-04-29 14:47 - 2014-03-10 16:37 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\CrashDumps
2017-04-29 03:05 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 03:05 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-10-22 13:22 - 2015-10-22 13:22 - 0159657 _____ () C:\Program Files (x86)\changelog.txt
2015-10-22 13:22 - 2015-11-07 18:45 - 0375544 _____ () C:\Program Files (x86)\createfileassoc.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 0447464 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\error_report.exe
2015-09-21 16:24 - 2015-09-21 16:24 - 1709056 _____ () C:\Program Files (x86)\libeay32.dll
2013-10-05 00:58 - 2013-10-05 00:58 - 0660128 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcp120.dll
2013-10-05 00:58 - 2013-10-05 00:58 - 0963232 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr120.dll
2015-08-27 10:07 - 2015-11-07 18:45 - 1704176 _____ (Overwolf) C:\Program Files (x86)\OverwolfTeamSpeakInstaller.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 0475112 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\package_inst.exe
2015-10-22 11:20 - 2015-10-22 11:20 - 0000321 _____ () C:\Program Files (x86)\plugin_sdk.html
2015-09-21 16:47 - 2015-09-21 16:47 - 5626368 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Core.dll
2015-09-21 16:48 - 2015-09-21 16:48 - 3937280 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Gui.dll
2015-09-21 16:48 - 2015-09-21 16:48 - 1092608 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Network.dll
2015-09-21 16:47 - 2015-09-21 16:47 - 0216576 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Sql.dll
2015-09-21 16:50 - 2015-09-21 16:50 - 5424128 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Widgets.dll
2015-10-22 13:22 - 2015-10-22 13:22 - 0175080 _____ () C:\Program Files (x86)\quazip.dll
2015-09-21 16:24 - 2015-09-21 16:24 - 0317440 _____ () C:\Program Files (x86)\ssleay32.dll
2015-10-22 13:21 - 2015-11-07 18:45 - 11544552 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\ts3client_win64.exe
2015-09-13 16:41 - 2015-11-07 18:45 - 0390800 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\Uninstall.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 1514984 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\update.exe
2015-10-22 11:20 - 2015-10-22 11:20 - 0520934 _____ () C:\Program Files (x86)\usb.ids
2015-11-08 20:24 - 2015-11-08 20:24 - 0000000 ____H () C:\Users\Gloriaflyx\AppData\Local\BITEEB2.tmp
2015-12-07 14:05 - 2015-12-07 14:05 - 0000000 ____H () C:\Users\Gloriaflyx\AppData\Local\BITF863.tmp
2014-03-24 11:50 - 2015-11-05 12:49 - 0010752 _____ () C:\Users\Gloriaflyx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-13 22:52 - 2014-03-13 22:52 - 0001434 _____ () C:\Users\Gloriaflyx\AppData\Local\RecConfig.xml
2016-05-01 21:51 - 2016-05-01 21:52 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{0B179D57-EBA9-4D85-B0A3-C14982A9ED52}
2015-10-26 15:04 - 2015-10-26 15:04 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{309B8B15-3C7F-4F34-B3F6-0066EA01FC36}
2016-05-11 20:19 - 2016-05-11 20:19 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{3CF62346-6D52-4520-A926-FB0B6E652FF3}
2016-04-22 14:12 - 2016-04-22 14:12 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{B01DDBE6-2D6A-4727-B346-D57950EA3E3A}
2015-11-08 20:23 - 2015-11-08 20:24 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{BAE73680-28A1-4D05-AD07-486B48904EAC}
2015-12-07 14:04 - 2015-12-07 14:05 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{D054697A-BAC1-4993-959D-79690D24E3EF}
2016-01-26 20:38 - 2016-01-26 20:38 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{F1079BA0-943D-4D61-A261-CEFBF1919D56}
2017-05-17 17:56 - 2017-05-17 17:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-22 22:02 - 2015-09-22 22:02 - 0000106 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
2017-03-22 17:45 - 2017-03-22 17:45 - 0000016 _____ () C:\ProgramData\mntemp
2017-03-22 17:45 - 2017-03-22 17:45 - 0005041 _____ () C:\ProgramData\mudtcpaz.vzs

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-17 17:55

==================== Ende von FRST.txt ============================
         

Alt 27.05.2017, 18:13   #2
Gloriaflyx
 
ESET meldet Funde - Standard

ESET meldet Funde



Hier noch Addition:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-05-2017
durchgeführt von Gloriaflyx (27-05-2017 18:07:31)
Gestartet von C:\Users\Gloriaflyx\Desktop
Windows 10 Pro Version 1703 (X64) (2017-05-17 16:07:08)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3668857010-2765377856-186715415-500 - Administrator - Disabled)
Gloriaflyx (S-1-5-21-3668857010-2765377856-186715415-1000 - Administrator - Enabled) => C:\Users\Gloriaflyx
DefaultAccount (S-1-5-21-3668857010-2765377856-186715415-503 - Limited - Disabled)
Gast (S-1-5-21-3668857010-2765377856-186715415-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3668857010-2765377856-186715415-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD}
AS: COMODO Advanced Protection (Enabled - Up to date) {B730BF64-C56F-6633-0EF5-9E639E46CC40}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Age of Empires® III: Complete Collection (HKLM\...\Steam App 105450) (Version:  - Ensemble Studios)
Age of Mythology: Extended Edition (HKLM\...\Steam App 266840) (Version:  - SkyBox Labs)
Ahnenblatt 2.88 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.88.0.1 - Dirk Böttcher)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.20.00 - )
AoE 2 & TC v1.1 Userpatch AiO Update r5 r5 (HKLM-x32\...\{0CEC2F82-AEB2-4C4B-B450-62C6CEF159FE}_is1) (Version: 0.5 - line0)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Assassin's Creed Liberation HD (HKLM-x32\...\Uplay Install 625) (Version:  - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
calibre (HKLM-x32\...\{6EB8794A-DAF6-4722-90B2-68D1459A9615}) (Version: 2.75.1 - Kovid Goyal)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Cities: Skylines (HKLM\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
COMODO Internet Security Premium (HKLM\...\{901D1D88-408D-48E5-80DD-CC3145BD8456}) (Version: 10.0.1.6223 - COMODO Security Solutions Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Diablo II (HKLM-x32\...\Diablo II) (Version:  - Blizzard Entertainment)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
f.lux (HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Flux) (Version:  - )
FanFictionDownloader version 0.8.14.0 (HKLM-x32\...\{1D868954-1083-4BBA-8379-C7A9B2705CBA}_is1) (Version: 0.8.14.0 - Raimond Eisele)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Video To MP3 Converter (HKLM-x32\...\Free Video To MP3 Converter_is1) (Version: 5.1.0.307 - Digital Wave Ltd)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Hero Editor V0.96 (HKLM-x32\...\ST6UNST #1) (Version:  - )
HL-5450DN (HKLM-x32\...\{7171B206-5C5A-4B7F-B9E1-1F1827FC769F}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.1 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{a2a04474-104a-49b3-9bf5-33afee260030}) (Version: 17.14.0 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.1.413499.43 - Comodo)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.10 - Lenovo)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.14.1 - LG Electronics)
LibreOffice 5.2.5.1 (HKLM-x32\...\{79CD8EA1-DEB1-4582-9E41-8634223BDCD4}) (Version: 5.2.5.1 - The Document Foundation)
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8067.2115 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 53.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 de)) (Version: 53.0 - Mozilla)
Mozilla Firefox 53.0.3 (x64 de) (HKLM\...\Mozilla Firefox 53.0.3 (x64 de)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
Mp3tag v2.80 (HKLM-x32\...\Mp3tag) (Version: v2.80 - Florian Heidenreich)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7967.2073 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.104.210.0 - Overwolf Ltd.)
paint.net (HKLM\...\{1F895C18-6A2F-4A9E-BBE9-246783070F37}) (Version: 4.0.16 - dotPDN LLC)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.2 - pdfforge GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
R for Windows 3.3.0 (HKLM\...\R for Windows 3.3.0_is1) (Version: 3.3.0 - R Core Team)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{9B2D2419-CC47-4A73-A7A0-8FA2FFDE0C7C}) (Version: 6.1.1.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
The Sims(TM) 3 (HKLM-x32\...\Steam App 47890) (Version:  - The Sims Studio)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17323 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gloriaflyx\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1D85A55B-993A-45E3-B015-250C795151A1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {26576267-54D3-4A94-97C7-4DCECB1AB3C3} - System32\Tasks\{3A39D014-2508-4DC8-8EED-5D3C5194CC6A} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller" -c -hunter
Task: {420FE51C-0D20-4591-B7CE-77DA17FC435F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {46734673-F9A6-4302-9D04-A119C0518E35} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {47A200AF-0889-49E0-B321-5A47994CCB96} - System32\Tasks\{B4F731ED-C11E-4F9B-A092-6083F00D4F25} => pcalua.exe -a "C:\Program Files (x86)\Die Sims\Die Sims 2\Sims2_uninst.exe" -d "C:\Program Files (x86)\Die Sims\Die Sims 2"
Task: {4A7ED33F-A84F-48AC-B000-ABED4901E0AB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {51DC85CF-A98A-43D8-8C1F-F7248B1FB113} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-26] (Microsoft Corporation)
Task: {5FFE647A-3E5D-4594-9EA5-5B65B185DC03} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {6C4BAE11-65C4-4950-BC26-FF6B6A1A14CA} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {799696A9-5758-492B-8927-81A7E88B1D69} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {856E8075-122F-45E5-BC1C-CE7C0E407608} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {88C43D0B-A2F3-4D79-B2FA-E2378BCFA74E} - System32\Tasks\{077EA0BA-9543-46EF-AA05-A3609078E68C} => pcalua.exe -a "C:\Program Files (x86)\Die Sims\Die Sims 2\eauninstall.exe" -d "C:\Program Files (x86)\Die Sims\Die Sims 2"
Task: {8E279186-208B-4384-BA38-55AEFA56EE1E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-10] (Adobe Systems Incorporated)
Task: {94BBF4A3-D101-498A-8DD5-9C76C5B2C63F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {9D320E3D-5658-4B76-BC1B-6B5DB3F33348} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-26] (Microsoft Corporation)
Task: {9DAF125B-A6D1-439B-933B-388A6A74B24B} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {9FCB8499-497D-41E5-89FE-0231E583FB37} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-26] (Microsoft Corporation)
Task: {A042F675-4FCB-4903-9A13-DE3CDDF82AAF} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-04-05] (Realtek Semiconductor)
Task: {A92B8410-5D79-45B0-A05A-A93C395ABB37} - System32\Tasks\{4428CE4F-B2B8-4E7A-802D-3985A4AE3A2E} => Firefox.exe hxxp://ui.skype.com/ui/0/7.16.0.102/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {AB28F491-13D7-441F-8BE3-99AEF1AF36E0} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {AC0DD1AA-2C9D-41FF-9BB4-E4C0B5CAB66C} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {B59D1B68-72A7-4E68-B9EF-3A0932C2E840} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
Task: {B87DE87D-F54B-4E90-8A66-A192864D7052} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {C3DA719C-9EF8-4F50-BF45-7143C26331AB} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {C5050B7C-1F8D-40E9-9E24-20623960C6E4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {CA1E47C4-6FB4-4B1C-8C9E-2CEE7AD55373} - System32\Tasks\{40397F46-4625-412F-9983-FCD60BC4A9E4} => Firefox.exe hxxp://ui.skype.com/ui/0/6.11.0.102/de/go/help.faq.installer?source=lightinstaller&amp;LastError=1618
Task: {D9A35DD8-3F45-4EF2-BAB3-171204A5C81A} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {DC8BA37A-EFC5-4813-AF4D-6CF617B6471A} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-04-05] (Realtek Semiconductor)
Task: {E59B3A1A-4F35-4A9C-B55C-FFE33FBD2B8F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {E98AD572-71BE-4D8A-B936-AEEF09E30360} - System32\Tasks\{3C95CE29-D5CC-4534-842A-1D344CDA2CE7} => Firefox.exe hxxp://ui.skype.com/ui/0/7.16.0.102/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {EABE54ED-1BBC-44FF-977C-F9A4D104791A} - System32\Tasks\{A77B8121-4DF6-4C06-AC86-940FC3B7AF54} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}\setup.exe" -c -runfromtemp -l0x0007 -removeonly
Task: {EBA005EB-9167-49FC-B0CA-71599621456C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {EE29A92D-3408-4186-B873-7B505989B5B8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {F89037C2-30A8-4D5D-9474-4E51ED8EF8AB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
Task: {FDFFF155-A9BE-414D-B4E2-3EFD4B350771} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-05-14] (Overwolf LTD)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-04-06 18:20 - 2017-04-23 00:28 - 00156352 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2013-09-24 11:53 - 2017-04-23 00:27 - 00107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2013-10-20 02:23 - 2017-04-23 00:27 - 00244928 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2013-04-15 16:45 - 2013-04-15 16:45 - 00182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 16:45 - 2013-04-15 16:45 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-01-18 14:03 - 2014-03-25 20:50 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-05-17 17:56 - 2016-12-29 15:16 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2013-04-15 18:39 - 2016-03-16 12:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2017-04-27 19:24 - 2017-04-27 19:24 - 02167664 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17032.10331.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-05-08 19:47 - 2017-05-08 19:47 - 26322944 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 00441856 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 02139648 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 02901928 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2016-06-19 14:31 - 2016-06-19 14:31 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 00641024 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2017-05-05 21:04 - 2017-05-05 21:04 - 02167664 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17032.10341.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2014-12-11 15:15 - 2015-04-05 16:07 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-08-23 20:01 - 2014-01-29 16:36 - 00271280 _____ () C:\Program Files\COMODO\COMODO Internet Security\themes\CCE.THEME

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\autoexec.bat:$CmdTcID [64]
AlternateDataStreams: C:\install.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\createfileassoc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\error_report.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\OverwolfTeamSpeakInstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\package_inst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\ts3client_win64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\Uninstall.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\update.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\NvContainerRecovery.bat:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\ST6UNST.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BRCOMB1A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\common_clang64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPD64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPO64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyAppv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\e1dmsg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\GfxResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GfxUIEx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv4_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ibmpmctl.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ig75icd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10idpp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10iumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd11dxva64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd12umd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdail64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdbcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdde64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdfcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdrcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdumdim64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdusc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfx11cmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmjit64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4531.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCPL.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIServicePS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDH.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDTCM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxexps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxext.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxOSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDK.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhsip64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelCpHDCPSvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelOpenCL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCComp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NicCo4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NicInstD.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvapi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvcompiler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvcuda.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvcuvid.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6434520.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435382.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435445.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437654.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6434520.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435382.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435445.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437654.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvEncMFTH264.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvEncodeAPI64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvfatbinaryLoader.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NvFBC64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NvIFR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NvIFROpenGL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvoglv64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvopencl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvptxJitCompiler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvumdshimx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\OpenCL.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEA64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynTPAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynTPCo34-11.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SynTPCo34-9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tpinspm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\vulkaninfo-1-1-0-26-0.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\vulkaninfo.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\WdfCoInstaller01011.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AC3ACM.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\alf2cd.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLM03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLMW03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BROSNMP.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRRBTOOL.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRTCPCON.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\COMDLG32.OCX:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\common_clang32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\divx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\divxdec.ax:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ig75icd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10idpp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10iumd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd11dxva32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd12umd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdail32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdbcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdde32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdfcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdrcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdumdim32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdusc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfx11cmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmjit32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxexps32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhcp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhsip32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelOpenCL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\L3CODECX.AX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Lagarith.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\lame.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mcdvd_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mpg4c32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mslvddsfilter3.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msxml3a.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvapi.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcompiler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcuda.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvcuvid.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvEncMFTH264.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvEncodeAPI.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NvFBC.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NvIFR.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\NvIFROpenGL.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvoglv32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvopencl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\opencl.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RICHTX32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Scg726.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SynCom.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TABCTL32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\VB6STKIT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vct3216.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-26-0.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vulkaninfo.exe:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvid.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvidcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvidvfw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\e1d62x64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ibmpmdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\igdkmd64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IntcDAud.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbam.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbamchameleon.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mwac.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvpciflt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\stflt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynRMIHID_Aux.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynTP.sys:$CmdTcID [64]
AlternateDataStreams: C:\Users\Gloriaflyx\Desktop\Vorlesung Humanbiologie des Alterns.pdf:$CmdZnID [26]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\ajax.googleapis.com -> hxxp://ajax.googleapis.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\ajax.googleapis.com -> hxxps://ajax.googleapis.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\BALDER -> hxxp://BALDER
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\BALDER -> hxxps://BALDER
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\blank -> blank
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\hola.org -> hxxp://hola.org
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\lansweeper.com -> hxxp://lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\lansweeper.com -> hxxps://lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\update.lansweeper.com -> hxxp://update.lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\update.lansweeper.com -> hxxps://update.lansweeper.com

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-09-23 21:07 - 00000227 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
127.0.0.1 rad.msn.com
127.0.0.1 live.rads.msn.com
127.0.0.1 ads1.msn.com
127.0.0.1 g.msn.com
127.0.0.1 a.ads2.msads.net
127.0.0.1 b.ads2.msads.net
127.0.0.1 ac3.msn.com
127.0.0.1 apps.skype.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 172.16.60.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{C7306F57-5A89-4B3D-9647-86B9A3EDF4FE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{340A23AD-83FA-494A-8C72-9B119D354602}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8AD0A6CC-7D69-4057-B188-18B82A21EC5A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{D898CACD-C67F-4504-B77C-ECD6C84AF580}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{7229F440-A74A-4C4F-AB16-3580AF902AE3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F068410F-5376-4535-B281-FF1A4DE7EC98}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{E4E3DB35-064D-4E32-A06A-790B57CE72D4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F6240313-6D3B-4897-B26E-D6DF9AD8FAF6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{B74CBF9B-7DBF-4710-A2C9-AABF3BB4FCBE}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [TCP Query User{9D091F3D-2FD7-4B7F-864E-8022F46587C7}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [{617075F9-CF19-4EAF-B308-0D9C8E49D83A}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe
FirewallRules: [{0441E76E-DE86-4CB9-BE6F-057E69B4ED6D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe
FirewallRules: [{5EC522D1-6A39-4BAB-99C5-040ECDC28967}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe
FirewallRules: [{6D552728-80E7-4F84-ABE4-F52314FCA93A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe
FirewallRules: [{395A1E99-B36C-4778-BA40-093A8E11AF44}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe
FirewallRules: [{D1A64703-1DF8-4726-BB86-166DC7712D01}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe
FirewallRules: [{8D530BD0-F6E2-4EC3-A66B-10F11E50E0E3}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe
FirewallRules: [{30170A64-C79C-4B64-9B9C-3C4746BA620F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe
FirewallRules: [{44D637C9-7D6B-4320-BF3A-0B86F935DC10}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{0783A148-F84A-40BF-941E-9CCF1A929DF0}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{213E06D3-F4D6-49E4-9D54-B49C65461C00}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{21B456D8-BDC2-4203-96AB-5BA372335299}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DE107B61-C58A-486F-AA4F-E530D54C798E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{1EDAF709-CC50-4E06-AE24-EA0A5C1AF3FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{6A4CF7DA-06A5-45B9-8E10-04181104D818}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{6FDC5F18-279C-4E1F-BB58-E9E07E686028}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{683064EE-A4CE-4D85-B72B-DF952EB8B7B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{A82CEE29-8A24-4B50-8C9C-62B3CA7DE444}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{7DEB59C9-F185-4B63-962A-B0B4D968CE82}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{7E0C1D8F-CAD2-47BC-8DE5-7B87BF53B8CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{CF751517-40A7-425A-8BAB-FA28E5524C85}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0D5A66A4-EA4E-4D49-A0EB-D4CAD289CBD7}] => (Allow) LPort=82
FirewallRules: [{5115A262-97FC-4BD8-988E-A1BE756874BC}] => (Allow) LPort=82
FirewallRules: [{48BC6F67-412B-4AA6-878F-9F11A089176A}] => (Allow) C:\Program Files (x86)\Assassin's Creed Liberation\ac3lhd_32.exe
FirewallRules: [{40318DF4-D77B-48E2-AAC1-5E57E1AB8610}] => (Allow) C:\Program Files (x86)\Assassin's Creed Liberation\ac3lhd_32.exe
FirewallRules: [{0B9AD4F6-1396-4920-A55B-AE7C8D047D95}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0B3BBFFD-2D34-4233-B5C6-9A147BED8678}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{2E6990E2-28DE-43D5-B85C-15BDE32F0B81}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{6FFB4CAD-BB1B-4986-A25A-0CB0131BFF35}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{2C82E8DB-6B47-4C49-A804-526A1B4EDA6E}] => (Allow) LPort=1900
FirewallRules: [{1EB0D34A-34C2-4A25-9559-DD95C06B4E82}] => (Allow) LPort=2869
FirewallRules: [{82F73D39-E827-44A8-A7CC-A8C1194D18B3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F2264AE5-8A68-4CE3-A3A3-2AB08F9E0C19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{79EA8526-7705-4884-82FA-2A7546F5EBF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{741F57FC-17D9-40DE-AE51-9939E3146DBD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{81047ADA-4835-4F54-98E7-F7825358CD54}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{484BE953-A818-46FC-8C0E-762B527FF604}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{79EFDB78-C22F-4ADF-B1BF-BE3A5B63A9DB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{67774682-41F7-4CC1-ADC5-E5F492657415}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\Rtldhcp.exe
FirewallRules: [{8306B7C9-E38B-4B54-8F97-E641457FCF23}] => (Allow) LPort=53
FirewallRules: [{DA823A05-9D34-4185-8310-0704498170A1}] => (Allow) LPort=53
FirewallRules: [{9741EB6E-0D6F-43D5-A3A3-3E511CC4FC3C}] => (Allow) LPort=68
FirewallRules: [{1FE2263C-EC3E-4435-846D-B4D46AA34E0A}] => (Allow) LPort=67
FirewallRules: [{066922B0-6137-42B9-ADFB-0701BFA6EC2A}] => (Allow) LPort=53
FirewallRules: [{22252692-CD41-4ACF-B52D-67673CDCC5B1}] => (Allow) LPort=1542
FirewallRules: [{DBCC0F7A-3603-4C61-B277-724344051344}] => (Allow) LPort=1542
FirewallRules: [{C98C0483-875E-4482-9542-302290834C68}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{2D4B3E19-F842-4DBF-902C-0B595068949C}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{FA005BF5-DCB5-483D-AD35-6B357B56B78C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Sims 3\Game\Bin\Sims3Launcher.exe
FirewallRules: [{C0581BEB-1F7E-4E69-BD45-DBBA0BE9DFB4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Sims 3\Game\Bin\Sims3Launcher.exe
FirewallRules: [{801BF783-B7D6-49B4-99C0-D9C0BDC2119E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{20CA3455-5661-4C54-9C3C-3D54241E1A75}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{CD3B165B-F2FB-4BA7-AEC8-6863EB001DC5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8E9F6F41-4566-489C-8044-3CDC998AB084}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A15EFEB3-2D8B-4AEC-BB51-73FC90375414}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{606BFD88-6914-483F-A67D-603329CF3C63}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{AC12A9C3-5E3B-41E1-88EF-353322A82CAE}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{981BF606-4B92-4910-8D48-8FD87DA69452}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{98247D04-0FA7-4B03-A834-405A11AC03FC}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{C2256B62-96C1-4E48-966A-D8CC998576A2}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{B08948B3-0E7A-4D74-ACC1-A8627608A670}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold.exe
FirewallRules: [{1717CBAD-C663-4703-8C51-3E3784162616}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold.exe
FirewallRules: [{9B2E86CB-41BB-4658-8E0B-B4EE59FC423D}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{A0846C27-6804-4492-9622-4B57AFA72EE7}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{AF5497C7-8409-4880-8AC8-50AAA0FF1A3E}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{B8972737-AAE5-44E2-9897-C94EAACA3508}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{11CDF3F1-A21B-4633-9882-3EDE4CF43A87}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{1CECC7CF-3A49-4D19-AF98-EBF3B19DA9EB}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{E018E907-6743-40A1-B276-A9C82EFD8653}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{B59E3FDA-9CE2-475A-9C53-618A01E61F8B}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{D25DA9A7-D7D5-47AD-ABD7-A88092CADFD2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9471F074-83B7-4DB1-A645-125ED01AFB1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D2F1D9E7-2C11-432E-A09F-6ED1C372FC17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{A2371949-7434-4455-A6F0-C790FF2B30A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{6C2470E2-FA81-4AB3-8C7C-4970A93236C8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A66A8E9B-55CE-4D03-BBB5-462120E28CBA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F03E619D-67FD-4F88-89E2-5DB2B5A4EB1C}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{BE1EAF96-508D-44D4-95FC-8A0E58229036}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{D1551AF8-3700-4A3A-8F2E-27B6E1963D79}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AC3MP.exe
FirewallRules: [{14B632C5-AB0F-46DB-B97F-2E00B376ADD2}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AC3MP.exe
FirewallRules: [{208E418D-C56A-4AFC-B23C-B345254FB396}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AC3SP.exe
FirewallRules: [{F4B23ECE-6DBF-417A-8DF3-B3E4BE413C74}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AC3SP.exe
FirewallRules: [{450BC955-1211-474D-8F07-C71E819144F7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{076E8502-EAE6-4EAD-9254-93F2F0E36256}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{775302EF-8794-472B-BF46-85B0037CC899}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E556F77B-3276-426C-8706-3E3851F65788}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1CFEF93C-5613-4E27-BC2E-DE15D0096CE0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{8CF45B88-F589-4CDC-B930-EB2528678DCB}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{0E3D579F-C712-48C0-B8AA-D7E7C9235E07}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold Crusader\Stronghold_Crusader_Extreme.exe
FirewallRules: [{3B10DFDF-5DE3-4559-8E09-2B415C61C268}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{17654475-8B19-4B88-9552-83C0A910FCB8}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold Crusader\Stronghold_Crusader_Extreme.exe
FirewallRules: [{C79269AE-A5D4-4304-9EDD-C24E8E95D8EA}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{8E1DFB3B-B821-4878-BB67-047E621DD7AF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{3C9E442A-62C4-47C9-A66F-BCB7F2644311}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{9AE74D1F-B7ED-474D-A32D-D645E514B411}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{D64AB105-1D59-45C5-A746-E82EA6E071A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{1B2F4207-A11B-4093-B808-64FEB7C51EFE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\aomx.exe
FirewallRules: [{D4BE5AD1-3543-460A-97C8-C652F361FF64}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\aomx.exe
FirewallRules: [{C889F803-0903-4FA5-8DFD-04DABAF2AA07}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe

==================== Wiederherstellungspunkte =========================

23-05-2017 19:56:51 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/27/2017 06:02:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Gloriaflyx\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (05/27/2017 05:58:26 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\r\r-3.3.0\tcl\bin64\tk85.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\r\r-3.3.0\tcl\bin64\tk85.dll" in Zeile 9.
Der Wert "x64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (05/27/2017 05:57:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (05/27/2017 05:55:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (05/27/2017 05:55:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (05/27/2017 05:55:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (05/27/2017 05:55:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=23, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0

Error: (05/27/2017 05:55:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=21, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0

Error: (05/27/2017 05:55:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=18, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0

Error: (05/27/2017 05:55:14 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0


Systemfehler:
=============
Error: (05/27/2017 05:53:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (05/27/2017 05:53:55 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CAROLA~1\AppData\Local\Temp\ehdrv.sys

Error: (05/27/2017 05:53:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (05/27/2017 05:53:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CAROLA~1\AppData\Local\Temp\ehdrv.sys

Error: (05/27/2017 05:53:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (05/27/2017 05:53:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CAROLA~1\AppData\Local\Temp\ehdrv.sys

Error: (05/27/2017 05:53:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (05/27/2017 05:53:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CAROLA~1\AppData\Local\Temp\ehdrv.sys

Error: (05/27/2017 05:53:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (05/27/2017 05:53:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CAROLA~1\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2017-05-27 18:04:33.407
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-27 17:55:17.206
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-27 17:54:43.032
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-27 17:41:10.162
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-27 16:31:39.315
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-27 16:31:20.929
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-27 16:29:43.868
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-27 10:29:03.438
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-27 10:26:10.415
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-05-27 10:14:27.122
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 7876.91 MB
Verfügbarer physikalischer RAM: 4576.31 MB
Summe virtueller Speicher: 15812.91 MB
Verfügbarer virtueller Speicher: 12305.52 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:226.47 GB) (Free:33.34 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Daten) (Fixed) (Total:10.74 GB) (Free:9.57 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 0006A5E0)
Partition 1: (Active) - (Size=226.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=504 MB) - (Type=27)
Partition 3: (Not Active) - (Size=10.7 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
__________________


Alt 05.06.2017, 10:08   #3
M-K-D-B
/// TB-Ausbilder
 
ESET meldet Funde - Standard

ESET meldet Funde









Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.



Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
  1. Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  2. Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  3. Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  4. Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
    Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
    Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.

  5. Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  6. Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
  7. Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
  8. Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
    Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.

  9. Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
  10. In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
    Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.





Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!







Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)







Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________
__________________

Alt 05.06.2017, 10:35   #4
Gloriaflyx
 
ESET meldet Funde - Standard

ESET meldet Funde



Hallo Matthias,

danke, dass du mir hilfst. Ihr habt wohl derzeit viel zu tun, oder? Habe es im Forum gesehen. Vor allem, weil viele dieses CMD-Problem haben. Das zeigt sich übrigens auch bei mir. Kann es sein, dass dieses Problem mit dem neuen Windows 10 Update gekommen ist? Kommt mir nämlich so vor.

Hier nun die Logs:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-06-2017
durchgeführt von Gloriaflyx (Administrator) auf BALDER (05-06-2017 10:28:06)
Gestartet von C:\Users\Gloriaflyx\Desktop
Geladene Profile: Gloriaflyx (Verfügbare Profile: Gloriaflyx & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Flux Software LLC) C:\Users\Gloriaflyx\AppData\Local\FluxSoftware\Flux\flux.exe
(SunplusIT, Inc.) C:\Program Files (x86)\Integrated Camera\Monitor.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401896 2016-11-03] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-08-22] (IvoSoft)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1720696 2013-09-27] (SunplusIT, Inc.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2678784 2016-03-23] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3386576 2017-03-30] (COMODO)
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Run: [f.lux] => C:\Users\Gloriaflyx\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2015-09-23] (Flux Software LLC)
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
GroupPolicy: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.16.60.1
Tcpip\..\Interfaces\{674872c8-8b5a-47c5-887a-2bfeff0d36c4}: [DhcpNameServer] 192.168.44.1 192.168.44.1
Tcpip\..\Interfaces\{bb538318-92b1-40b0-88af-d342e62259b8}: [DhcpNameServer] 172.16.60.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-04-05] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default [2017-06-05]
FF user.js: detected! => C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\user.js [2016-03-04]
FF Homepage: Mozilla\Firefox\Profiles\j5h72v37.default -> hxxps://webmailer.hosteurope.de/
FF NetworkProxy: Mozilla\Firefox\Profiles\j5h72v37.default -> type", 0
FF Extension: (Ghostery) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\firefox@ghostery.com.xpi [2017-06-02]
FF Extension: (Personas Plus) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\personas@christopher.beard.xpi [2017-05-18]
FF Extension: (uBlock Origin) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\uBlock0@raymondhill.net.xpi [2017-05-15]
FF Extension: (NoScript) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-05-31]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-10] ()
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-10] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3668857010-2765377856-186715415-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gloriaflyx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-14] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3668857010-2765377856-186715415-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-11-26] ()

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [lobonlhedgiilkfmbbbfhkaoefacipgj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [249856 2016-03-23] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10512032 2017-04-23] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-04-23] (COMODO)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-20] (Digital Wave Ltd.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-03] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [118480 2017-03-30] (COMODO)
R2 LPlatSvc; C:\WINDOWS\system32\LPlatSvc.exe [710144 2016-05-04] (Lenovo.)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-03-25] ()
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [259176 2016-11-05] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [40960 2017-03-31] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [831504 2017-03-31] (COMODO)
R1 cmdHlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-03-31] (COMODO)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d62x64.sys [519680 2015-12-08] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\System32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\WINDOWS\System32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [138560 2016-06-15] (COMODO)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel Corporation)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-03-18] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_c8da725822079174\nvlddmkm.sys [14456920 2017-05-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [761600 2015-06-15] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51296 2016-11-05] (Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [735744 2016-03-11] (Sunplus)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-06-04] ()
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-05 10:28 - 2017-06-05 10:28 - 00019174 _____ C:\Users\Gloriaflyx\Desktop\FRST.txt
2017-06-05 10:26 - 2017-06-05 10:26 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Gloriaflyx\Desktop\tdsskiller.exe
2017-06-05 10:26 - 2017-06-05 10:26 - 02433536 _____ (Farbar) C:\Users\Gloriaflyx\Desktop\FRST64.exe
2017-06-04 22:12 - 2017-06-04 22:13 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2017-06-04 13:27 - 2017-05-13 13:19 - 00000118 ____N C:\Users\Gloriaflyx\Desktop\Farbe aus Drogerie.txt
2017-06-04 12:50 - 2017-06-04 12:50 - 08408221 _____ C:\Users\Gloriaflyx\Desktop\Insecta.pdf
2017-06-04 12:50 - 2017-06-04 12:50 - 07676452 _____ C:\Users\Gloriaflyx\Desktop\Intro and Molluscs.pdf
2017-06-04 12:50 - 2017-06-04 12:50 - 07512603 _____ C:\Users\Gloriaflyx\Desktop\Arthropoda2017.pdf
2017-06-04 12:50 - 2017-06-04 12:50 - 05695234 _____ C:\Users\Gloriaflyx\Desktop\Amphibien_Reptilien_2017_Kaltenpoth.pdf
2017-06-04 12:50 - 2017-06-04 12:50 - 02090938 _____ C:\Users\Gloriaflyx\Desktop\Artenkenntnis einheimischer Tierarten.pdf
2017-06-04 12:48 - 2017-06-04 12:48 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-06-03 11:20 - 2017-05-03 18:21 - 00063161 _____ C:\Users\Gloriaflyx\Desktop\Konto_133301317-Auszug_2017_005.PDF
2017-06-02 20:40 - 2017-06-02 20:40 - 00063584 _____ C:\Users\Gloriaflyx\Desktop\Konto_133301317-Auszug_2017_006.PDF
2017-05-31 21:34 - 2017-05-31 21:34 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-31 21:34 - 2017-03-10 23:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-05-31 21:34 - 2017-03-10 23:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-05-31 21:34 - 2017-03-10 23:17 - 00254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-05-31 21:34 - 2017-03-10 23:17 - 00233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-05-31 21:32 - 2017-05-31 21:32 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-05-27 18:06 - 2017-06-05 10:28 - 00000000 ____D C:\FRST
2017-05-27 16:21 - 2017-05-27 16:21 - 00000000 ____D C:\Program Files (x86)\ESET
2017-05-24 12:06 - 2017-05-24 12:06 - 01147686 _____ C:\Users\Gloriaflyx\Desktop\2_-_Spark[1].pdf
2017-05-18 21:45 - 2017-05-18 21:45 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\DBG
2017-05-18 07:54 - 2017-05-18 07:54 - 35397536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-05-18 07:54 - 2017-05-18 07:54 - 28632152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00969632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00920664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00618584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00507992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 40210520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 35290200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 03800992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 03256408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 01996704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438205.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 01598368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438205.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 01062816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 00999840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 11162000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 11129704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 10648520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 09335528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 09102488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 08891160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 01298696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 01013344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00791792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00703880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00626392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00591672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-05-18 04:34 - 2017-05-18 04:34 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-05-18 04:34 - 2017-05-18 04:34 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-05-17 19:14 - 2017-05-17 19:14 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-17 19:13 - 2017-05-17 19:13 - 00000020 ___SH C:\Users\Gloriaflyx\ntuser.ini
2017-05-17 19:13 - 2017-05-17 19:13 - 00000000 ____D C:\ProgramData\USOShared
2017-05-17 18:51 - 2017-05-17 18:51 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-17 18:51 - 2017-05-17 18:51 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-17 18:51 - 2017-05-17 18:51 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-17 18:51 - 2017-05-17 18:51 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-17 18:51 - 2017-05-17 18:51 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-17 18:51 - 2017-05-17 18:51 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-17 18:51 - 2017-05-17 18:51 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-17 18:51 - 2017-05-17 18:51 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-17 18:51 - 2017-05-17 18:51 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-17 18:49 - 2017-05-17 18:49 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-17 18:49 - 2017-05-17 17:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\system32\msmq
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files\MSBuild
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\inetpub
2017-05-17 18:47 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-17 18:47 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-17 18:05 - 2017-05-17 18:05 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-05-17 18:05 - 2017-05-17 18:05 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-05-17 18:03 - 2017-06-04 12:48 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-17 18:03 - 2017-05-17 18:03 - 00003500 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-17 18:03 - 2017-05-17 18:03 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-17 18:03 - 2017-05-17 18:03 - 00002440 _____ C:\WINDOWS\System32\Tasks\{A77B8121-4DF6-4C06-AC86-940FC3B7AF54}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002432 _____ C:\WINDOWS\System32\Tasks\{3A39D014-2508-4DC8-8EED-5D3C5194CC6A}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002360 _____ C:\WINDOWS\System32\Tasks\{B4F731ED-C11E-4F9B-A092-6083F00D4F25}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002358 _____ C:\WINDOWS\System32\Tasks\{077EA0BA-9543-46EF-AA05-A3609078E68C}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002354 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_Dolby
2017-05-17 18:03 - 2017-05-17 18:03 - 00002352 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002342 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2017-05-17 18:03 - 2017-05-17 18:03 - 00002304 _____ C:\WINDOWS\System32\Tasks\{40397F46-4625-412F-9983-FCD60BC4A9E4}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002290 _____ C:\WINDOWS\System32\Tasks\{4428CE4F-B2B8-4E7A-802D-3985A4AE3A2E}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002290 _____ C:\WINDOWS\System32\Tasks\{3C95CE29-D5CC-4534-842A-1D344CDA2CE7}
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2017-05-17 18:00 - 2017-05-17 18:00 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-17 17:58 - 2017-05-17 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spiele
2017-05-17 17:58 - 2017-05-17 17:58 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-05-17 17:57 - 2017-06-04 23:03 - 00000000 ____D C:\Users\Gloriaflyx
2017-05-17 17:57 - 2017-05-17 18:02 - 00000000 ____D C:\Users\DefaultAppPool
2017-05-17 17:57 - 2017-05-17 18:01 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Vorlagen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Startmenü
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Netzwerkumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Lokale Einstellungen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Eigene Dateien
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Druckumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Videos
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Musik
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Bilder
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Local\Verlauf
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Local\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Anwendungsdaten
2017-05-17 17:56 - 2017-06-05 10:23 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-17 17:56 - 2017-06-04 12:54 - 02853756 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-17 17:56 - 2017-05-31 21:34 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-17 17:56 - 2017-05-18 07:56 - 00521816 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-05-17 17:56 - 2017-05-17 17:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-17 17:56 - 2017-05-17 17:58 - 00000000 ____D C:\Program Files\Intel
2017-05-17 17:56 - 2017-05-17 17:56 - 02011386 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-05-17 17:56 - 2017-05-17 17:56 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files\Synaptics
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files\Realtek
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files (x86)\SunplusIT Integrated Camera
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-05-17 17:56 - 2017-05-01 22:51 - 06437312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 02479552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00548800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00146880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-05-17 17:56 - 2017-04-25 23:11 - 07944687 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-05-17 17:56 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-17 17:55 - 2017-06-04 13:49 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-17 17:55 - 2017-06-04 12:48 - 00506712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-11 14:13 - 2017-05-17 19:13 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-11 13:51 - 2017-05-11 13:51 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\UNP
2017-05-10 18:28 - 2017-05-17 18:01 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-10 18:28 - 2017-05-10 18:29 - 00000000 ____D C:\Program Files\UNP
2017-05-10 10:46 - 2017-03-04 08:26 - 00261632 ____N (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-05 10:27 - 2014-01-17 18:49 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2017-06-05 10:26 - 2014-04-02 20:05 - 01391412 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2017-06-05 10:25 - 2014-07-01 13:19 - 00000000 ____D C:\Program Files (x86)\Steam
2017-06-05 10:24 - 2016-11-19 11:26 - 00000000 ____D C:\Users\Gloriaflyx\AppData\LocalLow\Mozilla
2017-06-05 10:24 - 2014-01-17 19:41 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Skype
2017-06-05 10:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-05 10:23 - 2016-06-19 12:32 - 00000000 __SHD C:\Users\Gloriaflyx\IntelGraphicsProfiles
2017-06-04 23:03 - 2016-08-16 20:50 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-04 22:25 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-04 22:25 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-04 22:25 - 2016-06-19 12:32 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\Packages
2017-06-04 22:22 - 2016-11-11 12:44 - 00000000 ____D C:\Program Files (x86)\FanFictionDownloader
2017-06-04 22:19 - 2016-06-19 12:39 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\ClassicShell
2017-06-04 22:18 - 2016-06-19 12:34 - 00000000 __RHD C:\Users\Gloriaflyx\OneDrive
2017-06-04 22:14 - 2015-06-10 22:28 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Office
2017-06-04 13:29 - 2015-08-28 17:34 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2017-06-04 13:26 - 2015-08-28 17:34 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Mp3tag
2017-06-04 12:54 - 2017-03-20 06:41 - 01304378 _____ C:\WINDOWS\system32\perfh007.dat
2017-06-04 12:54 - 2017-03-20 06:41 - 00313768 _____ C:\WINDOWS\system32\perfc007.dat
2017-06-04 12:48 - 2014-01-18 11:54 - 00034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-06-03 22:55 - 2017-03-18 13:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-05-31 21:32 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-31 21:30 - 2010-11-21 05:27 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-26 22:02 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-26 20:56 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-26 20:55 - 2014-01-17 19:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-26 11:11 - 2015-08-31 10:32 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Ahnenblatt
2017-05-26 11:02 - 2017-03-29 13:14 - 00000000 ____D C:\Users\Gloriaflyx\Documents\Ahnenblatt
2017-05-26 09:32 - 2016-12-29 14:16 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-25 22:03 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\L2Schemas
2017-05-25 20:42 - 2014-02-03 22:35 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Audacity
2017-05-25 12:49 - 2014-01-17 19:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-23 21:48 - 2017-03-20 22:36 - 00000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files
2017-05-23 21:48 - 2016-11-06 12:13 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\DVDVideoSoft
2017-05-23 19:58 - 2014-01-17 18:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-23 19:57 - 2014-01-17 18:51 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-23 18:53 - 2017-03-25 11:36 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-05-23 18:53 - 2014-01-17 19:39 - 00000000 ____D C:\ProgramData\Skype
2017-05-22 22:06 - 2017-02-08 20:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-05-21 17:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-19 11:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-18 22:52 - 2014-04-02 20:05 - 00000000 ___HD C:\VTRoot
2017-05-18 07:56 - 2017-03-20 06:43 - 00427608 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2017-05-18 07:50 - 2017-01-17 06:52 - 04136744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-05-18 07:50 - 2017-01-17 06:52 - 03647864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-05-18 04:34 - 2017-01-17 01:59 - 00045061 _____ C:\WINDOWS\system32\nvinfo.pb
2017-05-17 21:19 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-17 19:13 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-17 19:13 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-17 19:13 - 2016-04-27 07:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-17 18:55 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-17 18:52 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-17 18:52 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-05-17 18:47 - 2017-03-18 22:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-05-17 18:47 - 2017-03-18 22:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-05-17 18:47 - 2017-03-18 22:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2017-05-17 18:47 - 2017-03-18 22:56 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2017-05-17 18:47 - 2017-03-18 22:56 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2017-05-17 18:47 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-05-17 18:07 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-17 18:07 - 2016-12-27 17:25 - 00000460 __RSH C:\ProgramData\ntuser.pol
2017-05-17 18:06 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-17 18:05 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-17 18:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-17 18:03 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-17 18:03 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-05-17 18:03 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-17 18:03 - 2016-06-19 12:23 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-17 18:01 - 2014-10-23 21:45 - 00000000 ____D C:\WINDOWS\de
2017-05-17 18:01 - 2014-03-27 11:48 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spiele
2017-05-17 17:58 - 2017-03-20 06:41 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\IME
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\schemas
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Cursors
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-17 17:58 - 2014-07-19 18:43 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2017-05-17 17:58 - 2014-01-17 18:31 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-05-17 17:57 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-05-17 17:57 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-05-17 17:56 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-05-17 17:56 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-17 17:41 - 2014-01-17 17:39 - 00008192 __RSH C:\BOOTSECT.BAK
2017-05-10 10:48 - 2014-07-10 22:11 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\Adobe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-10-22 13:22 - 2015-10-22 13:22 - 0159657 _____ () C:\Program Files (x86)\changelog.txt
2015-10-22 13:22 - 2015-11-07 18:45 - 0375544 _____ () C:\Program Files (x86)\createfileassoc.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 0447464 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\error_report.exe
2015-09-21 16:24 - 2015-09-21 16:24 - 1709056 _____ () C:\Program Files (x86)\libeay32.dll
2013-10-05 00:58 - 2013-10-05 00:58 - 0660128 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcp120.dll
2013-10-05 00:58 - 2013-10-05 00:58 - 0963232 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr120.dll
2015-08-27 10:07 - 2015-11-07 18:45 - 1704176 _____ (Overwolf) C:\Program Files (x86)\OverwolfTeamSpeakInstaller.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 0475112 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\package_inst.exe
2015-10-22 11:20 - 2015-10-22 11:20 - 0000321 _____ () C:\Program Files (x86)\plugin_sdk.html
2015-09-21 16:47 - 2015-09-21 16:47 - 5626368 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Core.dll
2015-09-21 16:48 - 2015-09-21 16:48 - 3937280 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Gui.dll
2015-09-21 16:48 - 2015-09-21 16:48 - 1092608 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Network.dll
2015-09-21 16:47 - 2015-09-21 16:47 - 0216576 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Sql.dll
2015-09-21 16:50 - 2015-09-21 16:50 - 5424128 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Widgets.dll
2015-10-22 13:22 - 2015-10-22 13:22 - 0175080 _____ () C:\Program Files (x86)\quazip.dll
2015-09-21 16:24 - 2015-09-21 16:24 - 0317440 _____ () C:\Program Files (x86)\ssleay32.dll
2015-10-22 13:21 - 2015-11-07 18:45 - 11544552 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\ts3client_win64.exe
2015-09-13 16:41 - 2015-11-07 18:45 - 0390800 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\Uninstall.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 1514984 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\update.exe
2015-10-22 11:20 - 2015-10-22 11:20 - 0520934 _____ () C:\Program Files (x86)\usb.ids
2015-11-08 20:24 - 2015-11-08 20:24 - 0000000 ____H () C:\Users\Gloriaflyx\AppData\Local\BITEEB2.tmp
2015-12-07 14:05 - 2015-12-07 14:05 - 0000000 ____H () C:\Users\Gloriaflyx\AppData\Local\BITF863.tmp
2014-03-24 11:50 - 2015-11-05 12:49 - 0010752 _____ () C:\Users\Gloriaflyx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-13 22:52 - 2014-03-13 22:52 - 0001434 _____ () C:\Users\Gloriaflyx\AppData\Local\RecConfig.xml
2016-05-01 21:51 - 2016-05-01 21:52 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{0B179D57-EBA9-4D85-B0A3-C14982A9ED52}
2015-10-26 15:04 - 2015-10-26 15:04 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{309B8B15-3C7F-4F34-B3F6-0066EA01FC36}
2016-05-11 20:19 - 2016-05-11 20:19 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{3CF62346-6D52-4520-A926-FB0B6E652FF3}
2016-04-22 14:12 - 2016-04-22 14:12 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{B01DDBE6-2D6A-4727-B346-D57950EA3E3A}
2015-11-08 20:23 - 2015-11-08 20:24 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{BAE73680-28A1-4D05-AD07-486B48904EAC}
2015-12-07 14:04 - 2015-12-07 14:05 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{D054697A-BAC1-4993-959D-79690D24E3EF}
2016-01-26 20:38 - 2016-01-26 20:38 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{F1079BA0-943D-4D61-A261-CEFBF1919D56}
2017-05-17 17:56 - 2017-05-17 17:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-22 22:02 - 2015-09-22 22:02 - 0000106 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
2017-03-22 17:45 - 2017-03-22 17:45 - 0000016 _____ () C:\ProgramData\mntemp
2017-03-22 17:45 - 2017-03-22 17:45 - 0005041 _____ () C:\ProgramData\mudtcpaz.vzs

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-30 21:44

==================== Ende von FRST.txt ============================
         

Alt 05.06.2017, 10:37   #5
Gloriaflyx
 
ESET meldet Funde - Standard

ESET meldet Funde



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-06-2017
durchgeführt von Gloriaflyx (05-06-2017 10:28:58)
Gestartet von C:\Users\Gloriaflyx\Desktop
Windows 10 Pro Version 1703 (X64) (2017-05-17 16:07:08)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3668857010-2765377856-186715415-500 - Administrator - Disabled)
Gloriaflyx (S-1-5-21-3668857010-2765377856-186715415-1000 - Administrator - Enabled) => C:\Users\Gloriaflyx
DefaultAccount (S-1-5-21-3668857010-2765377856-186715415-503 - Limited - Disabled)
Gast (S-1-5-21-3668857010-2765377856-186715415-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3668857010-2765377856-186715415-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD}
AS: COMODO Advanced Protection (Enabled - Up to date) {B730BF64-C56F-6633-0EF5-9E639E46CC40}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Age of Empires® III: Complete Collection (HKLM\...\Steam App 105450) (Version:  - Ensemble Studios)
Age of Mythology: Extended Edition (HKLM\...\Steam App 266840) (Version:  - SkyBox Labs)
Ahnenblatt 2.88 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.88.0.1 - Dirk Böttcher)
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.20.00 - )
AoE 2 & TC v1.1 Userpatch AiO Update r5 r5 (HKLM-x32\...\{0CEC2F82-AEB2-4C4B-B450-62C6CEF159FE}_is1) (Version: 0.5 - line0)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Assassin's Creed Liberation HD (HKLM-x32\...\Uplay Install 625) (Version:  - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Cities: Skylines (HKLM\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
COMODO Internet Security Premium (HKLM\...\{901D1D88-408D-48E5-80DD-CC3145BD8456}) (Version: 10.0.1.6223 - COMODO Security Solutions Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Diablo II (HKLM-x32\...\Diablo II) (Version:  - Blizzard Entertainment)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
f.lux (HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Flux) (Version:  - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Video To MP3 Converter (HKLM-x32\...\Free Video To MP3 Converter_is1) (Version: 5.1.0.307 - Digital Wave Ltd)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Hero Editor V0.96 (HKLM-x32\...\ST6UNST #1) (Version:  - )
HL-5450DN (HKLM-x32\...\{7171B206-5C5A-4B7F-B9E1-1F1827FC769F}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.1 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{a2a04474-104a-49b3-9bf5-33afee260030}) (Version: 17.14.0 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.1.413499.43 - Comodo)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.10 - Lenovo)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.14.1 - LG Electronics)
LibreOffice 5.2.7.2 (HKLM-x32\...\{C89BB248-1889-4D6B-B310-A744A0545123}) (Version: 5.2.7.2 - The Document Foundation)
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8067.2115 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 53.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 de)) (Version: 53.0 - Mozilla)
Mozilla Firefox 53.0.3 (x64 de) (HKLM\...\Mozilla Firefox 53.0.3 (x64 de)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
Mp3tag v2.82 (HKLM-x32\...\Mp3tag) (Version: 2.82 - Florian Heidenreich)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7967.2073 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{1F895C18-6A2F-4A9E-BBE9-246783070F37}) (Version: 4.0.16 - dotPDN LLC)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.2 - pdfforge GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
R for Windows 3.3.0 (HKLM\...\R for Windows 3.3.0_is1) (Version: 3.3.0 - R Core Team)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{9B2D2419-CC47-4A73-A7A0-8FA2FFDE0C7C}) (Version: 6.1.1.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
The Sims(TM) 3 (HKLM-x32\...\Steam App 47890) (Version:  - The Sims Studio)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17323 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gloriaflyx\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Gloriaflyx\AppData\Local\Microsoft\OneDrive\17.3.6816.0313_1\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Gloriaflyx\AppData\Local\Microsoft\OneDrive\17.3.6816.0313_1\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Gloriaflyx\AppData\Local\Microsoft\OneDrive\17.3.6816.0313_1\amd64\FileSyncShell64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1D85A55B-993A-45E3-B015-250C795151A1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {26576267-54D3-4A94-97C7-4DCECB1AB3C3} - System32\Tasks\{3A39D014-2508-4DC8-8EED-5D3C5194CC6A} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller" -c -hunter
Task: {420FE51C-0D20-4591-B7CE-77DA17FC435F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {46734673-F9A6-4302-9D04-A119C0518E35} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {47A200AF-0889-49E0-B321-5A47994CCB96} - System32\Tasks\{B4F731ED-C11E-4F9B-A092-6083F00D4F25} => pcalua.exe -a "C:\Program Files (x86)\Die Sims\Die Sims 2\Sims2_uninst.exe" -d "C:\Program Files (x86)\Die Sims\Die Sims 2"
Task: {4A7ED33F-A84F-48AC-B000-ABED4901E0AB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {51DC85CF-A98A-43D8-8C1F-F7248B1FB113} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-26] (Microsoft Corporation)
Task: {5FFE647A-3E5D-4594-9EA5-5B65B185DC03} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {6C4BAE11-65C4-4950-BC26-FF6B6A1A14CA} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {799696A9-5758-492B-8927-81A7E88B1D69} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {856E8075-122F-45E5-BC1C-CE7C0E407608} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {88C43D0B-A2F3-4D79-B2FA-E2378BCFA74E} - System32\Tasks\{077EA0BA-9543-46EF-AA05-A3609078E68C} => pcalua.exe -a "C:\Program Files (x86)\Die Sims\Die Sims 2\eauninstall.exe" -d "C:\Program Files (x86)\Die Sims\Die Sims 2"
Task: {8E279186-208B-4384-BA38-55AEFA56EE1E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-10] (Adobe Systems Incorporated)
Task: {94BBF4A3-D101-498A-8DD5-9C76C5B2C63F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {9D320E3D-5658-4B76-BC1B-6B5DB3F33348} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-26] (Microsoft Corporation)
Task: {9DAF125B-A6D1-439B-933B-388A6A74B24B} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {9FCB8499-497D-41E5-89FE-0231E583FB37} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-26] (Microsoft Corporation)
Task: {A042F675-4FCB-4903-9A13-DE3CDDF82AAF} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-04-05] (Realtek Semiconductor)
Task: {A92B8410-5D79-45B0-A05A-A93C395ABB37} - System32\Tasks\{4428CE4F-B2B8-4E7A-802D-3985A4AE3A2E} => Firefox.exe hxxp://ui.skype.com/ui/0/7.16.0.102/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {AB28F491-13D7-441F-8BE3-99AEF1AF36E0} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {AC0DD1AA-2C9D-41FF-9BB4-E4C0B5CAB66C} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {B59D1B68-72A7-4E68-B9EF-3A0932C2E840} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
Task: {B87DE87D-F54B-4E90-8A66-A192864D7052} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {C3DA719C-9EF8-4F50-BF45-7143C26331AB} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {C5050B7C-1F8D-40E9-9E24-20623960C6E4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {CA1E47C4-6FB4-4B1C-8C9E-2CEE7AD55373} - System32\Tasks\{40397F46-4625-412F-9983-FCD60BC4A9E4} => Firefox.exe hxxp://ui.skype.com/ui/0/6.11.0.102/de/go/help.faq.installer?source=lightinstaller&amp;LastError=1618
Task: {D9A35DD8-3F45-4EF2-BAB3-171204A5C81A} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {DC8BA37A-EFC5-4813-AF4D-6CF617B6471A} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-04-05] (Realtek Semiconductor)
Task: {E59B3A1A-4F35-4A9C-B55C-FFE33FBD2B8F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {E98AD572-71BE-4D8A-B936-AEEF09E30360} - System32\Tasks\{3C95CE29-D5CC-4534-842A-1D344CDA2CE7} => Firefox.exe hxxp://ui.skype.com/ui/0/7.16.0.102/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {EABE54ED-1BBC-44FF-977C-F9A4D104791A} - System32\Tasks\{A77B8121-4DF6-4C06-AC86-940FC3B7AF54} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}\setup.exe" -c -runfromtemp -l0x0007 -removeonly
Task: {EBA005EB-9167-49FC-B0CA-71599621456C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {EE29A92D-3408-4186-B873-7B505989B5B8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {F89037C2-30A8-4D5D-9474-4E51ED8EF8AB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-04-06 18:20 - 2017-04-23 00:28 - 00156352 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2013-09-24 11:53 - 2017-04-23 00:27 - 00107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2013-10-20 02:23 - 2017-04-23 00:27 - 00244928 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2013-04-15 16:45 - 2013-04-15 16:45 - 00182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 16:45 - 2013-04-15 16:45 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-01-18 14:03 - 2014-03-25 20:50 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-05-17 17:56 - 2017-05-01 22:51 - 00133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2014-12-11 15:15 - 2015-04-05 16:07 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2013-04-15 18:39 - 2016-03-16 12:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\autoexec.bat:$CmdTcID [64]
AlternateDataStreams: C:\install.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\createfileassoc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\error_report.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\OverwolfTeamSpeakInstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\package_inst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\ts3client_win64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\Uninstall.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\update.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\ST6UNST.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BRCOMB1A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\common_clang64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPD64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPO64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyAppv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\e1dmsg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\GfxResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GfxUIEx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv4_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ibmpmctl.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ig75icd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10idpp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10iumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd11dxva64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd12umd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdail64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdbcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdde64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdfcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdrcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdumdim64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdusc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfx11cmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmjit64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4531.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCPL.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIServicePS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDH.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDTCM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxexps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxext.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxOSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDK.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhsip64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelCpHDCPSvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelOpenCL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCComp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NicCo4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NicInstD.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6434520.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435382.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435445.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437654.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6434520.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435382.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435445.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437654.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEA64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynTPAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynTPCo34-11.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SynTPCo34-9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tpinspm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WdfCoInstaller01011.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AC3ACM.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\alf2cd.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLM03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLMW03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BROSNMP.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRRBTOOL.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRTCPCON.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\COMDLG32.OCX:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\common_clang32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\divx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\divxdec.ax:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ig75icd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10idpp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10iumd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd11dxva32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd12umd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdail32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdbcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdde32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdfcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdrcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdumdim32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdusc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfx11cmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmjit32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxexps32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhcp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhsip32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelOpenCL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\L3CODECX.AX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Lagarith.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\lame.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mcdvd_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mpg4c32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mslvddsfilter3.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msxml3a.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RICHTX32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Scg726.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SynCom.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TABCTL32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\VB6STKIT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vct3216.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvid.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvidcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvidvfw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\e1d62x64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ibmpmdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\igdkmd64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IntcDAud.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbam.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mbamchameleon.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mwac.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvpciflt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\stflt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynRMIHID_Aux.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynTP.sys:$CmdTcID [64]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\ajax.googleapis.com -> hxxp://ajax.googleapis.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\ajax.googleapis.com -> hxxps://ajax.googleapis.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\BALDER -> hxxp://BALDER
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\BALDER -> hxxps://BALDER
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\blank -> blank
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\hola.org -> hxxp://hola.org
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\lansweeper.com -> hxxp://lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\lansweeper.com -> hxxps://lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\update.lansweeper.com -> hxxp://update.lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\update.lansweeper.com -> hxxps://update.lansweeper.com

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-09-23 21:07 - 00000227 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
127.0.0.1 rad.msn.com
127.0.0.1 live.rads.msn.com
127.0.0.1 ads1.msn.com
127.0.0.1 g.msn.com
127.0.0.1 a.ads2.msads.net
127.0.0.1 b.ads2.msads.net
127.0.0.1 ac3.msn.com
127.0.0.1 apps.skype.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 172.16.60.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{C7306F57-5A89-4B3D-9647-86B9A3EDF4FE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{340A23AD-83FA-494A-8C72-9B119D354602}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8AD0A6CC-7D69-4057-B188-18B82A21EC5A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{D898CACD-C67F-4504-B77C-ECD6C84AF580}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{7229F440-A74A-4C4F-AB16-3580AF902AE3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F068410F-5376-4535-B281-FF1A4DE7EC98}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{E4E3DB35-064D-4E32-A06A-790B57CE72D4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F6240313-6D3B-4897-B26E-D6DF9AD8FAF6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{B74CBF9B-7DBF-4710-A2C9-AABF3BB4FCBE}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [TCP Query User{9D091F3D-2FD7-4B7F-864E-8022F46587C7}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [{617075F9-CF19-4EAF-B308-0D9C8E49D83A}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe
FirewallRules: [{0441E76E-DE86-4CB9-BE6F-057E69B4ED6D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe
FirewallRules: [{5EC522D1-6A39-4BAB-99C5-040ECDC28967}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe
FirewallRules: [{6D552728-80E7-4F84-ABE4-F52314FCA93A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe
FirewallRules: [{395A1E99-B36C-4778-BA40-093A8E11AF44}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe
FirewallRules: [{D1A64703-1DF8-4726-BB86-166DC7712D01}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe
FirewallRules: [{8D530BD0-F6E2-4EC3-A66B-10F11E50E0E3}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe
FirewallRules: [{30170A64-C79C-4B64-9B9C-3C4746BA620F}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe
FirewallRules: [{44D637C9-7D6B-4320-BF3A-0B86F935DC10}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{0783A148-F84A-40BF-941E-9CCF1A929DF0}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{213E06D3-F4D6-49E4-9D54-B49C65461C00}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{21B456D8-BDC2-4203-96AB-5BA372335299}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DE107B61-C58A-486F-AA4F-E530D54C798E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{1EDAF709-CC50-4E06-AE24-EA0A5C1AF3FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{6A4CF7DA-06A5-45B9-8E10-04181104D818}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{6FDC5F18-279C-4E1F-BB58-E9E07E686028}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{683064EE-A4CE-4D85-B72B-DF952EB8B7B1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{A82CEE29-8A24-4B50-8C9C-62B3CA7DE444}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{7DEB59C9-F185-4B63-962A-B0B4D968CE82}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{7E0C1D8F-CAD2-47BC-8DE5-7B87BF53B8CE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{CF751517-40A7-425A-8BAB-FA28E5524C85}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0D5A66A4-EA4E-4D49-A0EB-D4CAD289CBD7}] => (Allow) LPort=82
FirewallRules: [{5115A262-97FC-4BD8-988E-A1BE756874BC}] => (Allow) LPort=82
FirewallRules: [{48BC6F67-412B-4AA6-878F-9F11A089176A}] => (Allow) C:\Program Files (x86)\Assassin's Creed Liberation\ac3lhd_32.exe
FirewallRules: [{40318DF4-D77B-48E2-AAC1-5E57E1AB8610}] => (Allow) C:\Program Files (x86)\Assassin's Creed Liberation\ac3lhd_32.exe
FirewallRules: [{0B9AD4F6-1396-4920-A55B-AE7C8D047D95}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0B3BBFFD-2D34-4233-B5C6-9A147BED8678}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{2E6990E2-28DE-43D5-B85C-15BDE32F0B81}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{6FFB4CAD-BB1B-4986-A25A-0CB0131BFF35}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{2C82E8DB-6B47-4C49-A804-526A1B4EDA6E}] => (Allow) LPort=1900
FirewallRules: [{1EB0D34A-34C2-4A25-9559-DD95C06B4E82}] => (Allow) LPort=2869
FirewallRules: [{82F73D39-E827-44A8-A7CC-A8C1194D18B3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F2264AE5-8A68-4CE3-A3A3-2AB08F9E0C19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{79EA8526-7705-4884-82FA-2A7546F5EBF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{741F57FC-17D9-40DE-AE51-9939E3146DBD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{81047ADA-4835-4F54-98E7-F7825358CD54}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magicka\Magicka.exe
FirewallRules: [{484BE953-A818-46FC-8C0E-762B527FF604}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{79EFDB78-C22F-4ADF-B1BF-BE3A5B63A9DB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{67774682-41F7-4CC1-ADC5-E5F492657415}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\Rtldhcp.exe
FirewallRules: [{8306B7C9-E38B-4B54-8F97-E641457FCF23}] => (Allow) LPort=53
FirewallRules: [{DA823A05-9D34-4185-8310-0704498170A1}] => (Allow) LPort=53
FirewallRules: [{9741EB6E-0D6F-43D5-A3A3-3E511CC4FC3C}] => (Allow) LPort=68
FirewallRules: [{1FE2263C-EC3E-4435-846D-B4D46AA34E0A}] => (Allow) LPort=67
FirewallRules: [{066922B0-6137-42B9-ADFB-0701BFA6EC2A}] => (Allow) LPort=53
FirewallRules: [{22252692-CD41-4ACF-B52D-67673CDCC5B1}] => (Allow) LPort=1542
FirewallRules: [{DBCC0F7A-3603-4C61-B277-724344051344}] => (Allow) LPort=1542
FirewallRules: [{C98C0483-875E-4482-9542-302290834C68}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{2D4B3E19-F842-4DBF-902C-0B595068949C}] => (Allow) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{FA005BF5-DCB5-483D-AD35-6B357B56B78C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Sims 3\Game\Bin\Sims3Launcher.exe
FirewallRules: [{C0581BEB-1F7E-4E69-BD45-DBBA0BE9DFB4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Sims 3\Game\Bin\Sims3Launcher.exe
FirewallRules: [{801BF783-B7D6-49B4-99C0-D9C0BDC2119E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{20CA3455-5661-4C54-9C3C-3D54241E1A75}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{CD3B165B-F2FB-4BA7-AEC8-6863EB001DC5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8E9F6F41-4566-489C-8044-3CDC998AB084}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A15EFEB3-2D8B-4AEC-BB51-73FC90375414}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{606BFD88-6914-483F-A67D-603329CF3C63}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{AC12A9C3-5E3B-41E1-88EF-353322A82CAE}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{981BF606-4B92-4910-8D48-8FD87DA69452}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{98247D04-0FA7-4B03-A834-405A11AC03FC}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{C2256B62-96C1-4E48-966A-D8CC998576A2}] => (Allow) C:\Program Files (x86)\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{B08948B3-0E7A-4D74-ACC1-A8627608A670}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold.exe
FirewallRules: [{1717CBAD-C663-4703-8C51-3E3784162616}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold.exe
FirewallRules: [{9B2E86CB-41BB-4658-8E0B-B4EE59FC423D}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{A0846C27-6804-4492-9622-4B57AFA72EE7}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{AF5497C7-8409-4880-8AC8-50AAA0FF1A3E}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{B8972737-AAE5-44E2-9897-C94EAACA3508}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{11CDF3F1-A21B-4633-9882-3EDE4CF43A87}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{1CECC7CF-3A49-4D19-AF98-EBF3B19DA9EB}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{E018E907-6743-40A1-B276-A9C82EFD8653}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{B59E3FDA-9CE2-475A-9C53-618A01E61F8B}] => (Allow) C:\Program Files (x86)\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{D25DA9A7-D7D5-47AD-ABD7-A88092CADFD2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9471F074-83B7-4DB1-A645-125ED01AFB1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D2F1D9E7-2C11-432E-A09F-6ED1C372FC17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{A2371949-7434-4455-A6F0-C790FF2B30A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{6C2470E2-FA81-4AB3-8C7C-4970A93236C8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A66A8E9B-55CE-4D03-BBB5-462120E28CBA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F03E619D-67FD-4F88-89E2-5DB2B5A4EB1C}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{BE1EAF96-508D-44D4-95FC-8A0E58229036}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{D1551AF8-3700-4A3A-8F2E-27B6E1963D79}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AC3MP.exe
FirewallRules: [{14B632C5-AB0F-46DB-B97F-2E00B376ADD2}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AC3MP.exe
FirewallRules: [{208E418D-C56A-4AFC-B23C-B345254FB396}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AC3SP.exe
FirewallRules: [{F4B23ECE-6DBF-417A-8DF3-B3E4BE413C74}] => (Allow) C:\Program Files (x86)\Assassin's Creed III\AC3SP.exe
FirewallRules: [{450BC955-1211-474D-8F07-C71E819144F7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{076E8502-EAE6-4EAD-9254-93F2F0E36256}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{775302EF-8794-472B-BF46-85B0037CC899}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E556F77B-3276-426C-8706-3E3851F65788}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1CFEF93C-5613-4E27-BC2E-DE15D0096CE0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{8CF45B88-F589-4CDC-B930-EB2528678DCB}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{0E3D579F-C712-48C0-B8AA-D7E7C9235E07}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold Crusader\Stronghold_Crusader_Extreme.exe
FirewallRules: [{3B10DFDF-5DE3-4559-8E09-2B415C61C268}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{17654475-8B19-4B88-9552-83C0A910FCB8}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold Crusader\Stronghold_Crusader_Extreme.exe
FirewallRules: [{C79269AE-A5D4-4304-9EDD-C24E8E95D8EA}] => (Allow) C:\Program Files (x86)\Stronghold\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{8E1DFB3B-B821-4878-BB67-047E621DD7AF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{3C9E442A-62C4-47C9-A66F-BCB7F2644311}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{9AE74D1F-B7ED-474D-A32D-D645E514B411}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{D64AB105-1D59-45C5-A746-E82EA6E071A3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\Launcher.exe
FirewallRules: [{1B2F4207-A11B-4093-B808-64FEB7C51EFE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\aomx.exe
FirewallRules: [{D4BE5AD1-3543-460A-97C8-C652F361FF64}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age of Mythology\aomx.exe
FirewallRules: [{C889F803-0903-4FA5-8DFD-04DABAF2AA07}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe

==================== Wiederherstellungspunkte =========================

31-05-2017 21:31:34 Windows Update
04-06-2017 22:08:31 Installed LibreOffice 5.2.7.2

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/05/2017 10:27:47 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\r\r-3.3.0\tcl\bin64\tk85.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\r\r-3.3.0\tcl\bin64\tk85.dll" in Zeile 9.
Der Wert "x64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (06/05/2017 10:26:25 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\microsoft office\root\office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft office\root\office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/05/2017 10:23:52 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/05/2017 10:23:52 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/05/2017 10:23:52 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/05/2017 10:23:52 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=23, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/05/2017 10:23:52 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=21, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/05/2017 10:23:52 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=18, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/05/2017 10:23:52 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/05/2017 10:23:52 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0


Systemfehler:
=============
Error: (06/04/2017 12:48:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/04/2017 12:48:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/04/2017 12:48:25 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (06/04/2017 12:48:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (06/03/2017 08:01:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (06/03/2017 08:01:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (06/03/2017 11:07:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Software Protection" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (06/03/2017 11:07:44 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Software Protection erreicht.

Error: (06/02/2017 08:42:03 PM) (Source: DCOM) (EventID: 10010) (User: Balder)
Description: Der Server "microsoft.windowscommunicationsapps_17.8218.40507.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (06/02/2017 05:39:04 PM) (Source: DCOM) (EventID: 10010) (User: Balder)
Description: Der Server "microsoft.windowscommunicationsapps_17.8218.40507.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===================================
  Date: 2017-06-05 10:23:49.494
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-04 23:03:24.853
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-04 22:48:24.973
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-04 22:25:34.972
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-04 22:13:45.823
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-04 22:06:58.773
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-04 22:03:24.869
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-04 21:48:24.820
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-04 20:57:01.361
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-04 20:48:24.867
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 7876.91 MB
Verfügbarer physikalischer RAM: 5089.97 MB
Summe virtueller Speicher: 15812.91 MB
Verfügbarer virtueller Speicher: 12736.91 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:226.47 GB) (Free:56.13 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Daten) (Fixed) (Total:10.74 GB) (Free:10.05 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 0006A5E0)
Partition 1: (Active) - (Size=226.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=504 MB) - (Type=27)
Partition 3: (Not Active) - (Size=10.7 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         


Alt 05.06.2017, 10:39   #6
Gloriaflyx
 
ESET meldet Funde - Standard

ESET meldet Funde



Code:
ATTFilter
10:30:08.0363 0x25e0  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
10:30:16.0161 0x25e0  ============================================================
10:30:16.0161 0x25e0  Current date / time: 2017/06/05 10:30:16.0161
10:30:16.0161 0x25e0  SystemInfo:
10:30:16.0161 0x25e0  
10:30:16.0161 0x25e0  OS Version: 10.0.15063 ServicePack: 0.0
10:30:16.0161 0x25e0  Product type: Workstation
10:30:16.0161 0x25e0  ComputerName: BALDER
10:30:16.0161 0x25e0  UserName: Carola Ilgen
10:30:16.0161 0x25e0  Windows directory: C:\WINDOWS
10:30:16.0161 0x25e0  System windows directory: C:\WINDOWS
10:30:16.0161 0x25e0  Running under WOW64
10:30:16.0161 0x25e0  Processor architecture: Intel x64
10:30:16.0161 0x25e0  Number of processors: 8
10:30:16.0161 0x25e0  Page size: 0x1000
10:30:16.0161 0x25e0  Boot type: Normal boot
10:30:16.0161 0x25e0  CodeIntegrityOptions = 0x00000001
10:30:16.0161 0x25e0  ============================================================
10:30:16.0348 0x25e0  KLMD registered as C:\WINDOWS\system32\drivers\21194398.sys
10:30:16.0348 0x25e0  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 15063.0, osProperties = 0x19
10:30:16.0536 0x25e0  System UUID: {8731FF8C-1D2D-360D-4028-42A7DA0623C1}
10:30:17.0223 0x25e0  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:30:17.0223 0x25e0  ============================================================
10:30:17.0223 0x25e0  \Device\Harddisk0\DR0:
10:30:17.0223 0x25e0  MBR partitions:
10:30:17.0223 0x25e0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1C4F1D1D
10:30:17.0223 0x25e0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1C777000, BlocksNum 0x157C000
10:30:17.0223 0x25e0  ============================================================
10:30:17.0223 0x25e0  C: <-> \Device\Harddisk0\DR0\Partition1
10:30:17.0223 0x25e0  D: <-> \Device\Harddisk0\DR0\Partition2
10:30:17.0223 0x25e0  ============================================================
10:30:17.0223 0x25e0  Initialize success
10:30:17.0223 0x25e0  ============================================================
10:31:14.0716 0x13cc  ============================================================
10:31:14.0716 0x13cc  Scan started
10:31:14.0716 0x13cc  Mode: Manual; SigCheck; TDLFS; 
10:31:14.0716 0x13cc  ============================================================
10:31:14.0716 0x13cc  KSN ping started
10:31:14.0938 0x13cc  KSN ping finished: true
10:31:16.0875 0x13cc  ================ Scan system memory ========================
10:31:16.0875 0x13cc  System memory - ok
10:31:16.0875 0x13cc  ================ Scan services =============================
10:31:16.0939 0x13cc  [ AAB860A5E606B9621E130D8C29D3F305, 93466620433B27F3BCFECDA26DD420AD1E5219034BA3B4E930EDED6D6728AE5C ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
10:31:17.0081 0x13cc  1394ohci - ok
10:31:17.0095 0x13cc  [ 4140B14929C555E9513D59A2EEB5C471, 39A8400B3AA7FB1D8EBE87E65F89881AB23B6AE911BECAEC1FD86C7DADD4F1AA ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
10:31:17.0106 0x13cc  3ware - ok
10:31:17.0120 0x13cc  [ D3DB4E3C096EFF74FB6E73E37CB66DD7, 451BE72D50D2316690910B86ACA1EBB5C0F3FE688BAB806EC94BCCB6F3798A0A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
10:31:17.0143 0x13cc  ACPI - ok
10:31:17.0147 0x13cc  [ 3E5E5DAE5CAEC0209C93D3AD8128D8A0, 5CFA4D715AE8D928EA11F213C5A7B0B1C1705D2A8FF041E0A1988E645E669C54 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
10:31:17.0156 0x13cc  AcpiDev - ok
10:31:17.0161 0x13cc  [ F72D7CC7E7A97A09757313F3B4C7E17A, 36E3363380C51A2DB58D3177655A0A75DAA977C00C5A9C60A189068C0AFDC643 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
10:31:17.0172 0x13cc  acpiex - ok
10:31:17.0175 0x13cc  [ F04B6F53FBDB2B6B0451AE53DE19F0C9, 41A8C314A46867BAA45CD9666AAF734AD45B74E2033A8E66D93E17CDDAD66578 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
10:31:17.0185 0x13cc  acpipagr - ok
10:31:17.0189 0x13cc  [ C347A6095F3BE417D24F1E1349F4AF0F, 72C9D759BB132985AF55860658DC01F08590A2BD7E976FCF25E1314C5AA1D37B ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
10:31:17.0198 0x13cc  AcpiPmi - ok
10:31:17.0202 0x13cc  [ 686BFFC47454DD2F58795C2EE891CA9F, 6CC4B6679914742D700A8373DED2DD9A821CA5284D4D73493BA0855DB8E6520A ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
10:31:17.0212 0x13cc  acpitime - ok
10:31:17.0220 0x13cc  [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:31:17.0228 0x13cc  AdobeARMservice - ok
10:31:17.0253 0x13cc  [ E6A1D864EC90F4397DF5AB2633B34DD4, 05F1B7291EBDD9CA1D74649C0DAFCBE5F2CF93E92C5CA16A8AC10B6DF83101A0 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:31:17.0264 0x13cc  AdobeFlashPlayerUpdateSvc - ok
10:31:17.0289 0x13cc  [ FBDA59118E59B3722248C66BAD89CAA9, 11AB83499757E3143834348DE39E85D56EC853071C96337C3ADD8A1E374C6CBC ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
10:31:17.0317 0x13cc  ADP80XX - ok
10:31:17.0333 0x13cc  [ AC1928C2F7505BD556C552F153B062AB, B48EA30F76DEA57868CA74CC775DD60257021A3DE10CE101B8BEFA1CE9D22CF4 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
10:31:17.0352 0x13cc  AFD - ok
10:31:17.0360 0x13cc  [ 1D914C996F2C3134E2344BB74F79BCF6, D27AF01BA29784555AF7D2E89A3A65E81D6AFE1D3C7E8F9367F06D9DF5F88069 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
10:31:17.0376 0x13cc  ahcache - ok
10:31:17.0380 0x13cc  [ 41856B40EE15F96DEC8755AB01FA3CF7, 33C3C899AF9CA15BE5A4CF097FF43DF3F0DBA0E48B6F1E28AE3E76AD76A1C361 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
10:31:17.0391 0x13cc  AJRouter - ok
10:31:17.0396 0x13cc  [ F485CA5559DB37A4882467A4F7D58BEA, A1C648EFE12A5A3356BC0949372ADD0FF0CA2F5A8F992EB71C87E9C0D5C92BB2 ] ALG             C:\WINDOWS\System32\alg.exe
10:31:17.0408 0x13cc  ALG - ok
10:31:17.0414 0x13cc  [ 9C39FBA94FFEF04561D13ED0D1B50DD0, 53FA118DEF37F0BA6030B9CB4C17019E6B5934941514756D66143B7BB66D7CA1 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
10:31:17.0428 0x13cc  AmdK8 - ok
10:31:17.0435 0x13cc  [ 395D56FA2E22A10AE4774440D086F559, 24D7CBE9B82DC8900D9A5E345347FEC330D47FDBD1517A2AC10218BA2A9DFAA9 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
10:31:17.0449 0x13cc  AmdPPM - ok
10:31:17.0453 0x13cc  [ EB729A9ADCB9F9C406B533F95E2F67D4, EDCB8E39C503FF30ECB82F368242179E2788C12B4FD9B557F38380A934E7D8E7 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
10:31:17.0462 0x13cc  amdsata - ok
10:31:17.0470 0x13cc  [ 3B5C5C696F33FE61F1922533B03B9316, C9BAAA9B02547C66A276A31958DFD2A289C5963A4EE3FF306535565240D816CC ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
10:31:17.0483 0x13cc  amdsbs - ok
10:31:17.0487 0x13cc  [ A7D45A303FF8A9493C96C4B804051E6E, 6074C264876A398039D3F89905A486ABA5BDACA038B79920A34323B38CFCB358 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
10:31:17.0495 0x13cc  amdxata - ok
10:31:17.0500 0x13cc  [ C7F9F91698572CF9EDC18EDDE345BF97, 07C02E275686C2AB165EF37825F6D63AA9AAC08FD29878FEF665353DF0C7D23A ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
10:31:17.0512 0x13cc  AppHostSvc - ok
10:31:17.0518 0x13cc  [ 5180537517C27375B1F2CB37ED599FAF, 121BF0E3BDE068CC1E1E9B24DC334BA29348725E9BFB790699E4CC66664A4C3D ] AppID           C:\WINDOWS\system32\drivers\appid.sys
10:31:17.0530 0x13cc  AppID - ok
10:31:17.0535 0x13cc  [ F7FEBF66A705F18DC063DFD259F15102, 394DA8A7355573C4D81C375450DF5C5B2FA6360E246B06FDE8E7F9ADF21360FA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
10:31:17.0550 0x13cc  AppIDSvc - ok
10:31:17.0554 0x13cc  [ 13D7FEA71091D1EAD8ADDD10BFFEA06D, A707CAC76CBF0334E2FCE3220147B382F5E44DEF9E23DD459CF7C40F27771695 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
10:31:17.0569 0x13cc  Appinfo - ok
10:31:17.0572 0x13cc  [ EAF36A714E16A69B8B4ED7591CBA77B6, 11FE2A5D991FB8AF78F4E78FB6DF02005EC5404DC298FE2D4E7774BB0011AB52 ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
10:31:17.0591 0x13cc  applockerfltr - ok
10:31:17.0598 0x13cc  [ 290469FC9FDE400248DA3E528E729BC2, D9ABBEB76673D136698AA2F53C8EB1EAFBBDE365ACCA9AE348523B346143CA9C ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
10:31:17.0613 0x13cc  AppMgmt - ok
10:31:17.0626 0x13cc  [ 82432C4D8E83A94C7644A61697113B4A, 97105B0089A1E02484B202AC58610A5DCFFF6F64402B67F9E8B6FF3A0FDB6E26 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
10:31:17.0650 0x13cc  AppReadiness - ok
10:31:17.0667 0x13cc  [ B4F1CF9D0BE52DB8883655C469AAF521, D907B0838E70EBF5D55F00A87222CABE8904FEB8483F4F8168157F27A4EDB6EE ] AppVClient      C:\WINDOWS\system32\AppVClient.exe
10:31:17.0691 0x13cc  AppVClient - ok
10:31:17.0698 0x13cc  [ 2D2DF2463FACFBF2FEE39DCCDF49D1B5, F083C1B5B2284AB818431ECC6C9A61EBAFA241840727B97DD0E3B4FF0CBD07C5 ] AppvStrm        C:\WINDOWS\system32\drivers\AppvStrm.sys
10:31:17.0708 0x13cc  AppvStrm - ok
10:31:17.0714 0x13cc  [ B86E646CE67FE9D75C0D762B19B465FC, B50C45A06AC6862DB4B183F567D55AE289EB05E6A1B32CC3AEBB6163C4296D79 ] AppvVemgr       C:\WINDOWS\system32\drivers\AppvVemgr.sys
10:31:17.0725 0x13cc  AppvVemgr - ok
10:31:17.0731 0x13cc  [ 2207D2A001A3C30B825F191CD2A76C91, A43EA8CB9E2D1A1FB2DDC738827514588BFFA420A2D618DBCA55614BE2E3B45D ] AppvVfs         C:\WINDOWS\system32\drivers\AppvVfs.sys
10:31:17.0743 0x13cc  AppvVfs - ok
10:31:17.0789 0x13cc  [ EAE1B6D86D661BFC494A3975583F722C, 9F6C4254B62299DAE712B9B6447CF5F6D69B529FE736427D79C2327F5B022670 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
10:31:17.0865 0x13cc  AppXSvc - ok
10:31:17.0873 0x13cc  [ 6E456A94B9BD7F6B4758729BCEDE40C3, 2F3146AC960992FA947A8E8C4D5497624A5BC69B7A3EECA117AD599C70DDE8E3 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
10:31:17.0883 0x13cc  arcsas - ok
10:31:17.0895 0x13cc  [ 6FCFBDF7D820CEB7426D988FA6E3DBA2, BC5C0564AB565F911FC99AD3D8C8FDA61E73BA4387CAAE3AE172DD443C56E617 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:31:17.0905 0x13cc  aspnet_state - ok
10:31:17.0908 0x13cc  [ 766F3A7E42AFCF74265FAC78987D1665, 8FE82913DF5CF79B49B28B3CD782AF09FF30585A37473AE3E518A26C5D6453D0 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
10:31:17.0919 0x13cc  AsyncMac - ok
10:31:17.0923 0x13cc  [ 01733BEEE02E51F712330D5909BD701C, A583B482DBE701A752EDFDEAE2EF16D7160DFEA6077E0C8EF013828E285D960A ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
10:31:17.0932 0x13cc  atapi - ok
10:31:17.0945 0x13cc  [ 8FF48F1C894EDC6AA55CCF01AE1338EC, 446654CC72062061F2F80DEAA30C4F575B34BAC31D50C174F4DA20B7ED2D13C7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
10:31:17.0970 0x13cc  AudioEndpointBuilder - ok
10:31:17.0995 0x13cc  [ DCD20FAF0485C59032397DA2F93746AE, BED193535533E7264FD29BC0AE1BBD6F97EA92FF117EF4A527B0677E630B94EF ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
10:31:18.0038 0x13cc  Audiosrv - ok
10:31:18.0046 0x13cc  [ 6086B5EE0DA4600B2EC2725D82DEB74E, C67CA7021D710CFDCF62B17A2B2890E61E4F1E3D956312688454FD85738C303F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
10:31:18.0059 0x13cc  AxInstSV - ok
10:31:18.0072 0x13cc  [ 0914A5E66C0775CE11960452A6434FEC, 978C1E20023841FBFEF0CEAFE09EDB679612C8E5986C6E40C1F6D0835112D13E ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
10:31:18.0089 0x13cc  b06bdrv - ok
10:31:18.0094 0x13cc  [ F8129321B1874D4386F7FEB754BC3380, 7264E7E2A339E456C0A1A40FDFAE0D202905467400B93FA0700498B86172337F ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
10:31:18.0105 0x13cc  BasicDisplay - ok
10:31:18.0109 0x13cc  [ CFD199354CC01F5857F3F27BC1BA2DBE, 8C3173A28EE11CE62789DC86F2DA56944478015ECB1BA02E1AFFDEDF5280373C ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
10:31:18.0119 0x13cc  BasicRender - ok
10:31:18.0124 0x13cc  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
10:31:18.0134 0x13cc  bcmfn2 - ok
10:31:18.0143 0x13cc  [ C3B27514035315E3C1FCE64E69E253ED, 03AF100927077AD608C5EA47A17081CEA849F44C471AF978F410B83E2ABA5AE7 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
10:31:18.0162 0x13cc  BDESVC - ok
10:31:18.0166 0x13cc  [ ED03D2ACE378C9EB8BB957ABBD85B951, E9AE3025DC4956B736651B20AEA665909C2B468F9AE3E317F545DD4EEEA7D9E8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
10:31:18.0176 0x13cc  Beep - ok
10:31:18.0193 0x13cc  [ 1FDC6CB56572203E6F4BF4E3FB30B886, 81D5C77C823DC078EEEB2DABEE5203D542C824E04FEDD96AA58F96037C065155 ] BFE             C:\WINDOWS\System32\bfe.dll
10:31:18.0223 0x13cc  BFE - ok
10:31:18.0247 0x13cc  [ 5C0D4DBACB90D9ECE77907F4F6CF9EF6, FC29F03FB7E58A9ED17A34BC2D8E39533070B8B23D1A110622C3A213BF48CD2D ] BITS            C:\WINDOWS\System32\qmgr.dll
10:31:18.0306 0x13cc  BITS - ok
10:31:18.0314 0x13cc  [ 2342B8619193B0D9FAC0D02C69DCE74A, 06A1512C9750ACD154DE8873DE6628355B7195759CE54FA96097EA6D56BE320E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
10:31:18.0326 0x13cc  bowser - ok
10:31:18.0344 0x13cc  [ 04B27B2DE2981E79E078FAAC3AA8748F, 716F00D507D37CC549BE665D957186F2CF7B2B8C9B959B0FE8D01EBED2F154C6 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
10:31:18.0382 0x13cc  BrokerInfrastructure - ok
10:31:18.0390 0x13cc  [ 9C7F445B018AB4744B6E0C657B5D1833, 83D04F5E3D4BA46BBD8A67764A60F5731F86B0BE3A85C2858E002ABCC362F592 ] Browser         C:\WINDOWS\System32\browser.dll
10:31:18.0403 0x13cc  Browser - ok
10:31:18.0412 0x13cc  [ 62D38645A251A5742027B0A48672FFE5, 60EDAFB548EF5BC2C90308189E4C14435C83065CE4B23830A255D2D4AE5884F9 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
10:31:18.0422 0x13cc  BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
10:31:18.0540 0x13cc  Detect skipped due to KSN trusted
10:31:18.0541 0x13cc  BrYNSvc - ok
10:31:18.0555 0x13cc  [ AF57F0B0E284BE06860A7B701341324D, F94E44C777FDC049158B7BF73DAFCDB103D08493AC898D1C928771650F664412 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
10:31:18.0586 0x13cc  BthAvrcpTg - ok
10:31:18.0593 0x13cc  [ 729CC10B1658178F0F009FE0E9159281, B0F692CAB2BE47415C8A8CCCE8D53CDDF2B70518536ACF91CF96D74ADD04AF9C ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
10:31:18.0612 0x13cc  BthHFEnum - ok
10:31:18.0616 0x13cc  [ 336A9C0254A0178ED50281B6EDF5B836, C9C454C6EC4FF5897B1873A7E90D1CE8122E43783E978A570CEA75E15F65DE97 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
10:31:18.0626 0x13cc  bthhfhid - ok
10:31:18.0637 0x13cc  [ D8428BEF4033C7BFCD981074E2318F89, 9C0692F8387BAD94CCA4E36B59701A7A7B8FDCB5377B4C2CA75424583835E112 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
10:31:18.0657 0x13cc  BthHFSrv - ok
10:31:18.0661 0x13cc  [ 5428242193611BF91DDBF4F58900A55A, 91D59B0D0C7CA3DBBA8CA7CAD1E24845A224F451FC1880BE8CB7C1585AC79080 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
10:31:18.0672 0x13cc  BTHMODEM - ok
10:31:18.0678 0x13cc  [ 6927D295017E9F1A5D655A8F3A122672, 4B686C93056924580390440B49C721BD9039D5C972994D8EA96CA848B786B693 ] bthserv         C:\WINDOWS\system32\bthserv.dll
10:31:18.0692 0x13cc  bthserv - ok
10:31:18.0695 0x13cc  [ 102CAA11BA89290D48FBFD2E04274BA0, 9C6786AD6C8BE5AF7538BAD553C401B0D7443E533CDE59E975CF3E07EF262F0C ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
10:31:18.0706 0x13cc  buttonconverter - ok
10:31:18.0710 0x13cc  [ 029434AC0A3935F9125ABBD08BF7C30B, 742338B882488CA83F502ACEBFEDC2783B8D9D6C391FE1088988276315A065F6 ] CAD             C:\WINDOWS\System32\drivers\CAD.sys
10:31:18.0719 0x13cc  CAD - ok
10:31:18.0723 0x13cc  [ 307AE8BC9B45772DA02FB952A1D86C35, 4983AC71C8E164D9E6669D345925B4FBEDD0A0A4566887E7ECC56C996B66DBD4 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
10:31:18.0736 0x13cc  CapImg - ok
10:31:18.0740 0x13cc  [ B6E5AD7C83A5254DEE9D86023C0E5A81, 40F297406A025378A6273535475C1FF8C99BC6502B17C0E161131DA754D7974B ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
10:31:18.0753 0x13cc  cdfs - ok
10:31:18.0772 0x13cc  [ 00C7849679FCF4AE8DA78DC16BDDA369, CCEDC195D5D9512BA9E50FF586CB4B7AB9AE7091E71A24D46A934E97D84DFEBD ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
10:31:18.0810 0x13cc  CDPSvc - ok
10:31:18.0822 0x13cc  [ 618DA70D0D90DF3602259C1B121794DD, D2AF7967DE38F3B7C10824A1C900A145F45C57C0F179753A85989406600C4279 ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
10:31:18.0846 0x13cc  CDPUserSvc - ok
10:31:18.0855 0x13cc  [ ABE77AD954BC3D72F559CF0C381E50BC, D0F24B023D7CADD4893AAF223A9BAC00B2C58D552E0C314B506C01767FB74133 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
10:31:18.0868 0x13cc  cdrom - ok
10:31:18.0875 0x13cc  [ 0EC94DA356D89CACD89B6E139E4D0A7D, 2F887681FDD5AB787154403E34623B1DFB61C70DAE5E2BFF1565E100F228870B ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
10:31:18.0890 0x13cc  CertPropSvc - ok
10:31:18.0900 0x13cc  [ 05EA22CFC40EDE05BF6E3BC782E5204C, F0C9C692FC31387E9D19426D3253317B6BA86D7118E3884C11E3287695006443 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
10:31:18.0915 0x13cc  cht4iscsi - ok
10:31:18.0952 0x13cc  [ 863E1C9F6750446DFB9EDCAEC3531367, 88C5EE76FD85640EB1440DEFC7B6CB918E18DC09507BA91FAE285370B8C7D56A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
10:31:18.0998 0x13cc  cht4vbd - ok
10:31:19.0005 0x13cc  [ 3E416539352B007AD0610BF34AC15D31, E2041129770B24AE95C5EC4B507477C72DFE8CB08D412E2621BF67207F9DEB8C ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
10:31:19.0016 0x13cc  circlass - ok
10:31:19.0019 0x13cc  [ 616E1ED94FA7F96D429D985FDB203D2E, EA681C442AA0F7D424C8DABD8D1C14653E61BDE740C0BC4C6C308B5FB4FE67AA ] CldFlt          C:\WINDOWS\system32\drivers\cldflt.sys
10:31:19.0036 0x13cc  CldFlt - ok
10:31:19.0045 0x13cc  [ 96C01F97576D2542FCBD28E13C8CC6A1, 98E2501197B97399EB1F7C8AA96B5696931736E44400314E768A6C029B9E1C62 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
10:31:19.0061 0x13cc  CLFS - ok
10:31:19.0132 0x13cc  [ F6ED2A874E4FC4FC95F544088F0523F4, F5F239A666288373ED93C6F13EC14FC4AC7257ABF117A7DD97F20070F8EC2205 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
10:31:19.0202 0x13cc  ClickToRunSvc - ok
10:31:19.0225 0x13cc  [ A5CA2992D42DB271DF933F49676E57DE, 7CC6B2908D9E2EDF848949C78433FAEC5526AE38307D095AA0EC66BFC45AEE3A ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
10:31:19.0249 0x13cc  ClipSVC - ok
10:31:19.0253 0x13cc  [ 5118CFC33BBB51C7E3ED441B7085AD26, 8D33864FF750926C4B95827FFAD24C558DE8A90FC5B2663084DEAB5ADBBFAFD2 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
10:31:19.0263 0x13cc  clreg - ok
10:31:19.0271 0x13cc  [ 232F3A3AC3A2FB32C5C46503A6517073, 9E0232E095471E6C8825E870F5842838F1AE515E56410F6A5CC3D58A9A4AF33A ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
10:31:19.0281 0x13cc  CmBatt - ok
10:31:19.0459 0x13cc  [ D89A5F783930C19A00716C18F01EA3DC, 81AC9EDA7827516F868B2F3855AA91DEBF0F48528EF573A2C21987829F0F9ED9 ] cmdAgent        C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
10:31:19.0681 0x13cc  cmdAgent - ok
10:31:19.0701 0x13cc  [ 75FAC0C7E718CB9F9E18FC67FBCEA865, A879445088A3A9E1D43B546BCFE74FB0626012CDC31ECBFCFC0C421A09342376 ] cmderd          C:\WINDOWS\system32\DRIVERS\cmderd.sys
10:31:19.0718 0x13cc  cmderd - ok
10:31:19.0742 0x13cc  [ 72F02505AAC0BA64789D7C0F1E748FF2, 7ACCDDA5C43065859275B6A7BE7EBC2258FDD46DA84467EA3D1B4776024527AB ] cmdGuard        C:\WINDOWS\system32\DRIVERS\cmdguard.sys
10:31:19.0764 0x13cc  cmdGuard - ok
10:31:19.0769 0x13cc  [ AB85A7942E1F156F42FFE9C173DD5408, E627AF7F7EEEFC560399C7847A843470D84161FC547767B0278A264DF5891736 ] cmdHlp          C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
10:31:19.0776 0x13cc  cmdHlp - ok
10:31:19.0843 0x13cc  [ 7163FE1A6AA75B34E5E032D522D4B8F3, 18D0DFF879284490094B8E65838D59EF6FAF5EBB69F63E00AD458E8071DF5C4B ] cmdvirth        C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
10:31:19.0893 0x13cc  cmdvirth - ok
10:31:19.0912 0x13cc  [ 3413CE81E02C091F33C4C3DD3071630F, 4758A2BB2FD453E9867C04CC420D12B279BB97E3C4E664A7058EA5F1EC63D04C ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
10:31:19.0933 0x13cc  CNG - ok
10:31:19.0937 0x13cc  [ E1BFF774FF67CA951A5DFF0E104FB132, 68809C4B72C54CEDE3AD33F5634E15A0225A67B391F9012EC7CEBA8AFC6EC3D5 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
10:31:19.0946 0x13cc  cnghwassist - ok
10:31:19.0961 0x13cc  [ DFDAEDB857BC18764F0D8ECDCC3C1499, AE12E908BAF53C605A17A9FB1AFD6BFBEC75EBE45D893541281473C197C71FED ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys
10:31:19.0972 0x13cc  CompositeBus - ok
10:31:19.0976 0x13cc  COMSysApp - ok
10:31:19.0980 0x13cc  [ 04532711732BE9DBC364E88E4A9EC18A, FCEB1F486E146A3FE7307397C1EB6760BFD8A327545F81C546F7134B08615B9E ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
10:31:19.0989 0x13cc  condrv - ok
10:31:20.0008 0x13cc  [ D734EBC7E66D82D543C874ED1FE9B40D, 8381E7B619BB36A1896C2A472AB830B775F317BE6ABDE98E4F943337C21930E0 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
10:31:20.0033 0x13cc  CoreMessagingRegistrar - ok
10:31:20.0059 0x13cc  [ 75C568E62A2BD89A869C34119A66D19B, 2954F25E511947728FE50AA76ACECE0B6952D1984301027F499E2F3DAAEB65D3 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
10:31:20.0073 0x13cc  cphs - ok
10:31:20.0080 0x13cc  [ 1F7F1A15B807BC7B241BB2FEEA79BC92, D756E2247757C274F3470B46FCDBB63317C05E8E66FDA9DB7ABF3A6820933D4C ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
10:31:20.0094 0x13cc  CryptSvc - ok
10:31:20.0107 0x13cc  [ EFB2A77F0CD1B8A79899C1D37B01CA86, 9FA32E0853FA93513ACA2CD4203DE8BC22268ABCA4BBDB366307C106F4FD5917 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
10:31:20.0130 0x13cc  CSC - ok
10:31:20.0146 0x13cc  [ F010BDED808E86E1046F08865C11EDF2, 48FE0D176F7FA1F04685C0A1FD4FFB6464B6B88883D7D50E05C9C6C0636E895A ] CscService      C:\WINDOWS\System32\cscsvc.dll
10:31:20.0174 0x13cc  CscService - ok
10:31:20.0179 0x13cc  [ 994A369A2DFC62ADED1226C70F69D20D, 916AF63ADD92362F5361902AB4C1507086EAB8839BEC10DB65CDE0AAB20681DE ] dam             C:\WINDOWS\system32\drivers\dam.sys
10:31:20.0189 0x13cc  dam - ok
10:31:20.0210 0x13cc  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
10:31:20.0248 0x13cc  DcomLaunch - ok
10:31:20.0260 0x13cc  [ 1175E107082287A58A756239F48E1A73, 0DB2017061D94FAC95CEBD7C4729E42018A92698D72CEE3EA412A9D14DB8D552 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
10:31:20.0288 0x13cc  defragsvc - ok
10:31:20.0299 0x13cc  [ BBCAC50027D030E07EC7E5C36469FAFF, FEF39659F21D2AE676E4882FBAF5A881C534BB7EA26E5EFF9F7B5F8B952D6532 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
10:31:20.0319 0x13cc  DeviceAssociationService - ok
10:31:20.0325 0x13cc  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
10:31:20.0346 0x13cc  DeviceInstall - ok
10:31:20.0360 0x13cc  [ 5B84093D490A6B060C8BE60BA52C876F, D34A854418A66529B18313A50E6D7EAB982611AD9AB0335245AE764FE0602C22 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
10:31:20.0388 0x13cc  DevicesFlowUserSvc - ok
10:31:20.0393 0x13cc  [ F08F70BBD833BAA3BF0D5E500CBEE6CC, 8BB99E6D96CB8B25036549030986EC267C26BF1FC66E4EB00A3E41FE3BB5DE70 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
10:31:20.0405 0x13cc  DevQueryBroker - ok
10:31:20.0413 0x13cc  [ 185A4519B7764F4DEF714D890A7A9FD2, 9805D9DB42D11582583EA3F0FFEE9EF2B0C536DA99A9A3D3863B2669B1CC34A7 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
10:31:20.0447 0x13cc  Dfsc - ok
10:31:20.0456 0x13cc  [ BC5188B3F35BB8070888441A2A740465, 05C18A3DC1BD96C6751E76DBF57C47E526A1F9DF5E013B20B69EA0159CD6CE56 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
10:31:20.0475 0x13cc  Dhcp - ok
10:31:20.0481 0x13cc  [ 5DF493C7954890EEC65CC2A21D479F76, 67087AAAC2AF93F265077AA392444E32DC299918A843A8AECFBE73636A5F2314 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
10:31:20.0494 0x13cc  diagnosticshub.standardcollector.service - ok
10:31:20.0536 0x13cc  [ F38183343C14B0C0BAB900640652257F, 2C42D206A552A527097BF586F338D89252B6F90044A54322757A4B74644E66E1 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
10:31:20.0608 0x13cc  DiagTrack - ok
10:31:20.0623 0x13cc  [ ECCC63B7D88392EC725EFA0B1EA05ABB, BDC406D9AEBB1CCA4CDFAC6D0101D8AABC78C693CD6C675B20BC3157C91F2311 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
10:31:20.0638 0x13cc  DigitalWave.Update.Service - ok
10:31:20.0644 0x13cc  [ 1203EA16F36C5BEB2509FB7CC03DC178, 195209CB711E5BDE24A50C88AA62F32E8AE26F6A83B423374FCA41444F55D1CE ] Disk            C:\WINDOWS\system32\drivers\disk.sys
10:31:20.0653 0x13cc  Disk - ok
10:31:20.0666 0x13cc  [ 626E3564A7588139DE2367E14F8CAAB2, 472530B6DD70F4A5E61A8572B0479A6DF3BE8B4DD1E021BF00D05B3553927463 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
10:31:20.0705 0x13cc  DmEnrollmentSvc - ok
10:31:20.0709 0x13cc  [ 038B8B76284BC291EC75B005BB3EB13F, FE7BD7CF833C4A96ABF4FD6EBAB829CC4D8096780A22A313035D7E49BBA12D36 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
10:31:20.0720 0x13cc  dmvsc - ok
10:31:20.0724 0x13cc  [ 32C76DFE2586EBECFFA4112E9196591C, 190C294F50B96B13D0B776F7C19DCB47EAACBEE999CBA50236CF8C856CF38B17 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
10:31:20.0743 0x13cc  dmwappushservice - ok
10:31:20.0752 0x13cc  [ FC3AA34608A69BDAC67E31FB70C8A720, 38815F527DF963B4A7D93895776DDD618BD29782B1FA74EB1A7319AE58739A06 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
10:31:20.0769 0x13cc  Dnscache - ok
10:31:20.0778 0x13cc  [ F08CB37830A1F9950E8B2F7B1F78CC7E, E4E75645893597F6A02B98DC4F126A664F5DEF7B1CD4C2DEE5CA8ED18DB64C9C ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
10:31:20.0795 0x13cc  dot3svc - ok
10:31:20.0801 0x13cc  [ 3425E26D0A7792F2EE7745C0336C2062, 54A3AFFC31C2641BCE1877F2CBA61D2CD7191BA39FD5B3659491E4E307570C1E ] DPS             C:\WINDOWS\system32\dps.dll
10:31:20.0818 0x13cc  DPS - ok
10:31:20.0823 0x13cc  [ 3D934A1C02EB6979CF45C70A71F580EC, 279B325E18ABF82FF523095D8D5958A3A48C7B7A4F64BD562DDED1D0662B608A ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
10:31:20.0831 0x13cc  drmkaud - ok
10:31:20.0837 0x13cc  [ 5E92CB292D676634058E6C62653C9227, CE35C51B444664641306B4C2E21978B3418B58B2A973B19B908D86FE723FB4C4 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
10:31:20.0855 0x13cc  DsmSvc - ok
10:31:20.0860 0x13cc  [ E479C2656A3A47F5D4FAD10AE6EAED52, B17D18D5440CF131EEADA385989A8ED0DB7728CAAC4E745720947DD1BC4F9EF6 ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
10:31:20.0877 0x13cc  DsSvc - ok
10:31:20.0884 0x13cc  [ 682D7DF9704217DD8716307F9E2EEC05, A8D36414A7316C59995CF9689DD84B2FD3FECE47E39F515C81BC3C439890E993 ] DusmSvc         C:\WINDOWS\System32\dusmsvc.dll
10:31:20.0910 0x13cc  DusmSvc - ok
10:31:20.0951 0x13cc  [ 5FB6528EC95A2E83AE71005108C03D2B, F419FEA6679B59C5993235875C7857E8D960CDDC47E69EF08B20B6774FB08A45 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
10:31:21.0003 0x13cc  DXGKrnl - ok
10:31:21.0020 0x13cc  [ B3B6BE0C21B3CF9DA5FEE9E999B1F4A0, F660FA54D9282A1BF0AD22B7432F1EDC14C675C0B23653728B6A74256D0BAA6B ] e1dexpress      C:\WINDOWS\system32\DRIVERS\e1d62x64.sys
10:31:21.0036 0x13cc  e1dexpress - ok
10:31:21.0041 0x13cc  [ ECA1628436628362856ACF239E6AFD29, 19051DC348918B863E0A272CF56891B8CB49E7E705B8BAC7663D36C797A7B962 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
10:31:21.0061 0x13cc  EapHost - ok
10:31:21.0118 0x13cc  [ D64CD3AE93125EDA383190C2AF607E70, 3D180B96C6A2318842FA03AE5F703320A93CF1F440FF7D0E6F6F9BAD98F2FA02 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
10:31:21.0187 0x13cc  ebdrv - ok
10:31:21.0197 0x13cc  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] EFS             C:\WINDOWS\System32\lsass.exe
10:31:21.0208 0x13cc  EFS - ok
10:31:21.0213 0x13cc  [ FFBB37982E6D24AEC7A2E5459098EAC9, E89DD74540088ECAC9E802D7A059C0A6E3E5412BD42E5E9F26258724458EF8DB ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
10:31:21.0222 0x13cc  EhStorClass - ok
10:31:21.0227 0x13cc  [ ABF38D02E01D6ED87AE1DF65FC5DF62D, 57D48609DA30F60016D2ADEB9A772942FB39A117247EB63FAE3FCF50D726B698 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
10:31:21.0237 0x13cc  EhStorTcgDrv - ok
10:31:21.0243 0x13cc  [ 0910A2954D7053537495DFF981177ACC, 9A70B599B02C67E3E3EC4FA10D76ABABA614B8CC224965B8F9479E13E68019A1 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
10:31:21.0258 0x13cc  embeddedmode - ok
10:31:21.0266 0x13cc  [ CA966CED8970A60FB00A3592564EF093, 4BD904032445235EE69DAA0024E0FB3D8B2325D897A683E334754EB3CA90AB39 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
10:31:21.0285 0x13cc  EntAppSvc - ok
10:31:21.0288 0x13cc  [ B9A59B4AD516E38C39FA416398B96CCB, 4630A9AD414476B47F634F2EB5659597797222A8938B68847B97FECCE1A1B5F8 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
10:31:21.0298 0x13cc  ErrDev - ok
10:31:21.0310 0x13cc  [ 1541374239F33512D7F4D24ED1E9238C, 8B1548D4052A72175EB6ADA9FD4286ACD5041E1CE071DCAC3760BB227FCD3621 ] EventSystem     C:\WINDOWS\system32\es.dll
10:31:21.0331 0x13cc  EventSystem - ok
10:31:21.0341 0x13cc  [ 9C4D88E8614487AD85A6F18A71A7298F, EE6F48C89D6379C7361484EAE7C7FAAA477D48032BFDD0D363E48642E62EADF4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
10:31:21.0360 0x13cc  exfat - ok
10:31:21.0369 0x13cc  [ 8F51A5633DEB18DBC8B1C117B42B23D7, C45FEE32C5AB67CEC86AB1388AC2E3508AF5811D8B8A204AAC8E5DC42C749A2C ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
10:31:21.0384 0x13cc  fastfat - ok
10:31:21.0396 0x13cc  [ ECC5AEFEA31F1A078E954305B8CA6373, 15948D017E3B52D3B4BBEC047F963BD77247E24A59F0532B6A023B0C4159FC84 ] Fax             C:\WINDOWS\system32\fxssvc.exe
10:31:21.0422 0x13cc  Fax - ok
10:31:21.0426 0x13cc  [ 853081957BA148F38FD8DE4390CFCF4A, 37C92C7ABA55A5FF7094F77F8EBEEE1F4BEE161CEC6B01A50FC0D0C39E36C142 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
10:31:21.0436 0x13cc  fdc - ok
10:31:21.0440 0x13cc  [ 885C06C35CC8FAEDDE3CDA36B72CA2A9, FF6584E7AF2FB540B2183665C3E216BE98DE953CEA6A7E4C5F13514BE4AAC9D3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
10:31:21.0453 0x13cc  fdPHost - ok
10:31:21.0457 0x13cc  [ 367E878C79D9F391E3D53B6BBC1B6386, 739D89F6954E17B73F53702CFF8EE985FB241255D962A83BAF1A20E783CAF466 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
10:31:21.0471 0x13cc  FDResPub - ok
10:31:21.0476 0x13cc  [ 514F6A0B83527DD6ACCC8B21A57B10E3, EA3D401E42D05BA39E5874513DFB895A086BECE4D69FC1AC12F85F326A435A4B ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
10:31:21.0492 0x13cc  fhsvc - ok
10:31:21.0496 0x13cc  [ 27E764D6460504B7271AFECE7A59FB76, A32B08142068BF042B3E47C0CA7F4FCFD07A37807B1B8DAAE614F3A132475D52 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
10:31:21.0507 0x13cc  FileCrypt - ok
10:31:21.0512 0x13cc  [ 3D6087F51110F3CC0DA89385354F8C5E, 49FF976C3391A257BCD4B048BF6D1273F8537005E32D65E5F272AF3294639F05 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
10:31:21.0521 0x13cc  FileInfo - ok
10:31:21.0524 0x13cc  [ 057E95E53C38260C4EF49B3A077770CD, 7008E71663046FF1D91D9DC3570094561C812067E1CA07715A1D2E4F787207AE ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
10:31:21.0538 0x13cc  Filetrace - ok
10:31:21.0542 0x13cc  [ 90B2983D8495C26345A1DC5F0C3BB07B, 50D834D40C27EEF5023556A77B13D3335789333E302A73DF221CD86D156FDEE9 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
10:31:21.0552 0x13cc  flpydisk - ok
10:31:21.0561 0x13cc  [ A84261F75F490E45CFEDBA77EFE4F67E, 292BA04D8996140255E4B6105015C2A640890BEFB6C022E30E0D9CBF45D5F4DB ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
10:31:21.0576 0x13cc  FltMgr - ok
10:31:21.0611 0x13cc  [ 3B42FD3CCD1E7A6A192B88284B0CBA4F, 2ABD147A845AAD109F1E27258D60E4AE7AB582F303A821436CFF17645AE8F6D9 ] FontCache       C:\WINDOWS\system32\FntCache.dll
10:31:21.0665 0x13cc  FontCache - ok
10:31:21.0675 0x13cc  [ B282011D13BBEEA0273DF33C5E776D55, B4AF068BBB09D0F546F5590FCDD745250CFD58DD3A8ABF5DC26670FA32D181FB ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:31:21.0683 0x13cc  FontCache3.0.0.0 - ok
10:31:21.0697 0x13cc  [ 8E0A89C8BC29F4B066B1DA4B96A63609, 1F4ABEC209ECDCA20620C7D7DB0C407F8D1032D506259B11FEAF2A0C3E14B1A3 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
10:31:21.0723 0x13cc  FrameServer - ok
10:31:21.0728 0x13cc  [ D2814848206DFC18EB8D3D069FAE703E, A62263CDF9261B692423473F4FF23B01AC864C05850BA5591EB9019906B4A08B ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
10:31:21.0737 0x13cc  FsDepends - ok
10:31:21.0740 0x13cc  [ AE7EDF845F41ACA3B74567C3CE20E987, 6159C227C85912B03D8C35A1EF91705AE6C1C23C7228D6FCC0A9529844798E1B ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:31:21.0749 0x13cc  Fs_Rec - ok
10:31:21.0763 0x13cc  [ FF0699483185CE3B4E1144DF19AC5E97, 9BA0A2F04A1A51AFC3B830452AC75BE2D76300BAF1918BCF5AB60E4EB9888F0F ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
10:31:21.0785 0x13cc  fvevol - ok
10:31:21.0789 0x13cc  [ 4616F61E24B3AEA6E0E4EA7D69531EF4, 34CB16F68E4A4D19346C7FEC29BB5FE09BAAEC19EA730C9B93450F940D124D49 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
10:31:21.0799 0x13cc  gencounter - ok
10:31:21.0803 0x13cc  [ 23174BB6937459B924BB8EF667FB28EF, 6675B87F4DE9CCA96B6BAB9F77C4E0B377828613D9FFB03F7D443AF11321F157 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
10:31:21.0813 0x13cc  genericusbfn - ok
10:31:21.0819 0x13cc  [ 4B11CFBE1D9B73A9D865F6AB26F800BA, BD76CB5AF0EE6DD404875A4C36622C6BC8CCF2975C47E28DD305EB041C6C0B91 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
10:31:21.0830 0x13cc  GPIOClx0101 - ok
10:31:21.0854 0x13cc  [ CF22C0941409C772AA1568DC4F89A111, ED5895F024E64B672EB3FAE6C456FA0D30A068CF2B475A7EE988DEA4DCD6D8DE ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
10:31:21.0895 0x13cc  gpsvc - ok
10:31:21.0899 0x13cc  [ 3FC3FCF557D0BE3D724EA10642E1F6FF, 744D0DDE748A1B681087668CB893F9A60A2BBE80A71098944E75B6A9AA934C82 ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
10:31:21.0917 0x13cc  GpuEnergyDrv - ok
10:31:21.0922 0x13cc  [ DD1A6F4998E7E21564FA9BAFE21C87ED, CAD04E9B8244ACA3314C6FD4422BE7A3B578AF1E61F13773A2C5DB388B3337F6 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
10:31:21.0934 0x13cc  HDAudBus - ok
10:31:21.0938 0x13cc  [ 9F90819E301C70A3A042FC05D3E41B5F, D2175786775D08686264001ABAA4B61DC08A847666F6B9A2A64D10BFC022F646 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
10:31:21.0958 0x13cc  HidBatt - ok
10:31:21.0968 0x13cc  [ 3CA3244C45B25F3B3ED9445C195E40EB, 9C43B31DAB473D29069D0D6BC130660424FE2414BA519107641FA1561C10C76D ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
10:31:21.0980 0x13cc  HidBth - ok
10:31:21.0984 0x13cc  [ 55DAF856F9633DD2519BA4E942870F02, 5283548CB93EB46C5FD3B08E45C97BBFB33D47F11F89560508775889FBF2F754 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
10:31:21.0995 0x13cc  hidi2c - ok
10:31:21.0999 0x13cc  [ E34216A190D9BF8EAA666F6903BCD0EF, DA8529DAF903B447CC5FF2D112F670696549A4B66F54DF9A8C8C615D969CD477 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
10:31:22.0008 0x13cc  hidinterrupt - ok
10:31:22.0011 0x13cc  [ 852DBB5185996AD8C73872A43A453729, 8C20331AE99E280799407CC5FCF88F8F645C331604230876A2CD7C253B9BD633 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
10:31:22.0022 0x13cc  HidIr - ok
10:31:22.0026 0x13cc  [ 6339CC87F0F610D1575C9A419940602A, B2A054ED0B669FA54E250EC2926955B1D944FA1FB2AF5B590C181CB2E9D297BA ] hidserv         C:\WINDOWS\system32\hidserv.dll
10:31:22.0037 0x13cc  hidserv - ok
10:31:22.0041 0x13cc  [ C1A608120DE0DF52E51B8BAF86AF19F9, F3529822E78CFCA2E323A75926A833529889E40BB9602B287CC343C496CB2062 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
10:31:22.0052 0x13cc  HidUsb - ok
10:31:22.0060 0x13cc  [ BD1CF47172B97707DFC66ADA741AE2BE, 9607AB7074FC54D88FDF6E2A31506BCF8ECBF8FD651BB5CEA2421471C24BCED1 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
10:31:22.0077 0x13cc  HomeGroupListener - ok
10:31:22.0088 0x13cc  [ A004895B838003BAE2281DAF193B6A09, 587FCDCEF769B2AED12551B6426477B764CB8A025E692D4EC8B24E1CBA1C06E3 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
10:31:22.0110 0x13cc  HomeGroupProvider - ok
10:31:22.0114 0x13cc  [ 8ADD9CA3E0F18CEA11EA6FAED794A228, B46BA885ED8253A253B1C87C331CA145F7F397AF49853038B3F1EDAF81B2C4BA ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
10:31:22.0123 0x13cc  HpSAMD - ok
10:31:22.0144 0x13cc  [ 2413454E305678EA9A486E8DE2E67849, 5E821E909F99BAB782D89A0CDBFAE5474FEA211EB4F626A824D10D733F3FDC67 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
10:31:22.0173 0x13cc  HTTP - ok
10:31:22.0178 0x13cc  [ D3C45F1B5BB3EE772CDA416A4A3EEB9B, 97CD988CF307EBCC34F37F130F4F2C989DD17E70B2498DB1929B566A3387887B ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
10:31:22.0188 0x13cc  HvHost - ok
10:31:22.0191 0x13cc  [ F60F8390B635156593F7493AE898AFB0, AC5E58CDA12072C5FDBFEA0FA009CE2E251D143FC0878B2658ECCCF797B8B0EC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
10:31:22.0201 0x13cc  hvservice - ok
10:31:22.0204 0x13cc  [ 563F5FC3B46A70A91AB6C8822AC8BF25, 43E647A7752D7444BF306E38571130AB778AA2A6892782C6C1112E47FBEFBC87 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
10:31:22.0213 0x13cc  hwpolicy - ok
10:31:22.0216 0x13cc  [ C082249BC3E972C8A132D9EC6AD9EAD5, D69EEFD97CF5E0BD64D11DE1C331D02A9BE522BB93A40FF32ED434D960B85D39 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
10:31:22.0226 0x13cc  hyperkbd - ok
10:31:22.0231 0x13cc  [ C6C8315E3262FAE460529C6DA2951682, 4ADBFA6601209BF6F5A9797721CBE2011905775CF4E266D7B42F89915D477E95 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
10:31:22.0243 0x13cc  i8042prt - ok
10:31:22.0246 0x13cc  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
10:31:22.0256 0x13cc  iagpio - ok
10:31:22.0261 0x13cc  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
10:31:22.0272 0x13cc  iai2c - ok
10:31:22.0277 0x13cc  [ 42962355A7911407026E920E7252E3E5, 4A4016A53ED61354C81C594968339E6F3CCCFF4A64F8F28AD008ED8137E05AD2 ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
10:31:22.0288 0x13cc  iaLPSS2i_GPIO2 - ok
10:31:22.0292 0x13cc  [ BD47B2FEABFA48C6224D43EE9EA9BC06, 304628CA458AA7B1B8B1CFF12074AD75C1CE7BD41820B99607D7FA99A817D007 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
10:31:22.0304 0x13cc  iaLPSS2i_GPIO2_BXT_P - ok
10:31:22.0311 0x13cc  [ 2184CB3A65888F446FCD6DBA9F073F4C, 0B3D63EC7F61BFAD490C123084965A9F38DBFE587AC9DAE6F4E6B68AD8093DB2 ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
10:31:22.0324 0x13cc  iaLPSS2i_I2C - ok
10:31:22.0330 0x13cc  [ 4126F8DA08CE7924A3AE6F7235F85D5F, 668DC1D09496A95F44C07C5C1F6ED7D3EFC6F89523B2744A86B460E5BECAEFB5 ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
10:31:22.0344 0x13cc  iaLPSS2i_I2C_BXT_P - ok
10:31:22.0348 0x13cc  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
10:31:22.0355 0x13cc  iaLPSSi_GPIO - ok
10:31:22.0360 0x13cc  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
10:31:22.0373 0x13cc  iaLPSSi_I2C - ok
10:31:22.0387 0x13cc  [ D820075D3395BED28FC57AEF8FBA666F, 7589CCCD355D2685C0E6D317AB39F0DB061153E6859A0F53834B001643CFDF57 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
10:31:22.0408 0x13cc  iaStorAV - ok
10:31:22.0418 0x13cc  [ A243E0CE8644378C9A9D015ABC3EDA27, 0C72F6D39DD64A16F54BCE185F4D8E670D386823F6364E9ED284F7F8DE11CBF5 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
10:31:22.0434 0x13cc  iaStorV - ok
10:31:22.0447 0x13cc  [ E16E4FC9F250E48CB2CAD93E59D010E2, EFF558EDD63DB0FD8BA240E94BD5999106233B95BF86BFB99EE9B897F41C542B ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
10:31:22.0466 0x13cc  ibbus - ok
10:31:22.0483 0x13cc  [ EE4787EF275A951CC112C3F5108D148B, 4A11CC606025D134ABD87CE1C4FC73735CBD0F47475C0E1886DCE833C46C6E7A ] IBMPMDRV        C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys
10:31:22.0491 0x13cc  IBMPMDRV - ok
10:31:22.0497 0x13cc  [ 44800BD71FD77FA5B28E0B9FB69E9D1B, CD99EF150E248F2E76244C26C153DEF18C3707AC84FBE58C642949D1F850332F ] IBMPMSVC        C:\WINDOWS\system32\ibmpmsvc.exe
10:31:22.0507 0x13cc  IBMPMSVC - ok
10:31:22.0513 0x13cc  [ E3061D5ABA80394D29E26EA58AF7F69A, 9BCF1AD2CC9C7E48FD350F9D59797E17F355C840EDE428143764F93716159C20 ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
10:31:22.0530 0x13cc  icssvc - ok
10:31:22.0671 0x13cc  [ 658287D76E8D77C08AE98989F99B8948, DBA67B5772E1FE43ABDB3908A1CF86D76F2774BABC20359D2511F06A2A8CAC57 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
10:31:22.0806 0x13cc  igfx - ok
10:31:22.0827 0x13cc  [ A105AD05696D55E6E4F078ED850F6305, 8121A4226D2941EDD4809D516E7684E5C7164ADCF5AA4C8BC6620110625D3E8D ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
10:31:22.0841 0x13cc  igfxCUIService2.0.0.0 - ok
10:31:22.0844 0x13cc  [ E18725531054FE222115873AC1CCB02B, 0FC4B9D5DF77E19E4732759B848B4BCBBD44A124304FA8333BB3B7BC37E15FB8 ] ikbevent        C:\WINDOWS\system32\DRIVERS\ikbevent.sys
10:31:22.0851 0x13cc  ikbevent - ok
10:31:22.0870 0x13cc  [ E9E4BB312F6B544392F44D513FAA2243, 3E6917BCE9F1AF554D57FED9E76B33F36D92145B0090A5F8F64E2A53EB4C54A4 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
10:31:22.0904 0x13cc  IKEEXT - ok
10:31:22.0908 0x13cc  [ 45060257BCA3D60204FEC29F6E6DE458, C9FB92FEEFC0DC5386B545A8E429D60B932360B9044A920F6F2EDD5CF3B7B5A0 ] imsevent        C:\WINDOWS\system32\DRIVERS\imsevent.sys
10:31:22.0914 0x13cc  imsevent - ok
10:31:22.0917 0x13cc  [ 0E33BC018502E7FDE77C343055D9C626, CD1C60E8EDAA044E03E5776962E091C1288204033A57A799D446F9B058D6AD59 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
10:31:22.0928 0x13cc  IndirectKmd - ok
10:31:22.0934 0x13cc  [ 11A3199EB32037559E2E7F37CE75E52F, DC27437C1E6FF005883936612DC17658EA70F532EB001B3715361CE11F4B13AE ] inspect         C:\WINDOWS\system32\DRIVERS\inspect.sys
10:31:22.0943 0x13cc  inspect - ok
10:31:23.0013 0x13cc  [ CC279B89A16615B8DD13422544F6B478, DFC6AF05670CA79D8CC2C89FB5FBD8EECC4FB159CD8EFE422F06BE2A272608B6 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
10:31:23.0085 0x13cc  IntcAzAudAddService - ok
10:31:23.0104 0x13cc  [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
10:31:23.0120 0x13cc  IntcDAud - ok
10:31:23.0125 0x13cc  [ 72586E6D6DD4144D0C4CBD9D2653BBED, 3EE3CBB98D7A2CEEC92A86D5D2F49733BB1FD42F45CDE8973B71022E57093BBA ] IntelHSWPcc     C:\WINDOWS\system32\drivers\IntelPcc.sys
10:31:23.0133 0x13cc  IntelHSWPcc - ok
10:31:23.0136 0x13cc  [ 4B7F8A1AAC7172DB6918A0E10E1D78A3, 1E9922AF9B5458F23A379EDCD61B615B6E53BAF8927237C1C7DCC04122CCF417 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
10:31:23.0145 0x13cc  intelide - ok
10:31:23.0149 0x13cc  [ 0A3DBE89C965FFB7C0D0E38834E77B90, 0166BE79228ED6B3D7AA1BACB4F1BB68357DBF70DF778B2F8A3776E374EE690C ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
10:31:23.0159 0x13cc  intelpep - ok
10:31:23.0164 0x13cc  [ 64EC687A811DC4F69DF3816F073352AA, F70942B67448DF9848F32F88D37E1E0C548CE9FEFC4376628D7CBEF62494D8E1 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
10:31:23.0178 0x13cc  intelppm - ok
10:31:23.0182 0x13cc  [ 549C278119FF539C3B219C55B98B0E87, B4C15AB0C77EAB6C5ADEBD014F610BBFC537EAEB0E3960636624001C8A5DE56E ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
10:31:23.0191 0x13cc  iorate - ok
10:31:23.0195 0x13cc  [ A0F9F2E87F0C751FE164D90EB44A9B63, BE816F17E43E5F80AC65E913AB7F9E77B8D6B70B90A784CB00C907D3DAFFD4DB ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:31:23.0209 0x13cc  IpFilterDriver - ok
10:31:23.0227 0x13cc  [ 57A93FCF94FAB8C2161335E56C81CD16, 4A642E4FF70DA209074B78EC50B76A024DB5D01B8C9FCC405A64AF0F1A7EA389 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
10:31:23.0272 0x13cc  iphlpsvc - ok
10:31:23.0277 0x13cc  [ 656DDB34996A96539BA6E2843B5F2A77, EDC3F1A2BA38A9655361A20B6C8001984AEB1A530C5385CF6EC0AF595305DBC7 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
10:31:23.0286 0x13cc  IPMIDRV - ok
10:31:23.0297 0x13cc  [ DCC05E5EAA580C97F13B434FAFACED85, 5C6CFD3D9FAEB7274E05F3D19D3AA064624500C616650DE227B849B505662BB4 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
10:31:23.0324 0x13cc  IPNAT - ok
10:31:23.0328 0x13cc  [ 9A6B993A95CCA15502DE3C980508DC44, 370A1A4531A72CFBF331ED274913925A269115A13E3A6B5E1821FB48DD7242AE ] IpxlatCfgSvc    C:\WINDOWS\System32\IpxlatCfg.dll
10:31:23.0347 0x13cc  IpxlatCfgSvc - ok
10:31:23.0351 0x13cc  [ 9035C10C7EB8CF7C87CEA82A62EBB43A, A0DA94E80E503DB3C2877CE1BCDC70B3FCC6861ADFBCCE66C6D2592BD63F27DC ] irda            C:\WINDOWS\system32\drivers\irda.sys
10:31:23.0364 0x13cc  irda - ok
10:31:23.0368 0x13cc  [ E7FD479E3298F3C8852A0D2F092BDB35, 07F2E779268EBBF4F32ED1C8423493B36BA823905E71B524C6AEBA0093193307 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
10:31:23.0379 0x13cc  IRENUM - ok
10:31:23.0383 0x13cc  [ 65B145143F6E5E1B5A213F0D9F4C4C44, 0E390BD8D7B4B9562E8FEE0D109DCE0D9EA823FD2D20B39FFACE3331F30FE5BC ] irmon           C:\WINDOWS\System32\irmon.dll
10:31:23.0395 0x13cc  irmon - ok
10:31:23.0398 0x13cc  [ 7FE3B3A30FA20F27AF7022A01C2266BA, 8AB924F08ABF1DCB154B6A3BDB7E3E5A863008B5AFF8E3DB9759848774E00E8A ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
10:31:23.0407 0x13cc  isapnp - ok
10:31:23.0415 0x13cc  [ D492648D96A14BA639B76D177B24CD82, D65D2494BAC8A317FD70293E59D039078D1D19FAE20A4EB2665246CAACFF0C6F ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
10:31:23.0428 0x13cc  iScsiPrt - ok
10:31:23.0432 0x13cc  [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT            C:\WINDOWS\System32\drivers\ISCTD64.sys
10:31:23.0439 0x13cc  ISCT - ok
10:31:23.0446 0x13cc  [ 6E5767C95F746B6834F412CDBDCFEC48, DE4FC70159D0A4C0B15DE8F69554F8FF6EED9C6480C0CBE33BF74FCB0BD975FE ] ISCTAgent       C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
10:31:23.0455 0x13cc  ISCTAgent - ok
10:31:23.0459 0x13cc  [ D247D5C0F8747B52F6AFC7E6E0F3DCCD, 4F0D159DCC0086A64278C0E345A7D50A9F6843EDA1C6AE1F8D031692B3775344 ] isedrv          C:\WINDOWS\system32\drivers\isedrv.sys
10:31:23.0466 0x13cc  isedrv - ok
10:31:23.0471 0x13cc  [ B452921B85EEF6FD43C25DE373FF5C48, 6C8F95AF23BC690D1DC43B0FC40D3B8CB48A86C3262DB6DBFEA559FBE69D16EA ] isesrv          C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
10:31:23.0478 0x13cc  isesrv - ok
10:31:23.0483 0x13cc  [ D36B404BF979297C6572AEF98B2594F2, CB2F4E6589936D35D59CA70B39A29D091540EA125BE4B937AF92CEA0C6D0AAEB ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
10:31:23.0493 0x13cc  kbdclass - ok
10:31:23.0495 0x13cc  [ 7E2036A846789D6D6A2EE21915017EE1, 82AF85CA30B440E453F7694C7EDABB5D2DB213AD2FE8620B92667DFB492229A1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
10:31:23.0507 0x13cc  kbdhid - ok
10:31:23.0510 0x13cc  [ 4C054B8E901F41F5743DADE8A29FF256, 1009CC2503E08AFEA849BA83135C2D75C573FC4D6EFB5DBCDCC7ACB17AF83152 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
10:31:23.0522 0x13cc  kdnic - ok
10:31:23.0525 0x13cc  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] KeyIso          C:\WINDOWS\system32\lsass.exe
10:31:23.0535 0x13cc  KeyIso - ok
10:31:23.0541 0x13cc  [ BA7A5838866618A4E82FBC05B8923605, 96E898C7768BED66487A00E02B2E50516602BCF54E6648F5528E3334AE8527EB ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
10:31:23.0552 0x13cc  KSecDD - ok
10:31:23.0557 0x13cc  [ 6629CAA1F157088B9EDD1EAD24C6D753, 3E5F3BCB34F4B52BE46B96F9F720FE5FB37A01D4E408875F6BB89F5B5C5A3900 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
10:31:23.0568 0x13cc  KSecPkg - ok
10:31:23.0579 0x13cc  [ 365D39AD9D6BD9D61299DC098CDFC9E4, 7747A065818E1747C4FF4A96E069DE36919DFCC564D06CA232FD5EED44152687 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
10:31:23.0598 0x13cc  ksthunk - ok
10:31:23.0608 0x13cc  [ 08F9C3F7FE3019BF53B1405B1820528F, E90940533F88A33C396E1DF9D186E945F030315FB2201E479F144E27387333CA ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
10:31:23.0627 0x13cc  KtmRm - ok
10:31:23.0636 0x13cc  [ 0DD3C5101AE1AA7E28B4CE5AB190C261, FAFFE2102972798210ED5E766F54C5EED6262354E132E1C24539DAA598895608 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
10:31:23.0656 0x13cc  LanmanServer - ok
10:31:23.0663 0x13cc  [ B82D6C634638534E41748FCEC909E55D, C286EB7B3E780549F77E75B4B9F053861D82EFDCD43B1308848A08D23EFADDCA ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
10:31:23.0682 0x13cc  LanmanWorkstation - ok
10:31:23.0689 0x13cc  [ 15314207E40327B5E80ED27D666D202C, 1D820F212B89BEF17A3BA4BCF7AEE07F281E3B67D232BBD04745D4DCE11E5D64 ] LENOVO.MICMUTE  C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
10:31:23.0696 0x13cc  LENOVO.MICMUTE - ok
10:31:23.0700 0x13cc  [ AF1077E89AD4458EC9B1CABB35595346, 762AE3218B7B05032C4199F0AE9ABCC822C3DF88BBB09536202B6B26A7944024 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
10:31:23.0712 0x13cc  lfsvc - ok
10:31:23.0716 0x13cc  [ C0CB3B9F1F92C36B91309FDACCDF918B, 5D40C11388A48323D9D9AC18A950B09E2654092BC2F9DE45779A9354668BA18E ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
10:31:23.0727 0x13cc  LicenseManager - ok
10:31:23.0732 0x13cc  [ FC37745959DFA4871759E4DCC836227A, 8B63F798440FD0A34E2F2940B2598238BC852EF3EFD22147A77AB4BA6FB9E704 ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
10:31:23.0750 0x13cc  lltdio - ok
10:31:23.0757 0x13cc  [ 1797F544956D46966C67A2F7879403A9, D7820D2F8E936FF13D709BA1BD0541AABA8402F38698FE96DAE70B4E7A730835 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
10:31:23.0781 0x13cc  lltdsvc - ok
10:31:23.0784 0x13cc  [ AE561CB0813D4DFA7D3E4471B2B70F5F, 344EA5E02D04098F032353962C1B70B0F578BCCD2843C70D6330B3F967D2FDB5 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
10:31:23.0797 0x13cc  lmhosts - ok
10:31:23.0812 0x13cc  [ 2898230F4D10F57438A57DFF4D33464F, F425888BEDDA6B580D1491396258BB6F9101FAFE87674C9D793F77CA2E96CE95 ] LPlatSvc        C:\WINDOWS\system32\LPlatSvc.exe
10:31:23.0830 0x13cc  LPlatSvc - ok
10:31:23.0837 0x13cc  [ 16C9D4D822CCA795A72DC88B25A577CC, AEF93AA4E815F90C1A42D574C6DE7EF31FE69AD7B78B8E1AC7C27304F3CD7959 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
10:31:23.0847 0x13cc  LSI_SAS - ok
10:31:23.0852 0x13cc  [ 920F0CFCED5F28A31B79F1C470649D11, 5A5F390F2FD7C26807E7896E9F8F94EE7E69FE3C4B247BEA515588EB076148EF ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
10:31:23.0863 0x13cc  LSI_SAS2i - ok
10:31:23.0868 0x13cc  [ 0FE63316F1C70A0F759A449FAC64C24B, CF99D62FDA862095BA1EB57DD58CEC070E0552E15B6F454B87D593707132636B ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
10:31:23.0878 0x13cc  LSI_SAS3i - ok
10:31:23.0882 0x13cc  [ 80E82C46B27A923A3744531069B63857, C73A200FC2A009D19F2C26FAC07489EA0F4329CD7A1D80EB3200B19DFC883F8D ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
10:31:23.0892 0x13cc  LSI_SSS - ok
10:31:23.0906 0x13cc  [ A69A59CD52D26443FF728FD52283598C, E416481B23CDADBB9E608E49C9DC9A520D14935E92CA9B63E7763692DB382D7D ] LSM             C:\WINDOWS\System32\lsm.dll
10:31:23.0934 0x13cc  LSM - ok
10:31:23.0940 0x13cc  [ 88F5570C04766EE561FF129B2F93030C, A36F7FF563F813EC0F69E5BFB76C58A1C9824F54BA1729C4096E8B7B7C8D90EC ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
10:31:23.0956 0x13cc  luafv - ok
10:31:23.0961 0x13cc  [ D365217A6D4528ABB41B40C8FBD227E8, 340129785A5788A8FFE0E1B339A616D290F7504F3658F63E1A3B169B38460FBF ] MapsBroker      C:\WINDOWS\System32\moshost.dll
10:31:23.0973 0x13cc  MapsBroker - ok
10:31:23.0983 0x13cc  [ C3EED732789052C98A2613A7E1C37CDA, D71735C8FB772EEB7F3F304CD79D8D774A9A285A94365DE0E635F61357EC9F0F ] mausbhost       C:\WINDOWS\System32\drivers\mausbhost.sys
10:31:23.0999 0x13cc  mausbhost - ok
10:31:24.0003 0x13cc  [ 4DCE65116A28488593FF5A6A18B03DB0, AAFA7E7C1C9A38B8CF5CE530F96028191F52B1FDD2790246E413B63CF7C5F02A ] mausbip         C:\WINDOWS\System32\drivers\mausbip.sys
10:31:24.0013 0x13cc  mausbip - ok
10:31:24.0016 0x13cc  [ 0609BF877A2F4DEECC62EEE220AB6242, 393268836EB055669997BD05866487497AFC396C9516DA4C4F143679B1DDCA6E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
10:31:24.0026 0x13cc  megasas - ok
10:31:24.0030 0x13cc  [ EEC64C8D498D121607C7615FDFBEE4D0, B605B9886C1A05C999B005AEA6D0677DF632E2F34F4FF03F09C2E6C05F554D50 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
10:31:24.0039 0x13cc  megasas2i - ok
10:31:24.0053 0x13cc  [ 2B7D3B206833D769218A1F4BE2D73B97, 25901A5E931DC3659993448E59ABC3601B7B0ED9AFEF0F5ECC139D0D0442F73B ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
10:31:24.0073 0x13cc  megasr - ok
10:31:24.0077 0x13cc  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
10:31:24.0084 0x13cc  MEIx64 - ok
10:31:24.0088 0x13cc  [ 4F708DA590EDBCC124FB79066D44759B, B8DA803299AF5FDE1594CF958EA6B99D4B99E8163438A70A692CA33A96DBF8DE ] MessagingService C:\WINDOWS\System32\MessagingService.dll
10:31:24.0101 0x13cc  MessagingService - ok
10:31:24.0119 0x13cc  [ 89257B8D3826B5629CF7F73F97DA44F9, F056D67EC82072BA209FF7942862862FDF562F8C038F3128861C387F8F63B494 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
10:31:24.0142 0x13cc  mlx4_bus - ok
10:31:24.0147 0x13cc  [ 9AE3C0CC0865B1618A3C97744A6A9E9B, BF72AEF0360AC278B36ED31E5BFC2E8F72136B0952490A105CB6929654C97F6C ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
10:31:24.0159 0x13cc  MMCSS - ok
10:31:24.0162 0x13cc  [ 0CD29540C32C2E2E0E3D7E9832752AF3, E64C3F5323C59D53409E33E88989FDD2A38B5B602336FC1D8C3702CA9B5EBFC7 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
10:31:24.0174 0x13cc  Modem - ok
10:31:24.0178 0x13cc  [ 534477FCAFDFCA6B841BFA06BD26BCC5, 96404FDF0BA2127A3BD24319637EC0C8BE8C42618D9FEDF66F41C5F72840D427 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
10:31:24.0189 0x13cc  monitor - ok
10:31:24.0193 0x13cc  [ F5D4E18A70BA069D479154442CDEB60D, 96345E88BC6A50415E112A4B4CFDF3F4306EA049741C5B0A2BFFC142F15EB5CB ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
10:31:24.0203 0x13cc  mouclass - ok
10:31:24.0206 0x13cc  [ 5C09868963B0C076AC3BC7759A46B7B1, 64CD200A8D90CDC31317009636A3BB6574ABF04BCAC903F93C47823C40CC03F6 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
10:31:24.0216 0x13cc  mouhid - ok
10:31:24.0221 0x13cc  [ 8BF7039787036529B98E50AE86A0E46B, 69C04D012D026A14E2D2A138EDA79227F9BE4BE1892D517DCDB797F2A5AEDB14 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
10:31:24.0231 0x13cc  mountmgr - ok
10:31:24.0236 0x13cc  [ 8ACBB9A5C1E2846215F93227D4197B00, 0BCC8C0BF1C32F58C4E0A9097354DE6E29ACA16CF3CD4565507DD072A4BC5528 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:31:24.0246 0x13cc  MozillaMaintenance - ok
10:31:24.0251 0x13cc  [ AD118EC95E9EF4D5223D681D8F183567, 395B76626956F5B7992676B9CA57B2CA075F0CDA881E14B3ED07ABE2DC0EEDBC ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
10:31:24.0262 0x13cc  mpsdrv - ok
10:31:24.0281 0x13cc  [ FA53A01517BBA97EA3B71CF5CC2052F4, C6F7CBDFAD629B2D4B6ED6A471708E8DBEB5CD5E0A992848359D3C0A82FDFCBE ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
10:31:24.0316 0x13cc  MpsSvc - ok
10:31:24.0323 0x13cc  [ 84A7AF1DB4EEBEDBA3F41FF4D3234091, F49E140D0DEA2BB98205A8CA7C0ECB366FFF02D528A83760E9358DFCFF5A90D8 ] MQAC            C:\WINDOWS\system32\drivers\mqac.sys
10:31:24.0337 0x13cc  MQAC - ok
10:31:24.0343 0x13cc  [ D14C297933C82B8CB0B5CBBA4DDC830B, 2EF356F5373F16A7AE2421187FC5C150C09452C835229275B7403181D65C210F ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
10:31:24.0359 0x13cc  MRxDAV - ok
10:31:24.0371 0x13cc  [ F2AD1B72C5A6475FB5FF332E1980DF88, 41E24496FBD61C0A333F567DA7C4E38C5A792724FB56448189099F60114749D5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:31:24.0387 0x13cc  mrxsmb - ok
10:31:24.0395 0x13cc  [ 469DD958B1D8CB09E38BE2298B8C398D, 97CCEFF58D8865B0D27C4E16B082C20FA5279CF01A37F47B5F2DA39B334F0667 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
10:31:24.0411 0x13cc  mrxsmb10 - ok
10:31:24.0418 0x13cc  [ 1FC4802B593494746B6FE3BDAC25E371, 774CC950B46B3E32603D368D9938BFCF60D2BB3C14C3FE8B03CB1E724AAC29EF ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
10:31:24.0431 0x13cc  mrxsmb20 - ok
10:31:24.0435 0x13cc  [ BD12E1941A87671A767447B02C6A51A1, 7FCB3077E827639CE23CC2C6FE997A33F7A702D266C0277AF01453B5ACC0966D ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
10:31:24.0449 0x13cc  MsBridge - ok
10:31:24.0454 0x13cc  [ 41C5D9B52F4A1B30C3F7219D601CF12C, E1C1B1CED19D32FA1B765C7C380B9E749893B2018CF358F448E40DA60CB63166 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
10:31:24.0469 0x13cc  MSDTC - ok
10:31:24.0474 0x13cc  [ 92C00BD9616F353CA59A755C33269757, E67F05A4A1C44137CCAC0C7292A7010B5920172ACAE32638600E231F28F33035 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
10:31:24.0485 0x13cc  Msfs - ok
10:31:24.0488 0x13cc  [ F27EC8F7A0A779276E5DA2E70C2B01EE, A450DB309F84CAFFCE2A720612BDB260D88E9C390D2BC60874D73A55D8567E04 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
10:31:24.0497 0x13cc  msgpiowin32 - ok
10:31:24.0500 0x13cc  [ CBA955A54C9446CAAD28C76789D3B071, F6CA1BECA35B13B7CCC9FFB325FACF22713F6B81E8A6540C9967A462E425BBEC ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
10:31:24.0510 0x13cc  mshidkmdf - ok
10:31:24.0513 0x13cc  [ E8E568EF60677E4534F387C53EE1B35F, 2E250EE1A9AE8AFDCA5216BED87328B05713386BD7E61C66A74EF021F2AFE7D7 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
10:31:24.0523 0x13cc  mshidumdf - ok
10:31:24.0526 0x13cc  [ 16376B7B0730C04DD1A2C0CC8E09E420, 2F39D3254FD272E277B5496A8C93A7CBFBF80F6004AE0343BE9F09C538975910 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
10:31:24.0534 0x13cc  msisadrv - ok
10:31:24.0539 0x13cc  [ 75FE54E84C1EB0C9C5E09F9FD5928ECC, 971CFEE8FB8364D17CD392E32A32AE57BE6461EAB6C580B52E6D752D4CFDD6B3 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
10:31:24.0554 0x13cc  MSiSCSI - ok
10:31:24.0556 0x13cc  msiserver - ok
10:31:24.0559 0x13cc  [ B26E1C10C8323D2B6ADAF504CD487757, 758DBCDA43D62547ED274D2E09A66B266470C86A89A3BEF387E535DB37A7EA44 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
10:31:24.0578 0x13cc  MSKSSRV - ok
10:31:24.0582 0x13cc  [ E40B960078A15D4901265D32E071C42D, AC11B8221C8F529FE3CA6FEB99AF699664C86008A732C3A8E6B1CE31C2272454 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
10:31:24.0594 0x13cc  MsLldp - ok
10:31:24.0597 0x13cc  [ 1EC9FC8E5101139CF84589E8EAC24B9A, F351661FC548FEC2652018B4F1A2BC64FD938637A518EEDC9B6ED97471BAAC9B ] MSMQ            C:\WINDOWS\system32\mqsvc.exe
10:31:24.0609 0x13cc  MSMQ - ok
10:31:24.0612 0x13cc  [ B4860AB91DC4E73936F0FF504D6B4B07, 7371093D9EB62218D20F6B8B3C88CBF01932AEA2923ED119962A78BE46E5A939 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
10:31:24.0630 0x13cc  MSPCLOCK - ok
10:31:24.0633 0x13cc  [ 8EDC45C3F7F64A51C98B59E24648F74B, 445731F32A37A99FAB3CD5D178A84FB4F835727826211FF18623409D29FF3A1A ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
10:31:24.0651 0x13cc  MSPQM - ok
10:31:24.0661 0x13cc  [ 7DA5FAC2A49D30CA5B7B96B8B26281AC, 168C3AA5C7318184D8F67EA832920FCE64E11D4CC418517D7BDACB9632F0BEA8 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
10:31:24.0675 0x13cc  MsRPC - ok
10:31:24.0683 0x13cc  [ 4369BBFCDDCCE61856DD862C8E5C4E19, 23BA06675997A3A46723D0FC9E3DFEBC17E4149FC67B9DCED3011BBB5B5DCFF9 ] MsSecFlt        C:\WINDOWS\system32\drivers\mssecflt.sys
10:31:24.0695 0x13cc  MsSecFlt - ok
10:31:24.0699 0x13cc  [ 7E3365C8BC83DCE88D6226BB5C7170C4, 69D741039CAAFCA93A4CC09CEC14F117527D732A6CF3077AA83E935B03EC3F9C ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
10:31:24.0708 0x13cc  mssmbios - ok
10:31:24.0711 0x13cc  [ 09D51564E49181E9928910D6B91C920E, FB3C918820ACF4506AC49478709B4D4C6489BA0B5113E666C34B916CA5CD6DE7 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
10:31:24.0729 0x13cc  MSTEE - ok
10:31:24.0732 0x13cc  [ 793AE56A3946EAD5F906C28D294FEFE6, BB563D088084026606C2FBD30A0850BA18363CC173CC6C77272D727CA6C1F9BD ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
10:31:24.0743 0x13cc  MTConfig - ok
10:31:24.0747 0x13cc  [ E35F51C7474A26680627477462715206, 435490915CDD416D666B64C6B4526285EC946E6918CFA85585692B9ED43518B6 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
10:31:24.0757 0x13cc  Mup - ok
10:31:24.0761 0x13cc  [ 74BD1149BF50F1E24934042A3BD17C90, DC4626DC4D629CA7DF336EC7E6435F27D2E252D81945E57F4BF2C981DBCD9B45 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
10:31:24.0770 0x13cc  mvumis - ok
10:31:24.0783 0x13cc  [ 39C772E20B8C61858F969E4D60699D89, 32146D265CD315597C48FB233D77DDACB0FEDDB7E800A0F411A67844BB3ACC67 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
10:31:24.0815 0x13cc  NativeWifiP - ok
10:31:24.0832 0x13cc  [ BC80F85C129F12A5F64D6741A120B539, AD410F13BCBDE54F98E353BD4DAF30CC5A0A9990FC4F1AB3623EF3175EEBCAF7 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
10:31:24.0868 0x13cc  NaturalAuthentication - ok
10:31:24.0875 0x13cc  [ F2EA6F3165E154C24C084AC35DD6C3F8, 4F8CB75770945F5A28CC308917A124109F7462CE933695B9CAA3FE2CAE76C445 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
10:31:24.0889 0x13cc  NcaSvc - ok
10:31:24.0898 0x13cc  [ 9B3C6582CFB91BA2A04B1D06D8E2FB98, 431E6B075FD24002724E8A2ED9FB3221AD66D1F1D021B56466187D97E5B43A1F ] NcbService      C:\WINDOWS\System32\ncbservice.dll
10:31:24.0917 0x13cc  NcbService - ok
10:31:24.0921 0x13cc  [ 932E2E43078A3D786A46A5428F21B314, 17F1CC3388D80F1E1850063114C1EB72EEA149D9C8FA3501C0F9EB55C9E0C58D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
10:31:24.0941 0x13cc  NcdAutoSetup - ok
10:31:24.0946 0x13cc  [ 0FFE8AF1B94C5FD54E6ACC6DAE990D31, B67D3CA3460D4700D8B83EFE4B6A7AA940650E84D985484FBAA1EE80F3632133 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
10:31:24.0955 0x13cc  ndfltr - ok
10:31:24.0978 0x13cc  [ E27876B335FEB441DA511030AA85624D, 6B4FA08463166A2B32F317E6FEDE3C22EB8FFA5B2077955A0B2F2184858BDDE7 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
10:31:25.0008 0x13cc  NDIS - ok
10:31:25.0013 0x13cc  [ 4EA73CFDEE4A628D387D95464A131F29, 38A6E2389FA9B20A7AFDF3CFCD13B66489B92D853EE486BF81019F0A36A142E1 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
10:31:25.0030 0x13cc  NdisCap - ok
10:31:25.0035 0x13cc  [ EB127689AF6F24091AB73538A556257F, BC25067D355084D6893E9262750433044C28893BB27A67BF7AF5008742C6D359 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
10:31:25.0055 0x13cc  NdisImPlatform - ok
10:31:25.0058 0x13cc  [ 73B4C72FB6170A08C64BDA92DE93ECF7, 766BBE659232F0F5EAEE577EE88091FB76175BC52D65B9637126069C97E795D4 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:31:25.0077 0x13cc  NdisTapi - ok
10:31:25.0081 0x13cc  [ 6704F27EB15A5B30AA7FA5A4F4D1FD47, 841F99B3C751F4D4E23C0E7B5C275B4871C1D5EF937A93129DF64DF49F6B6736 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
10:31:25.0092 0x13cc  Ndisuio - ok
10:31:25.0095 0x13cc  [ FE87CCAA89433FC306A80F15E848F4B2, 3269FDF53DA59057E066D582FCBB96B71C8063B8F488856A9DEA414B4797E43A ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
10:31:25.0107 0x13cc  NdisVirtualBus - ok
10:31:25.0112 0x13cc  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
10:31:25.0134 0x13cc  NdisWan - ok
10:31:25.0141 0x13cc  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:31:25.0163 0x13cc  ndiswanlegacy - ok
10:31:25.0167 0x13cc  [ AC6AC99075732F5C29DB0004DD5B1AC6, 684EC821EF5C60DA540CA36EC192B09E62440AAD5B13F0F4C23DDC4A9B96F28C ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
10:31:25.0187 0x13cc  ndproxy - ok
10:31:25.0191 0x13cc  [ 9AC090451D92E6081EB89CDA83D74189, D4D442412F112853AA8D88DFB5F695AE4E8E2C361905992537EE53BE675FECE8 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
10:31:25.0212 0x13cc  Ndu - ok
10:31:25.0217 0x13cc  [ A115DDB2C7805C41EEC9A5276FF5764E, FC81D0BE2DAAC6E7161C0FC5C90050022A39AD50E28040D5357C0E1FD6C0B6B5 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
10:31:25.0230 0x13cc  NetAdapterCx - ok
10:31:25.0234 0x13cc  [ F420B6CAB5151A38E4DBBFFB500C11DA, 271F495B261461B8EA847BFDD87C155E6DC1B6236C161B8253A1F023706B1B1D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
10:31:25.0243 0x13cc  NetBIOS - ok
10:31:25.0252 0x13cc  [ 30C2F67EC84EB11B22011620107E0325, 98088685F457566FD8D13B83A0BF6B06CDC70AC156B67BF87A8A8446C150C1F3 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
10:31:25.0270 0x13cc  NetBT - ok
10:31:25.0274 0x13cc  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] Netlogon        C:\WINDOWS\system32\lsass.exe
10:31:25.0284 0x13cc  Netlogon - ok
10:31:25.0292 0x13cc  [ D9FF8CA42C3541F4840693F17143C595, B05FB0B6439B34BD93EE59DC48BBE3D712A7428EFBFE37A887CE8546E57EE68F ] Netman          C:\WINDOWS\System32\netman.dll
10:31:25.0309 0x13cc  Netman - ok
10:31:25.0318 0x13cc  [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:31:25.0331 0x13cc  NetMsmqActivator - ok
10:31:25.0335 0x13cc  [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:31:25.0344 0x13cc  NetPipeActivator - ok
10:31:25.0356 0x13cc  [ 96173660A4DD4A56E4B8938A67DAD9B7, F1D8F94625C6461DB89F8D3BDC73748F8A7F3446694BD1F148AF9BE6F17E9543 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
10:31:25.0386 0x13cc  netprofm - ok
10:31:25.0394 0x13cc  [ 79C810D49E6D2825F51B0D7CAA6E2FAD, 19B7FB87FC8CE8FEA456F06D32099ED5B69FE38D2954580D4CEC32998D206E9F ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
10:31:25.0411 0x13cc  NetSetupSvc - ok
10:31:25.0415 0x13cc  [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:31:25.0425 0x13cc  NetTcpActivator - ok
10:31:25.0429 0x13cc  [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:31:25.0439 0x13cc  NetTcpPortSharing - ok
10:31:25.0445 0x13cc  [ 8C03F2F5A9E93AEB08B3AEE51552394A, F95185FB8D5FDEAB39E593488BA6ABCFA9C081BFED05008E0CD95F29B894AFC8 ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
10:31:25.0457 0x13cc  netvsc - ok
10:31:25.0513 0x13cc  [ 1F91B1E5FD41BDC3DF8AFFB81C8AA277, B8CB13863C1F0C589C008E191A393DF241F3067DD7CADE02B3B7D36B28BBA2ED ] NETwNb64        C:\WINDOWS\System32\drivers\Netwbw02.sys
10:31:25.0606 0x13cc  NETwNb64 - ok
10:31:25.0624 0x13cc  [ 0C124EAC0EF7B3767280C94A8C03615B, D10216726A221C8FBC67C47F4B266C271A7C7A4438F77AC44BB561E0A6EB6D34 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
10:31:25.0647 0x13cc  NgcCtnrSvc - ok
10:31:25.0668 0x13cc  [ 6A3DA98447EF49AEB7931ECFBA51AFAD, 9F8E7313E6FD1F46AF22C9C58C877869E73848F459A73F16E0A6AC261BC483DE ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
10:31:25.0704 0x13cc  NgcSvc - ok
10:31:25.0714 0x13cc  [ 50F98CD010326B58F09082BACF3123AE, 124446A2905E23BB3F5763E347842F3F511EC44C37C2F85E409F73EC8F53924E ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
10:31:25.0741 0x13cc  NlaSvc - ok
10:31:25.0746 0x13cc  [ 6D8F6A9C53CFB0C49E8251A442B7283F, C3E913E4997C35A9B4C2E613A499F01D15264EAB699B93269B690B2A74A70E9A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
10:31:25.0758 0x13cc  Npfs - ok
10:31:25.0762 0x13cc  [ BABF7E1757D6908941C9F9CBD66A5EF0, 323E743CB26583763A9C5DE64E7E08138CB8D3E2DE0A8BCE9F774E1C7426E7F8 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
10:31:25.0772 0x13cc  npsvctrig - ok
10:31:25.0776 0x13cc  [ A85EB5721C7203AAAAAA04F551960CD9, E61ED728E154799346C749159BFE36FAEB2CE64FC5735F533B910017D66A7EE5 ] nsi             C:\WINDOWS\system32\nsisvc.dll
10:31:25.0788 0x13cc  nsi - ok
10:31:25.0791 0x13cc  [ 7A6BA778B48DF9FB7AC231D4FF6E3248, 5959CA59C75D2C4DD8A539CAA8D99EF6A0CB5AA3F0D485B14C8B35911748F1F7 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
10:31:25.0802 0x13cc  nsiproxy - ok
10:31:25.0841 0x13cc  [ 731FD52461C8107E5B19B9AEDBB82BFB, 51B6722B9B2863B4AE23CE6B1DBD8481DA341748196BD482C6C5F4A6959F24F9 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
10:31:25.0897 0x13cc  NTFS - ok
10:31:25.0903 0x13cc  [ 4FFB2D5655D10700D5B8E205C4DB86BD, 69078960669A373F9C2D47AF2ED841619831106B681EBAAEAAE5BD569A54CE6D ] Null            C:\WINDOWS\system32\drivers\Null.sys
10:31:25.0913 0x13cc  Null - ok
10:31:25.0917 0x13cc  [ 99EB6376EC2C03CE5F668577651E3454, A783FFBF89A9074E2074ACAF3F55862DF2F05CAFEAF6A2D509DDA665EB0D59CB ] nvdimmn         C:\WINDOWS\System32\drivers\nvdimmn.sys
10:31:25.0929 0x13cc  nvdimmn - ok
10:31:26.0234 0x13cc  [ 76F187A361C4005708CB6372B4C43264, 81F1ADA87D2D9647368C2D87C0FFFA52430708A6075C03066C3ADD9EFBE353FF ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_c8da725822079174\nvlddmkm.sys
10:31:26.0469 0x13cc  nvlddmkm - ok
10:31:26.0515 0x13cc  [ D2FE0376285A783693469422678E878B, 9F0B1A6694CA7BDAAA3B26BE1D344A3FC7B98162518A259C273360EFF075CD75 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
10:31:26.0546 0x13cc  NvNetworkService - ok
10:31:26.0552 0x13cc  [ 3DB2E9E207358BFBD09B77B5119ECA5B, 55FED85EFC06B7AB5031D9986E4E4D2FA8841C549081ABBA9F9D9BBAB7852B37 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
10:31:26.0563 0x13cc  nvraid - ok
10:31:26.0570 0x13cc  [ 4C04BFBD4DB2EECCC47F5FA39D65BB6E, 9312DC4F7000991946D92D87DD9D37D70E336629EDBA553BFC79804049E34B73 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
10:31:26.0581 0x13cc  nvstor - ok
10:31:26.0870 0x13cc  [ 4F0E2990DB12849D428DE7B0AC5D92B9, 77A058EFFE07E46F0DFF419DC1C204C245598E6A6F6EDFF545802D9C1573EAA0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
10:31:27.0141 0x13cc  NvStreamSvc - ok
10:31:27.0164 0x13cc  [ 939C0FAE9CC0CDD69E6508BDE4C11FE5, 1E82FF4A8797A0EC5DF0E54DE7F358542C73FFFBECADDF86ED66839182E3B55D ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
10:31:27.0170 0x13cc  nvvad_WaveExtensible - ok
10:31:27.0179 0x13cc  [ 0D611DC17E48B6F8DD466A089170D118, E55A78E2CC6A0A5F7B8F0B75DFB2297FBC3B959C4FDEFBEA1C6C4E7706724AEB ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
10:31:27.0205 0x13cc  OneSyncSvc - ok
10:31:27.0213 0x13cc  [ CBC25009133730EB00BFAD4E37A6D387, AC93BEBD1E13336F9A6A4AB699A34127A31EC949A9EC5930B21BA80A3A6AF916 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:31:27.0224 0x13cc  ose - ok
10:31:27.0233 0x13cc  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
10:31:27.0252 0x13cc  p2pimsvc - ok
10:31:27.0263 0x13cc  [ D1A9C22A98A10EB11A190B8FC7C07C6A, 1DE5F07E707DA9D833F105A8D948BBAEF0172DB2147D9A665EC7320F88D57B9E ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
10:31:27.0284 0x13cc  p2psvc - ok
10:31:27.0290 0x13cc  [ 2CC6C325B271C7CA60F374F8F868CB45, 569391CA5DF003ED33CAA89FD38834641023C24F7FAE2261F6DA8ABC5CC9C3C9 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
10:31:27.0302 0x13cc  Parport - ok
10:31:27.0307 0x13cc  [ 664B7DDEE982ADF5EAB480C75B9F6218, 1D1403CBD75916B83EEFA9B235E237583C40025C87C13676247F1EAD3F1D33EE ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
10:31:27.0318 0x13cc  partmgr - ok
10:31:27.0329 0x13cc  [ 72ABB842C15A6C3AC3D954308C6BF206, 8F2A69E3BE43BCD2C8A39153062216B5CCEC9FA62205EC8A23FAB209DFAE7062 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
10:31:27.0349 0x13cc  PcaSvc - ok
10:31:27.0358 0x13cc  [ C5B74C6D87E77BC64DEBD1BF57DEB375, AEBC86E404D4E3985D9FBAD9913AC52127DDE7C79062830717CDFEEA4CD7CC0B ] pci             C:\WINDOWS\system32\drivers\pci.sys
10:31:27.0372 0x13cc  pci - ok
10:31:27.0375 0x13cc  [ CFB85CB7A6F6926EA0EB96EDFB3C8A91, 7B3A58C165DF231BB202D8A2036272932439864F8EBDC62811E2BEFA8B36FC01 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
10:31:27.0384 0x13cc  pciide - ok
10:31:27.0389 0x13cc  [ 13B7D84B397A90E82682C47A15C3A98D, 7F897DA83209381A8C26B34416899E276256AB587DC4E2B60B185CAC8D1877F0 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
10:31:27.0399 0x13cc  pcmcia - ok
10:31:27.0403 0x13cc  [ 76EA512FD9D4673CF7A57775EE8922E2, 6D2B90616A46BC4F9BB6BACBD78EB33C23834987365C87617AFC2E147871C984 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
10:31:27.0412 0x13cc  pcw - ok
10:31:27.0416 0x13cc  [ 4A88D29869609A39782EF53145E6F7CA, 6200E0B96FD0289D7F95779723E3CABBDEE17EDE5F802CC51E5539F475711027 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
10:31:27.0426 0x13cc  pdc - ok
10:31:27.0443 0x13cc  [ 4F190BA3C9BD2F0277BCBF480F396091, F09613C76350706992B39D7EA9B859D28F00790E5AC17CA7D49C3E270B9D8994 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
10:31:27.0478 0x13cc  PEAUTH - ok
10:31:27.0512 0x13cc  [ F5C8E47E2F7B72ACEA49F7AD2EA60D3B, 184B5C91BF36A03257A38E8FB5FDBEF96AE88F0F5FF2EEEAE7BFC6CA15CC1602 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
10:31:27.0570 0x13cc  PeerDistSvc - ok
10:31:27.0579 0x13cc  [ FE52FF97A094609429FEF098EDC6FB08, 6762ED340048AF61B756CB7B576BE2057768FDB677623D01F2A592727C0E5A00 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
10:31:27.0589 0x13cc  percsas2i - ok
10:31:27.0593 0x13cc  [ FCA143274792F12383C35902E801E83A, 87D93226E32153794993035553C9935D07242631E182460D8ED13650175C0F01 ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
10:31:27.0602 0x13cc  percsas3i - ok
10:31:27.0623 0x13cc  [ 4DAD2C73778D41F951B33854936E7BDC, 1421FDA2D083D5923422A038C54603BF798C48DDB7244DBEDA46D537B8CE1534 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
10:31:27.0635 0x13cc  PerfHost - ok
10:31:27.0656 0x13cc  [ B730E963A31B73938A76D7B80666D60D, FADF452637E2EB50CC8C0E75956FE01F029C587F6EF2F8B347213263DE9D3A80 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
10:31:27.0692 0x13cc  PhoneSvc - ok
10:31:27.0699 0x13cc  [ 97D85602B8131C487EB08A36F7343F5E, BEDC106AF06358D40BB034390645A5BFF9C138CFD51B5997D32614741D3D2372 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
10:31:27.0715 0x13cc  PimIndexMaintenanceSvc - ok
10:31:27.0760 0x13cc  [ F9FB601621FF33376F3908C2C27C6EF4, 8689565D4FD1C68826EA0A9C2B44377A2AEC3CD812595F0D32904D8FA5809672 ] pla             C:\WINDOWS\system32\pla.dll
10:31:27.0809 0x13cc  pla - ok
10:31:27.0817 0x13cc  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
10:31:27.0843 0x13cc  PlugPlay - ok
10:31:27.0851 0x13cc  [ 414CA4DCC31D795882B25ADC1DACE779, AFD8D9AA24C64DD9569FDCBE65171810FE27AF24B8DD2941FECE6245EABB6AAC ] pmem            C:\WINDOWS\System32\drivers\pmem.sys
10:31:27.0866 0x13cc  pmem - ok
10:31:27.0869 0x13cc  PnkBstrA - ok
10:31:27.0873 0x13cc  [ D54385DD5A39A5636D1587FC9ECFC337, DEEA5D433CB2DA55AE58C7C5431A1249C94B61606F0A75E4A44D516619060263 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
10:31:27.0886 0x13cc  PNRPAutoReg - ok
10:31:27.0895 0x13cc  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
10:31:27.0914 0x13cc  PNRPsvc - ok
10:31:27.0925 0x13cc  [ 118E91AEE8F6DDAD088F955498CF2487, F4447C64CF1F36432E0FF09B6712DCE61BF28E3499F20C6C69E80D98B42D671E ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
10:31:27.0948 0x13cc  PolicyAgent - ok
10:31:27.0955 0x13cc  [ 456DEA8B86DD28A2BAD65DC0F05B659E, CF23418563605C0255C903366D92F8A0C4CAA407000F509D558F676DD843DBCD ] Power           C:\WINDOWS\system32\umpo.dll
10:31:27.0972 0x13cc  Power - ok
10:31:27.0976 0x13cc  [ D292D7FADCEE481CC64A9DE8FE9C3347, BD870A375E33CD8434CA97FFE9C2F84E58C6CD0EAEEEE8922172CB01F9674B55 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
10:31:27.0996 0x13cc  PptpMiniport - ok
10:31:28.0066 0x13cc  [ 5404E7A968A26DF03793B6F68536594D, BE5A85581E87EFE4DB43AD17B8D42D3F7F32364AEEC1416DBB94279C4A203FF2 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
10:31:28.0146 0x13cc  PrintNotify - ok
10:31:28.0157 0x13cc  [ D57CF871B3977731A91FE9611A54C7C1, B6C7F685716A88D0978377B83C5320C88EED0CAA44A001849AAFF71E4E0682E7 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
10:31:28.0171 0x13cc  Processor - ok
10:31:28.0181 0x13cc  [ 56A7713DE64B16FB309D132E88FDB098, A658C8DCA87442F33B726A9B2060B20393D83B8658D0894C046CAFEAB00E2D8A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
10:31:28.0202 0x13cc  ProfSvc - ok
10:31:28.0208 0x13cc  [ B60431D2A046AD97F8427F6E568370F5, CD488E343585A5AC19D9AAF88BF0BB7EEA1BC48F6DA4A4FBF9BE5A04ECF5040B ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
10:31:28.0219 0x13cc  Psched - ok
10:31:28.0223 0x13cc  [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI             C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys
10:31:28.0229 0x13cc  PSI - ok
10:31:28.0237 0x13cc  [ E0DCCA2A78516D155A6485CCA99F0EA5, EAFD24F815ECD6373BEC8E75B24FB54694CB8E4FF430FB6886F9B5B1C1762BFC ] QWAVE           C:\WINDOWS\system32\qwave.dll
10:31:28.0262 0x13cc  QWAVE - ok
10:31:28.0265 0x13cc  [ A2B0F46FBA2521E7E732BDBDB1238515, 7F0FEFB09770BF5889D6C2219F68399C962A3F1071E70C4951B6FDAE196CF041 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
10:31:28.0283 0x13cc  QWAVEdrv - ok
10:31:28.0286 0x13cc  [ EA9EB06EFC325CD2ACF5DF2F26A4894E, 32AC7EDB42CDA736E2AD9AB67795735F16234D9BD80D56FDAE5B8B3C3C1CC26F ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:31:28.0297 0x13cc  RasAcd - ok
10:31:28.0303 0x13cc  [ 4E9379389D0A851DD19D130C8FAEFBD0, 279A25EF8949A5BAF311CA75493A5F89F74A02711EF875F67D0A95849B409C00 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
10:31:28.0323 0x13cc  RasAgileVpn - ok
10:31:28.0328 0x13cc  [ 3E8CB44832FE3F96047187291523CDA1, 999A10D4D50CD2C39309FDC04A9F4CB0959BA061AE9305D4DF7F00F37F3813F9 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
10:31:28.0343 0x13cc  RasAuto - ok
10:31:28.0347 0x13cc  [ 5279EC98F6218D29EADDFECCC0D80E9A, 6F376FC3BEFA9F521635192177962AF1F41173502EC067896B7C2A5FB71E7A3B ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
10:31:28.0371 0x13cc  Rasl2tp - ok
10:31:28.0390 0x13cc  [ AC6A0AE3B33EE783717820458882F91C, EA503A90DBC31FB6B5D047D59E0F2855880EF3877877AD576579DB5CD8188E4A ] RasMan          C:\WINDOWS\System32\rasmans.dll
10:31:28.0447 0x13cc  RasMan - ok
10:31:28.0457 0x13cc  [ D7FF75ED7A48FD60A573C9E959CF4DB5, C67673E2D678527F8C07C9BCC487D385B92282D9D73396CFB01F14F5211CA991 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:31:28.0476 0x13cc  RasPppoe - ok
10:31:28.0480 0x13cc  [ 6A4E45A7F17FA0B4B1B48C550E311944, 1E84A559B7AA5F07E8156D223EFFB1B2B43D1E4E90E561D8DF2C257FFBCFDC0D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
10:31:28.0518 0x13cc  RasSstp - ok
10:31:28.0535 0x13cc  [ F2C575A9657F7B2E027C6CE7BC8F1A2D, 5D002488CCEDCEBF0542F508FCE47DC9105C67D5685489970048437BD243AC0E ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:31:28.0559 0x13cc  rdbss - ok
10:31:28.0571 0x13cc  [ 9414B22E093243636D362BF8C8C12A67, 575CE91AFADD771CBF86377962EDFAF70150BBA575F8DF144FEE6CC1C0FF88E0 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
10:31:28.0583 0x13cc  rdpbus - ok
10:31:28.0595 0x13cc  [ 53A01D3FDB701AC5D9DDE4140227E3D9, 833AF0BAAB49B58C71C684D2AA20B900C27E19DDCE5E15355C7ABAAB33BC7673 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
10:31:28.0615 0x13cc  RDPDR - ok
10:31:28.0620 0x13cc  [ DF32ED51DC0C3F6F3B1C4CEF71B8B426, DBEAD271B5DE6439E3106BDDB8B1E47D7BA47AE203CF3E1F8924CE02FDCA6E0B ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
10:31:28.0636 0x13cc  RdpVideoMiniport - ok
10:31:28.0645 0x13cc  [ 2369A5B651308E0C3458143976E9B03B, 0EDE99F7E2A7668E90C2FCA11D4BCE0676FBEA2CCFB57A004827CE5FE96D1584 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
10:31:28.0659 0x13cc  rdyboost - ok
10:31:28.0698 0x13cc  [ 3581FB9529035F8EC6DB681664CA70B1, 0C7BCD6A3B4248683C52B69F0B373D5929C2375F9BBF6CA80C480A8E7446A30C ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
10:31:28.0751 0x13cc  ReFS - ok
10:31:28.0778 0x13cc  [ 79E1ADE19D8B7C56EF29D098EAF57AD0, 295D0F04359A00849759976710F6CB83DB96E5007946930EA19865620EA3EFE7 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
10:31:28.0807 0x13cc  ReFSv1 - ok
10:31:28.0822 0x13cc  [ D91C597DE82E1500525945E1FFF24B0F, 3F5837A743715FB2CCBFC9458FBE010AED170B46515925D4C7C59BBAC792F695 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
10:31:28.0853 0x13cc  RemoteAccess - ok
10:31:28.0860 0x13cc  [ 19D1072193DAF71C97E5A05FC7673BB3, 313C3762CCC490C20B5561A78E6002E7A52F0142B370F17849DD4AB2F0AF6513 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
10:31:28.0889 0x13cc  RemoteRegistry - ok
10:31:28.0903 0x13cc  [ A12D167F73C3E285AC623BCA62B3A8BC, 6E8213808C22C0688BD40721FBBBAA88BFEFA1BD304BC19AA015FC541CA5BF84 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
10:31:28.0937 0x13cc  RetailDemo - ok
10:31:28.0945 0x13cc  [ D31B2CD9458D2E212A5F24D56D2FB8D5, D8EC0BDB9D143C050A48217C57AA1BA6D60EEFEF67A98441064BD8FD339987DD ] RmSvc           C:\WINDOWS\System32\RMapi.dll
10:31:28.0974 0x13cc  RmSvc - ok
10:31:28.0978 0x13cc  [ C79F1F7C8A5FCBE90E3C833299AA1F59, 7969E79B2095BDA144AA369DE21F49C9FAD272B5864B2F0FD28CB28D148F2AD6 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
10:31:28.0996 0x13cc  RpcEptMapper - ok
10:31:29.0000 0x13cc  [ 1CE6928C1587F9760F7C3A036786CAE8, 3E4F5371E0DDDBA612BF61891D17D691DCAFB2E1010BBD84737FBD98DA8C03DE ] RpcLocator      C:\WINDOWS\system32\locator.exe
10:31:29.0016 0x13cc  RpcLocator - ok
10:31:29.0036 0x13cc  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
10:31:29.0075 0x13cc  RpcSs - ok
10:31:29.0080 0x13cc  [ E87EECED9287C275B6CF30EB598B1D77, D0C5D4E37A3FAD422C0ECFFAB53904D9FD5385129DE2BC5AF75D91CD016EA6AC ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
10:31:29.0101 0x13cc  rspndr - ok
10:31:29.0116 0x13cc  [ BE7E1D29CD6DAF79EF08A24A03E10D38, 6DD736E4AFFA8C2237990C3BB2B0313A2A18A77745198F847891128A1BA4D9FD ] RTSPER          C:\WINDOWS\system32\DRIVERS\RtsPer.sys
10:31:29.0133 0x13cc  RTSPER - ok
10:31:29.0137 0x13cc  [ 6308366D3CDEA5F427CFF4BCF0081B4E, ABB91A41C09A1607C66BD380FD0A3EECAAF9AD534856CCC78DE1A4E450ADB07F ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
10:31:29.0148 0x13cc  s3cap - ok
10:31:29.0152 0x13cc  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] SamSs           C:\WINDOWS\system32\lsass.exe
10:31:29.0162 0x13cc  SamSs - ok
10:31:29.0167 0x13cc  [ 33B2DC5C2F19DA89F862484E23D9833D, 1C3BD1804767D087BE1510EEDCE94FFAC096922C821A123DB1BACDA5777246A7 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
10:31:29.0184 0x13cc  sbp2port - ok
10:31:29.0287 0x13cc  [ 6A7F961E0E6382F185809AEC6A97E078, 434E215337453C3973762A2F10806A57F3B296DDD34A948F781B67E374836AF5 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
10:31:29.0326 0x13cc  SCardSvr - ok
10:31:29.0335 0x13cc  [ 45B203A8CD642F72E86690B957B6490D, 29D5733D2A6FF9F051FD74FFDCCDB5272EC8E7734021F5BBF0E9E521E61B150F ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
10:31:29.0352 0x13cc  ScDeviceEnum - ok
10:31:29.0355 0x13cc  [ 5CFEEFCC6FAD1FD09ACCFBD652DDD85B, F90104CC42073ACD48A2FCCEDF58B57D8663223406ECB0A270140A053E9260B3 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
10:31:29.0368 0x13cc  scfilter - ok
10:31:29.0385 0x13cc  [ 5BBFA6CA63E8A5BB8FA2FA84A5562CE2, C74CD0A76473343A8620D26C96F7300026C295EDF61B8A336AB326DFE861678D ] Schedule        C:\WINDOWS\system32\schedsvc.dll
10:31:29.0424 0x13cc  Schedule - ok
10:31:29.0429 0x13cc  [ 5C8620FAC0E3C1658C8EF7AD7BB7EA5F, FEBE7FC79FCDF692167D82DE54031FD68BD2941544007EEB3D82C21E7F1C5C83 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
10:31:29.0439 0x13cc  scmbus - ok
10:31:29.0445 0x13cc  [ 0EC94DA356D89CACD89B6E139E4D0A7D, 2F887681FDD5AB787154403E34623B1DFB61C70DAE5E2BFF1565E100F228870B ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
10:31:29.0471 0x13cc  SCPolicySvc - ok
10:31:29.0485 0x13cc  [ DCD86049661A2C36DEE69D9DF7C3330D, DFFE21D91289C17A1ACE1311A8621EDC0C6579552B4C22FEC3BD884746234114 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
10:31:29.0498 0x13cc  sdbus - ok
10:31:29.0502 0x13cc  [ 464B615872981015AC4FEEBDEA83A063, 5CF491352B267241CA11F08E72E6EA668A595662561892E0D02CCA5B71172E14 ] SDFRd           C:\WINDOWS\System32\drivers\SDFRd.sys
10:31:29.0511 0x13cc  SDFRd - ok
10:31:29.0516 0x13cc  [ 847F01FB8504425BB255856A14278A86, 41997D25D12779CA79551988C56FA0A302367076B09A82F620858EDDDBFCE3FF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
10:31:29.0531 0x13cc  SDRSVC - ok
10:31:29.0535 0x13cc  [ 6BC219F1D9CDE08CEB9084ADB41FBA01, DA8AC3B42A72515A1976961976203A52D4C8636586EB5EF6B466AAF967A6567E ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
10:31:29.0546 0x13cc  sdstor - ok
10:31:29.0549 0x13cc  [ 2AE8505519C7E8A903DD7BE793A79846, 7044B1BC183E028BCFB544489B033F0968F033696F9816F354329ABD26C6EE7E ] seclogon        C:\WINDOWS\system32\seclogon.dll
10:31:29.0568 0x13cc  seclogon - ok
10:31:29.0593 0x13cc  [ 398A81D590424441B2F5C5C08073CADB, 1E064DFCC49EB0D8A4150276BF796B9DFA030C451570A170EC940F8CBAAD80F3 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
10:31:29.0619 0x13cc  Secunia PSI Agent - ok
10:31:29.0634 0x13cc  [ 8C2D3A80FC90A860F0F24DEB67471481, CE4D17B63149C44B4CD5CB7776FD4705DC675F6D2D077D53BE15578294EBC9D4 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
10:31:29.0650 0x13cc  Secunia Update Agent - ok
10:31:29.0659 0x13cc  [ 09301074EA03CA8E82EAB16ADA1217CA, 4A303880959F611B199C810D231539B7DE618E28041BFA30891F2C55A70754D7 ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
10:31:29.0692 0x13cc  SecurityHealthService - ok
10:31:29.0716 0x13cc  [ 77FB9BE8EDDCC999D09F2B1A7878A2A9, 589774C006A339FCA9772C37C9103C73C8592E018553804B97F34E2A0069A3F7 ] SEMgrSvc        C:\WINDOWS\system32\SEMgrSvc.dll
10:31:29.0756 0x13cc  SEMgrSvc - ok
10:31:29.0762 0x13cc  [ 25456AF499A0C9C4A93CFAC70BDE9CC2, 885C1A9C8BFA73D9C9C454759DF871237F7C0F28D879E98B4BE0D0113C549B09 ] SENS            C:\WINDOWS\System32\sens.dll
10:31:29.0777 0x13cc  SENS - ok
10:31:29.0779 0x13cc  Sense - ok
10:31:29.0804 0x13cc  [ 892C955E1081412942F64679E0DD7A5D, 6A28012270FA1FB3BB279102C67FA5296564630181C887E1EA6EA1F952A30C37 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
10:31:29.0852 0x13cc  SensorDataService - ok
10:31:29.0866 0x13cc  [ 358008CBDE5603F3B56789C977661CE3, 2C81180B27B854F201A683D2C75677660CA54ADC685F86CD414537C60D51FB4A ] SensorService   C:\WINDOWS\system32\SensorService.dll
10:31:29.0890 0x13cc  SensorService - ok
10:31:29.0897 0x13cc  [ 9B3744C26F206F9F90713D93A93C8B6E, D194F668D8BDDDB4356136CACF1FAD46E7566939C624029EF6E28D7A192B8EBF ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
10:31:29.0914 0x13cc  SensrSvc - ok
10:31:29.0917 0x13cc  [ 585329F62195A4B7AAD0A95F6EC89751, E7ADED97ACA8E8E06C368E24702C22D4C2B0B9495DEA24A2DC2A30782099BDCE ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
10:31:29.0927 0x13cc  SerCx - ok
10:31:29.0933 0x13cc  [ C8F4FDA8B3D039D7947344614FF5BFB2, 1A3B88EC59F2A820AFE4F3AC65F7149EAC68672D1F0D729CBB575694005A8911 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
10:31:29.0944 0x13cc  SerCx2 - ok
10:31:29.0947 0x13cc  [ E5B450E4E0DC1591254BF9CCF6C57B40, 958E7378D9BDE1F2EBE736D8D9912D56835A606AABDD042443A35CA37EC70F11 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
10:31:29.0958 0x13cc  Serenum - ok
10:31:29.0962 0x13cc  [ 628D8DD136F92316BFEB58FA005338B7, 0CDA673D31F40EBD07E9F67667DB6077F23DCADE2DD8376AB550575224625D44 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
10:31:29.0974 0x13cc  Serial - ok
10:31:29.0977 0x13cc  [ E5BA0B7353ADC5C95AB466D2E4DC89B1, 98F2A22ED892B2610C85EAAAB51DF25939599955A27611FCE9E68C3701CFD4EA ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
10:31:29.0988 0x13cc  sermouse - ok
10:31:30.0000 0x13cc  [ 043D7B39E693C610036BD56DF30EF440, 329D29CE1CB5F502B7DFCBE24878CA61EC56787A1B02195E19499701B194DE08 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
10:31:30.0021 0x13cc  SessionEnv - ok
10:31:30.0027 0x13cc  [ 15CFCC4692DA8887B977CE5FC5181084, 31D86E122E35AB9E7275F2B0573EE98770BBE517ED3B9CCED97F4969C9A619F9 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
10:31:30.0037 0x13cc  sfloppy - ok
10:31:30.0049 0x13cc  [ 87B083252816171A17F833CBCB7AA85E, 200AB93CEF384791DC9B04D2AF17877CA10595B2CEDF4B9505E367A2382C4AB7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
10:31:30.0081 0x13cc  SharedAccess - ok
10:31:30.0098 0x13cc  [ 4293E11951DEAAFB3924AB1DAB1FAC08, 644974816DDF690B26F369E48533D654A5B298BCA993EE53EACB5C00E52E5243 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:31:30.0128 0x13cc  ShellHWDetection - ok
10:31:30.0136 0x13cc  [ 1F73E6C66E7D9ED4FD58F9238D27430E, F1BFF9D3A0BB1981F6A1A3C23476675760E5AEFD919697D6DF00421576D93985 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
10:31:30.0154 0x13cc  shpamsvc - ok
10:31:30.0157 0x13cc  [ 2339F6B45E1D863B1D327F3AFD75A675, 03304ADC42EF6E8F671C8AA78A0D3E40408D870FBF2DA2B31A1727F86EF8F213 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
10:31:30.0166 0x13cc  SiSRaid2 - ok
10:31:30.0170 0x13cc  [ F520D50AD7266ED31D25DF4C8EA6BC2D, F68CF9EFB8319E59A8D9C24A36A198185DD79CBACD14510F5450F0024F0CD4D3 ] SiSRaid4
         

Alt 05.06.2017, 10:41   #7
Gloriaflyx
 
ESET meldet Funde - Standard

ESET meldet Funde



Code:
ATTFilter
C:\WINDOWS\system32\drivers\sisraid4.sys
10:31:30.0180 0x13cc  SiSRaid4 - ok
10:31:30.0188 0x13cc  [ E6DA1192D36D2D29FF8387917C2D70A6, 6F6AB7A2E45D7E05F5ED0B08B1ED9FFA03BDBFAF5E80F8B9E2C4D6CF6F74B851 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
10:31:30.0204 0x13cc  SkypeUpdate - ok
10:31:30.0208 0x13cc  [ C4C7316E98CFBC3F0CDAEE6968D7B9DC, 176AF4E9866E4FBB01DAB80A72BA0FE1A9AF6C55B3BF30032F5EB2F8D25EF5F3 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
10:31:30.0215 0x13cc  SmbDrvI - ok
10:31:30.0218 0x13cc  [ 70A2FD5F5B7B1A5E1146BE45E4DFB75D, 598824F06BBC2E37B9A6474411637C73233C8D2E13AE963C3229279A8519A9D3 ] smphost         C:\WINDOWS\System32\smphost.dll
10:31:30.0237 0x13cc  smphost - ok
10:31:30.0250 0x13cc  [ CB001810FD0C56F1D57229D023A84AE8, E423B53EE3A3710D6F45CD14C8BA5EF8E955344C8477385D470E6687FC661A75 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
10:31:30.0284 0x13cc  SmsRouter - ok
10:31:30.0291 0x13cc  [ 17B685A6DBD7543D2A55739526361583, EAF3C4DE587866D04CF9B051E5CEE335BC84788C8C62816AF404B6AD24FF1482 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
10:31:30.0304 0x13cc  SNMPTRAP - ok
10:31:30.0318 0x13cc  [ 2334ED0B61CAE7E7B1B454674206CDAC, 4EAA11805C2282E0306A381CF56E4B28D83C68BA1B401BFD512AE70C05C8A4CD ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
10:31:30.0337 0x13cc  spaceport - ok
10:31:30.0341 0x13cc  [ F3F0B8CAC1F3E6C3382EAFCE762475AD, 9F2EB373FB9216CDA71965979EE5E18F3AFDD26FF7E0C09DD7C3D880205C2554 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
10:31:30.0350 0x13cc  SpatialGraphFilter - ok
10:31:30.0354 0x13cc  [ 83E82B0E292DCDE4C75B9241BF0FB300, 494D2FD4CD082CC416CA5FF1ABE06BDC65A769F371CF0E18AD25C380B45AEE32 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
10:31:30.0363 0x13cc  SpbCx - ok
10:31:30.0380 0x13cc  [ 10CD42898C9E4849193E78A87337B2E9, 7C4FCB36EE1AF92C6962F14AE6DEF2CB154468EC3963DCDB9BDF8398C98B475B ] spectrum        C:\WINDOWS\system32\spectrum.exe
10:31:30.0413 0x13cc  spectrum - ok
10:31:30.0430 0x13cc  [ 29D813B5D84BC2C26BBC607CAA57A675, 2C4D5F4E2F7B6580E22ABF67690B0D32CAF5063DEA79E6F57E565782973F3990 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
10:31:30.0459 0x13cc  Spooler - ok
10:31:30.0532 0x13cc  [ E910861720DE6EDFB5CC6158CE3C7E17, 526BA8EEB9EE5312FEC39753D728E05F49AD81132346A354C95D4D4938001E2B ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
10:31:30.0624 0x13cc  sppsvc - ok
10:31:30.0646 0x13cc  [ 97E4F8B6D113CB77CAFB9257A6C4C15B, 0F732AFB074A8E54B71673A36830657EA11828B7CFF7EC32AC2E47DE333A14F4 ] SPUVCbv         C:\WINDOWS\System32\Drivers\SPUVCbv64.sys
10:31:30.0672 0x13cc  SPUVCbv - ok
10:31:30.0683 0x13cc  [ 36EAC4FE629FC036632F13EC14788FD1, 6AEE37816306FE46FA99EADB23E98CE6A6674C11ED847F1F5575926E26B09F9A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
10:31:30.0703 0x13cc  srv - ok
10:31:30.0719 0x13cc  [ A84B05C7C2A233497BE1D518A662C326, 85B291B6783AD48F2111B46050311A553BE6D6A7C3D90861DC010FA65730D2B5 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
10:31:30.0746 0x13cc  srv2 - ok
10:31:30.0754 0x13cc  [ 0351B28EEDFBD6C8CC69A7224A098CFA, D1D08D63F773CAEEA66585D090C073C0748AE96A2AAE8487E4B8BA54F7E59558 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
10:31:30.0776 0x13cc  srvnet - ok
10:31:30.0785 0x13cc  [ E95A6C339AE68515897B2E4C6B0842CA, 29DD7E83CD68432EAE4A7ED92CDA40AA52028F5FBB52152F0A1C752B572C2684 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
10:31:30.0810 0x13cc  SSDPSRV - ok
10:31:30.0815 0x13cc  [ FBD45746B2EDEECA10CCA6A861F8049B, 34383B0A07A93E0FA89CA32CD45AC5061F73723B2A9E0BF4AF93A53F70F1678E ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
10:31:30.0833 0x13cc  SstpSvc - ok
10:31:30.0935 0x13cc  [ F1A5AC00B8CD7E28BBC8DD7E60D48B65, AC185DD46A8B63500DDE74C2446F6409B0B4612068C33B4B7C30E43F389908DF ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
10:31:31.0044 0x13cc  StateRepository - ok
10:31:31.0081 0x13cc  [ 507367443C3A2D4BA115FE48B96A7D4B, 262E4F76A7850189572629117197841E87387D0034D4BC6F181D1CE4AB67B093 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:31:31.0112 0x13cc  Steam Client Service - ok
10:31:31.0117 0x13cc  [ D40C589F80EB1C511263D0547C0259AE, A0236F6BB515AE006CC4C9F40FCCE250407888757A3646BB4BCB59EF8EEF1311 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
10:31:31.0126 0x13cc  stexstor - ok
10:31:31.0139 0x13cc  [ F83F43CD328E6CEEAAC27612F3EB1FF5, E3D35E5154CD228301806706E6EADCA36E9113EAF44BC06E3C43B2E902187326 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
10:31:31.0166 0x13cc  stisvc - ok
10:31:31.0172 0x13cc  [ 63F1C499672A1049F0814F243798F35F, 65B39E2AFC48E8F5754296DC72183EE505677D7FCD8909D4975629D6AA849DC0 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
10:31:31.0182 0x13cc  storahci - ok
10:31:31.0186 0x13cc  [ E5F703788DFA05411F1469E96838F438, A7E8D2DC23E23EA52B068C71D9387E69FF49798A27CE0243A994A2B1B09FA042 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
10:31:31.0195 0x13cc  storflt - ok
10:31:31.0199 0x13cc  [ 0D0128244FF55EAD3F878D3FE542DBA5, 4FCFA1B2113E07264A71A22298CA6E9FDC2AB722E0AE184A8F5656C18113A858 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
10:31:31.0209 0x13cc  stornvme - ok
10:31:31.0213 0x13cc  [ 3A62FF78619258E6126C5C4B4CC82C8E, C72CC295680B35E0EEE5A5310E0241E2FFE0E540BFAA49C35C06AA882229C1CD ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
10:31:31.0225 0x13cc  storqosflt - ok
10:31:31.0241 0x13cc  [ 212CB512B785E218667CCA56C4BFD71D, 5FD4CFEE5AB2187D928632076E6AD5C2C53D66884479C4D34930DCFCA3CCEE34 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
10:31:31.0271 0x13cc  StorSvc - ok
10:31:31.0275 0x13cc  [ C6097966F8EA3B288070CDF7C3C8C3E8, D12C4AF3E54DCE1E5DC9C8AA0E83420F481DC0165A7F7845083A85BABC102D37 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
10:31:31.0284 0x13cc  storufs - ok
10:31:31.0287 0x13cc  [ 3DC3B17E92DA02E36B4138733DF6C1AC, 398F20B6D6DAF6DA950C149F63F3B23864E1478119BFE53218C220CEADEC800D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
10:31:31.0296 0x13cc  storvsc - ok
10:31:31.0299 0x13cc  [ D284AB2CA6C30317D142D38CE1F848BE, 4C9EAE174F5C673CA550C9382E85CE7DAF5DC9965495BAB09078B634A4CDD4FB ] svsvc           C:\WINDOWS\system32\svsvc.dll
10:31:31.0314 0x13cc  svsvc - ok
10:31:31.0318 0x13cc  [ 2BC4D0EBC2467FE90302AE0AFAF23768, CF8BCC9CA1FBA8407FD044613A2497BEEC641DE463B076F0ED1FA7674C202ADE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
10:31:31.0326 0x13cc  swenum - ok
10:31:31.0337 0x13cc  [ 13985DA558FBCBFD9108A2CACB5FE494, DD457A73E82147AA90C36D695A47E862FF90D96FB1E22760FAB5780F7C332A46 ] swprv           C:\WINDOWS\System32\swprv.dll
10:31:31.0362 0x13cc  swprv - ok
10:31:31.0366 0x13cc  [ 572F81CF08972D53BAFFC2A110A2A586, D9AF8EBB31CE097849F93FC8C0F06178B2E1CA8C48D08BBDD85174CCD64A16D6 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
10:31:31.0377 0x13cc  Synth3dVsc - ok
10:31:31.0391 0x13cc  [ 6F02CE00CF9B10E134FA659F9D1353E8, 26616F8CCA9E67066EC02B477BE838023AB1307D7D7DA26ED14C065E0F4AA5B2 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
10:31:31.0409 0x13cc  SynTP - ok
10:31:31.0419 0x13cc  [ 6CDAAEB36655B8963081C0E11BBBEE02, 3766074C780B95CA54A40FF075C08DEC3A46CECF42C1E047F3FA78C27783ED73 ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
10:31:31.0430 0x13cc  SynTPEnhService - ok
10:31:31.0449 0x13cc  [ 4746E7782AABDDC950E94336C03D3D4E, B583CB003D364F82B6C45932CC119FF8D5555E3E0B2D75B861B34C1B6AB6509B ] SysMain         C:\WINDOWS\system32\sysmain.dll
10:31:31.0491 0x13cc  SysMain - ok
10:31:31.0500 0x13cc  [ 97E0FD613D031EAA73E8AD259169AC22, E86E9B9C18AF2E79D7CF80B177A12D89418CDBD3CBB74307809DD0377408DB82 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
10:31:31.0518 0x13cc  SystemEventsBroker - ok
10:31:31.0524 0x13cc  [ 7750219DFABC38261575B6CEFBF84EC6, 50DF85E34AF7C1343281AD0EF34FD94AB0E279DA5C61976ABA0135B8F013C543 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
10:31:31.0539 0x13cc  TabletInputService - ok
10:31:31.0548 0x13cc  [ C1C6A802C2A9A57029D4347E251F4D18, 9F75B7F003C829FFDB2CDC98231D32FE988754D23873048FA4F6EB82ED1DCED4 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
10:31:31.0568 0x13cc  TapiSrv - ok
10:31:31.0615 0x13cc  [ 0907BD52E5264C0851A839D471F35DA0, 6301E98E343F72AD8F10C3AAED3EFD60221EC43206BD6740DD0CD8DF3ECBB5F5 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
10:31:31.0672 0x13cc  Tcpip - ok
10:31:31.0739 0x13cc  [ 0907BD52E5264C0851A839D471F35DA0, 6301E98E343F72AD8F10C3AAED3EFD60221EC43206BD6740DD0CD8DF3ECBB5F5 ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
10:31:31.0796 0x13cc  Tcpip6 - ok
10:31:31.0807 0x13cc  [ 1C35A5C62D110346379C55E39A3D547C, 5BDBD593AB51ECA5A6B703E86F300E3B2B153E128BEB9A006ABD827AE726BD62 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
10:31:31.0819 0x13cc  tcpipreg - ok
10:31:31.0825 0x13cc  [ 2540384EF2EEE5BE930E3FB1061395DC, 53BACC0718967E0860BAE1EB2DECDD3960FA19AC47066C5DFCE03AA0427BB654 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
10:31:31.0835 0x13cc  tdx - ok
10:31:31.0839 0x13cc  [ 96A35CDBA661D41C5A3914257CA1D200, 691ABBAA99C673E7D0B81D811BCC60976C3EC050F2B39B35B87A3BCC211F119A ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
10:31:31.0848 0x13cc  terminpt - ok
10:31:31.0867 0x13cc  [ 0B5C6D1683CDE89B3488326C60EA6EF2, 3B822CF005FA3002F27FF9BF39E7E133987230DA3481CFCF99F3B2B6B373A718 ] TermService     C:\WINDOWS\System32\termsrv.dll
10:31:31.0902 0x13cc  TermService - ok
10:31:31.0907 0x13cc  [ 6568EF1B30101979107055B7E515EE58, A318082E5FDD79C9F85E8C00A78EBFA0EC44B1046976E85633DC7BD123DA38B9 ] Themes          C:\WINDOWS\system32\themeservice.dll
10:31:31.0924 0x13cc  Themes - ok
10:31:31.0932 0x13cc  [ 2ABC11CFC2F03A919AF78A6E3E29C570, 54D91F89993A0FF090E2213EED92DE3659DCB693FBDA5932E31C6D6D7CFC8E80 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
10:31:31.0953 0x13cc  TieringEngineService - ok
10:31:31.0967 0x13cc  [ 8949EED671F531E7B4A0FD7333CCC125, 2D55A1B4FD6843A11383BB71D0409943CA0C47350153F3EDAAA3CADFA4A3504A ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
10:31:31.0994 0x13cc  tiledatamodelsvc - ok
10:31:32.0001 0x13cc  [ E59D4F92FE11B47AB727C6D192CC977F, 1DA06663889A20A1B22DDF90E5C99A5668023C0B89E252F3E820C0D1964B1948 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
10:31:32.0016 0x13cc  TimeBrokerSvc - ok
10:31:32.0037 0x13cc  [ C83505A5CC15E39D6C6D7B3C20187E5C, A6AB47C041A7C99CB0D5EA706CC31B3D88DC83BAF5AF7E59F651F9D7068D94B2 ] TokenBroker     C:\WINDOWS\System32\TokenBroker.dll
10:31:32.0073 0x13cc  TokenBroker - ok
10:31:32.0080 0x13cc  [ 9ED5C8DE0FD72A2B39A39A52AE4B17D8, 8D86510D42C4BC019A38167E2781D09E85BD6CFECFE92B9248766FEA7E40D821 ] TPHKLOAD        C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
10:31:32.0088 0x13cc  TPHKLOAD - ok
10:31:32.0092 0x13cc  [ 5B62F45C87CC0FB176C5358EEA6CFB4C, D3ED391278AE0F26BCF947057E63DD0CCA4FAD9D15C23D34E14A1F34571DAC77 ] TPHKSVC         C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
10:31:32.0099 0x13cc  TPHKSVC - ok
10:31:32.0107 0x13cc  [ 13878331EB3906C29A1F4E46B9606218, 892C17BBB35E72B36AE5F16124DFD5D8D7151260A370C142EBDD1D14EAD42AB9 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
10:31:32.0118 0x13cc  TPM - ok
10:31:32.0124 0x13cc  [ 85E0D4431D61675A94EA99C9E1F56436, 9FA750703E04D20A62DBB0185CBDD70AFC4573FB65F86E61AAF7CF7A7D8E1E3E ] TrkWks          C:\WINDOWS\System32\trkwks.dll
10:31:32.0138 0x13cc  TrkWks - ok
10:31:32.0143 0x13cc  [ F21A69013A67B372675F523262AC1E33, C3F910E375C0F4B7FFA6F6D755622FF6B0CAE36DF691C938DE177C94815FE3C8 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
10:31:32.0155 0x13cc  TrustedInstaller - ok
10:31:32.0161 0x13cc  [ 9856BCCD1CD5DE4D17E8DBBA7CEFC688, F4B532DCE6F4728092848FE7B2FC05AB921EC7B3FDD7E62AB40EE0029C008398 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
10:31:32.0172 0x13cc  TsUsbFlt - ok
10:31:32.0175 0x13cc  [ 837AD2B941E721BCCEB7EF137E2DEE18, 84BE22616A50467B1957434C8BD19C8B0FC3B21CD77FFB8E16A09347CEAE0F4E ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
10:31:32.0186 0x13cc  TsUsbGD - ok
10:31:32.0190 0x13cc  [ 5DED9E34D133F4A363652CDB595D83F3, E8CFE5DF737D7C2A576B2D6D508977E1F6961122D541DF82AA581C7B3B1C384B ] tsusbhub        C:\WINDOWS\system32\drivers\tsusbhub.sys
10:31:32.0203 0x13cc  tsusbhub - ok
10:31:32.0209 0x13cc  [ B097B77121A057AB6D70C647636978D4, 10F78A18AC898CDD0FA91D6FA29B8B45C6D8F6CE65B064C39256EB20FC6CD085 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
10:31:32.0222 0x13cc  tzautoupdate - ok
10:31:32.0227 0x13cc  [ B4C846ABD462558D45CA578C855759C3, E0F0DD39A6C101C2209CA46EF2B5A5F4559843C9EE37CC08ED78D9E124A566D2 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
10:31:32.0236 0x13cc  UASPStor - ok
10:31:32.0241 0x13cc  [ 5C2C0296D9EE7DC92A3F14642FBE656D, 94A7D549EC53C71095AD8DE4DB8F846D1DB3438FE2679E41DCAE62C34C0654DD ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
10:31:32.0253 0x13cc  UcmCx0101 - ok
10:31:32.0259 0x13cc  [ 8BB64E04CD97AD8C68543181D93E2AFC, FBA2FB9A9906721BAD42CDFFCCE0234AF3F72B83E2571E526801F19173B7C9CE ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
10:31:32.0272 0x13cc  UcmTcpciCx0101 - ok
10:31:32.0276 0x13cc  [ 5A7CE114C8DA9060F32633F81A5625E5, B49163951B380827ADBF13D336D5BDC1EEE90A70058019928A603AA1C24D8EB7 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
10:31:32.0287 0x13cc  UcmUcsi - ok
10:31:32.0293 0x13cc  [ 5D4EAF3D0911338CB8FDB088386D6DCA, 1AC5B494C39570E66C4D4F867C6B8E37C174FB5D67C2865B07247122F60F8895 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
10:31:32.0305 0x13cc  Ucx01000 - ok
10:31:32.0309 0x13cc  [ 384E1F0D84B465820416338E52FE7C2B, 8F82778332EA1199987BA569536CBED8FEAF5E9D920321B0C9DFCBDDD91EEA35 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
10:31:32.0319 0x13cc  UdeCx - ok
10:31:32.0328 0x13cc  [ C82BE75239D412057C9E3DB1785680C6, AE712E40440F5725DA41C95C3E558B5E9ABB17C55B70297DD40D7D1BDA7CE45D ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
10:31:32.0353 0x13cc  udfs - ok
10:31:32.0356 0x13cc  [ CCDF6EFF952BF3BF34DC17600F479397, 2A2009B3C4BD1A44F1C6E334CB0A7DD02443BCE1EB48837C1C70A2A04CC7C54A ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
10:31:32.0365 0x13cc  UEFI - ok
10:31:32.0368 0x13cc  [ 244A80A1A881E2B9303A0364AAB33F16, 3C58D5D5B1AF6AB598E6450817381E7D6B8700151B66DCDAD6002E73BD0EDF27 ] UevAgentDriver  C:\WINDOWS\system32\drivers\UevAgentDriver.sys
10:31:32.0377 0x13cc  UevAgentDriver - ok
10:31:32.0400 0x13cc  [ 5F1DA3635C2F6B74EBFDEBFC747B63B5, 1B456B777C5099A67E405FEF20B5CBCB24C6FCE9ED7A5A421C6574618364FD47 ] UevAgentService C:\WINDOWS\system32\AgentService.exe
10:31:32.0440 0x13cc  UevAgentService - ok
10:31:32.0448 0x13cc  [ 00BEF71C45FD6B06E7525E7B31EFA88C, C0BDE8CB41BF9A34E395EA86756637E4CD6B88EF1C842364ECA639948D6CD59A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
10:31:32.0461 0x13cc  Ufx01000 - ok
10:31:32.0466 0x13cc  [ 9450AB15C30CF7D1F23C8A42E778C3A2, E62455008ED5B7220AEE62E0F459A67E26FB2878349ABA5AAF0164C2E7A8C0E9 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
10:31:32.0475 0x13cc  UfxChipidea - ok
10:31:32.0480 0x13cc  [ CEE12C7A689BDF448715024A7E0EB9C3, EC48E1469800E34A71C8A97A6F2F0B7C67385BCB8438844E6967DE0A82E39B94 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
10:31:32.0491 0x13cc  ufxsynopsys - ok
10:31:32.0497 0x13cc  [ 5A2F610B31CC3FD23D3E20C1D5F1EF52, D470B7C1CAE066C2DCDBA47001913FB1A7C9CC5B200FB8324DB896B641C1A132 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
10:31:32.0511 0x13cc  UI0Detect - ok
10:31:32.0514 0x13cc  [ F39ED750EDF5948FA8CD99D1F4EC9372, AE42AE50DE09F26D3CA4ACDCD5ECABD59D26926707030F0532A885266FE83EF9 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
10:31:32.0526 0x13cc  umbus - ok
10:31:32.0529 0x13cc  [ 55984D4E64C2F8E4223542CBCC15EDEB, ECBC832FBBA6AFCAEDEBB2728FA4A6DDCF52A6421929E72CA29B61CDBED840DF ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
10:31:32.0539 0x13cc  UmPass - ok
10:31:32.0546 0x13cc  [ FBEF4641E3E08A03CA84AF5C393CA86B, 9A14A0FB645AB6DD0B49F3A14FBF38FECC65796F2503324E93994113CC7AD52F ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
10:31:32.0564 0x13cc  UmRdpService - ok
10:31:32.0587 0x13cc  [ 3699DED879B2FF8FC1ECE91489109796, 05B1283256F6CA6AF3ABBE003360BF0BAB3400223092E7E9F0822120BF576BD2 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
10:31:32.0629 0x13cc  UnistoreSvc - ok
10:31:32.0642 0x13cc  [ BBB6BDBE5ADCE6F87F70623D5A1EC5BC, E8BD5804FF82417890A9D1A44096B174E81A8C7AD3059B1F0C62740E0B39D137 ] upnphost        C:\WINDOWS\System32\upnphost.dll
10:31:32.0673 0x13cc  upnphost - ok
10:31:32.0676 0x13cc  [ 4D23214CB8B1C36B82061280EB8FDAB3, 387C01A7F9D8F89ED894EDF894AAAF8830DD7C90DF2F12A2CB4C4E9C7CB773BE ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
10:31:32.0684 0x13cc  UrsChipidea - ok
10:31:32.0689 0x13cc  [ 4329D880DB96B504F0DDC991A7374CCD, 1486BEF2C03ED281B24A17D3C18FEA2360E37A6B46D1A67D4690CD871B0A13DA ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
10:31:32.0698 0x13cc  UrsCx01000 - ok
10:31:32.0702 0x13cc  [ 93FAD0AC5879F274FA248A49E3F3EA33, D936F408E23040B33F30AB3B43D8B8BB9F3CCF2549E821F4C47357987AFF386F ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
10:31:32.0711 0x13cc  UrsSynopsys - ok
10:31:32.0717 0x13cc  [ 6B09AA6A04C8261E787B6523229E7159, F97BED424E988AC6272D51025FD0D3180E89BAF0FFC83DAB609774D6269B353A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
10:31:32.0729 0x13cc  usbccgp - ok
10:31:32.0733 0x13cc  [ ECE3AD18B4C22ED0C4AB1A2AD9AC32C8, 2062D400305075E886CF2C9D710A1C48B3F4AD48E7A75A77C66547357E96CB6E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
10:31:32.0746 0x13cc  usbcir - ok
10:31:32.0750 0x13cc  [ F8BCB536866474C6D8008F4C69B778A1, F86F4330DE2F50D48559C1ED46168ADB8F6AA7C8FE3834FFE00085C1783C5750 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
10:31:32.0761 0x13cc  usbehci - ok
10:31:32.0772 0x13cc  [ 1F723DA014062DBF3288B408A7611845, 0CCC9360259E6FBC510BBF69AE991A53A92516023AAC32C60A44BD3B43371C66 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
10:31:32.0789 0x13cc  usbhub - ok
10:31:32.0802 0x13cc  [ C3F953D10C486D6A190AF548B3CF7DC9, B0FB45B3045D499A44853A9D4CFD39C9D92873FC0A62A3D76B6149E601DFECD8 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
10:31:32.0821 0x13cc  USBHUB3 - ok
10:31:32.0824 0x13cc  [ BE6ED98FD0D3FE5FB11762AD7CCD6C96, 54C6C929CA55EA6770474F7E230190FC7574C1FA52437B564B3B5FA4D6106D8A ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
10:31:32.0835 0x13cc  usbohci - ok
10:31:32.0838 0x13cc  [ CEE43CD5357DB8786CE6E2C430841AE4, 50F4629AE488A12D18EFFAD486D2F95545049AB1F6A3248BA44D2132EEC9A653 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
10:31:32.0849 0x13cc  usbprint - ok
10:31:32.0853 0x13cc  [ 99F0738B320B7A8D11351A32F68AA5F1, DAA887C31E3F56245C15F04044C12B6E832FA7E837F4107376A6F8D8E3A99FEC ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
10:31:32.0866 0x13cc  usbser - ok
10:31:32.0870 0x13cc  [ 67E26F56CF7EACCBD9C9F75343A3D7C2, 210FA280897CCCB2458E9E683A8B4CA8A5DF9606B54F8B9CE05CA4AA6FD810AB ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
10:31:32.0881 0x13cc  USBSTOR - ok
10:31:32.0885 0x13cc  [ 7BA802C9F73A84B75BB22538ADA495BE, 7D97E6305168C4CA86AB9BD5B63300156DFE97032251CB83DB1D4C4DB9C28DC8 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
10:31:32.0895 0x13cc  usbuhci - ok
10:31:32.0905 0x13cc  [ 50E70B3A95138AA4A30B095270EE0DE6, 9B7072C36230102A089C4A6DFE1980CD9DB28E566EF02830600DEBAF3AAD31C7 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
10:31:32.0920 0x13cc  USBXHCI - ok
10:31:32.0950 0x13cc  [ 3156FFFB2B3BF5375814F777D343AD9F, C4E63043EB9D9227CDD487608AF9BA25C755D85E5FF8E63C2079D68CCC79E4BB ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
10:31:32.0999 0x13cc  UserDataSvc - ok
10:31:33.0022 0x13cc  [ C0E60CC6D48013728C7E4168D61A0B39, CA283312E9669BCC74A3B5E6332502D1CAA7148C049B94AF3996F3C7CD2676EF ] UserManager     C:\WINDOWS\System32\usermgr.dll
10:31:33.0081 0x13cc  UserManager - ok
10:31:33.0099 0x13cc  [ C71F447901864A61698B9FA2CF538146, 13673F28E6AE2CE8AB20ECF93997B49A355087F72970FE0BA7319B629DB3D36E ] UsoSvc          C:\WINDOWS\system32\usocore.dll
10:31:33.0127 0x13cc  UsoSvc - ok
10:31:33.0132 0x13cc  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
10:31:33.0142 0x13cc  VaultSvc - ok
10:31:33.0146 0x13cc  [ C1EC9211C7759D2487FD30934AA3EE96, 6914BB8B44550DFE75E5A3772E93ADF8459EB621CA400BDD9B7E3185A09B6F9A ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
10:31:33.0155 0x13cc  vdrvroot - ok
10:31:33.0168 0x13cc  [ 374CD93271184F04988FDC1C25B3E855, 09727093C5F7B258867C16D41F7F9835BF549CC339288BFE01A8F34AC7E93E23 ] vds             C:\WINDOWS\System32\vds.exe
10:31:33.0198 0x13cc  vds - ok
10:31:33.0205 0x13cc  [ C83F3BC00651448DB127D497CF955089, 31B8838CEED08E7D5DD8635A805A8010798BD9B10A3775FAFDB576FBD7303D39 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
10:31:33.0217 0x13cc  VerifierExt - ok
10:31:33.0231 0x13cc  [ 1021DCD0E3632E099E599B8893DC7969, 18A4F022240FBBDAEEAF6613E88F1B89370EE8BE575059657FEA451D7DA1FE75 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
10:31:33.0253 0x13cc  vhdmp - ok
10:31:33.0258 0x13cc  [ 1AD096A5C00E522398D0092D875A8CB6, 6959FCD6DD2115CD293DBD4BCD6D1BA0AE4F7495A9BBB48F7388384EEABB38E9 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
10:31:33.0269 0x13cc  vhf - ok
10:31:33.0273 0x13cc  [ EE9A22CFD9AEDD7B52F98B0272494609, F668131BABD048857F011A471936B52EDF0F2A42CB6000ACB4E0E43F88782AAD ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
10:31:33.0284 0x13cc  vmbus - ok
10:31:33.0287 0x13cc  [ BFBD0895926FD98A03AD6BB845B569B7, 5B7913ACD6CC132B2F36B079BC5F897C21884A7F21046B8996CC3D74C4B6DA4C ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
10:31:33.0298 0x13cc  VMBusHID - ok
10:31:33.0301 0x13cc  [ C123C97D351C56C75FE5335AB18255EE, 67315E332E863E5C233BA113826A5DEEE08C1A0A3358E6AC21F25DC5EAC86D07 ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
10:31:33.0311 0x13cc  vmgid - ok
10:31:33.0319 0x13cc  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
10:31:33.0336 0x13cc  vmicguestinterface - ok
10:31:33.0344 0x13cc  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
10:31:33.0361 0x13cc  vmicheartbeat - ok
10:31:33.0368 0x13cc  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
10:31:33.0385 0x13cc  vmickvpexchange - ok
10:31:33.0393 0x13cc  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
10:31:33.0411 0x13cc  vmicrdv - ok
10:31:33.0419 0x13cc  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
10:31:33.0436 0x13cc  vmicshutdown - ok
10:31:33.0444 0x13cc  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
10:31:33.0461 0x13cc  vmictimesync - ok
10:31:33.0467 0x13cc  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
10:31:33.0484 0x13cc  vmicvmsession - ok
10:31:33.0492 0x13cc  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
10:31:33.0510 0x13cc  vmicvss - ok
10:31:33.0514 0x13cc  [ 0AB9C264F13E2A070A8CF10EDD099ED2, 2E7EB4EE8DCBBCA497CC0E7F4BE057627E9702B6FAF56A7DBCA1325236C880EC ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
10:31:33.0524 0x13cc  volmgr - ok
10:31:33.0533 0x13cc  [ 6EE608257C1137A25B402EF8FC77E83A, 3AE684EBA32563468AD917155C93220F938460A699FBFC3DB8436F83C0C54209 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
10:31:33.0548 0x13cc  volmgrx - ok
10:31:33.0557 0x13cc  [ E3429DBBEA3965BB96E24B16EF4A2551, 0CEE2DEF75C6761DA67AFD3BBF8DEEB1331796719EB84D658B3E517DEC824B49 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
10:31:33.0573 0x13cc  volsnap - ok
10:31:33.0577 0x13cc  [ 86E790B503C771E674C7DF8FFCBFEFDB, 634B27C4FA363A2165D3D6929D3B22F41EE06198C579A70D446A48830924467B ] volume          C:\WINDOWS\system32\drivers\volume.sys
10:31:33.0586 0x13cc  volume - ok
10:31:33.0590 0x13cc  [ B25589A0892E6DF8CC07E5CB48BFC954, DA29974426EFD4472A3828FA0EF31AD3860AA8068AB66B5F4BE6A412BC3E73E9 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
10:31:33.0599 0x13cc  vpci - ok
10:31:33.0605 0x13cc  [ AA4466A47D2CA7ECE3DCF5256017DCC3, 83414BFBD3DF1CB7417F0F55709E8180D97FA20A74581C34EAAFF667FBEBFD93 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
10:31:33.0616 0x13cc  vsmraid - ok
10:31:33.0644 0x13cc  [ 0BB73BF6FDDD19DE3DE9377EA95E4C64, 74B6E612F9E009A5E43B603BCAD854F3711F6C8A7ED0328B1E3A9B2D4C9EA342 ] VSS             C:\WINDOWS\system32\vssvc.exe
10:31:33.0694 0x13cc  VSS - ok
10:31:33.0706 0x13cc  [ 98BB6C9AD39D8F2E883093F28282FAEC, 63F4036A1DB23C20AAEEC1CA8ABDE9B46FA09A55EA4E5DB0C0B5D6D58ABAD62F ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
10:31:33.0720 0x13cc  VSTXRAID - ok
10:31:33.0724 0x13cc  [ B47026E109828102266CBE2F5F9AD113, 28C76B34C48BACEA267A208CC758BB55539323B16300E869AE71B6A99A849AB5 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
10:31:33.0743 0x13cc  vwifibus - ok
10:31:33.0747 0x13cc  [ 799ECD541A9B2764B36A22A095885365, E255E74682927D662294AA3F88FDA211EEE603466EB264E8941C3BACC6A0E530 ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
10:31:33.0767 0x13cc  vwififlt - ok
10:31:33.0771 0x13cc  [ 82CA088A33517D1C8571D6850CC13D7E, 0401A08EAF36DB393B74FE8693C60F62EDE10BBC9300C76812C7D01B6AE9A051 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
10:31:33.0790 0x13cc  vwifimp - ok
10:31:33.0802 0x13cc  [ E75460AC4E936BFC0703021DB0BB17B8, D9985C3206B503659FD2F4EE7FD0B9AF8CB2DE821BFD68B13C9E3BD9CE5AEF6B ] W32Time         C:\WINDOWS\system32\w32time.dll
10:31:33.0833 0x13cc  W32Time - ok
10:31:33.0839 0x13cc  [ A57B80F078FE71DEC1D0487DA70A56FD, F26F273BB45CBCACE440B08FF14C05D1B89046AE669195B4DAD50129835B1D9C ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
10:31:33.0851 0x13cc  w3logsvc - ok
10:31:33.0863 0x13cc  [ 08088DC69903630B80EEC8DB3C87FB1D, 939215139C185317B103516644F8B76DDC8C8A42078887C7E750A317E691C456 ] W3SVC           C:\WINDOWS\system32\inetsrv\iisw3adm.dll
10:31:33.0888 0x13cc  W3SVC - ok
10:31:33.0892 0x13cc  [ F0F477541F7AF67CC05DA1CF4921A500, F7DD2F49B61C484596DE3893683B1172A138386BD71F54BFCF37A31005C7368F ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
10:31:33.0902 0x13cc  WacomPen - ok
10:31:33.0913 0x13cc  [ A0957CBC1C054A87EE7A65A994102A96, CB6339F3F67D0E33C26E6756F88869574B84426B20C907E094F83B9DC5E36A3E ] WalletService   C:\WINDOWS\system32\WalletService.dll
10:31:33.0934 0x13cc  WalletService - ok
10:31:33.0938 0x13cc  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:31:33.0959 0x13cc  wanarp - ok
10:31:33.0964 0x13cc  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:31:33.0983 0x13cc  wanarpv6 - ok
10:31:33.0995 0x13cc  [ 08088DC69903630B80EEC8DB3C87FB1D, 939215139C185317B103516644F8B76DDC8C8A42078887C7E750A317E691C456 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
10:31:34.0019 0x13cc  WAS - ok
10:31:34.0047 0x13cc  [ EA0524A2A01792796EC80AE2FE08307A, 68CC0F3451C6797222411C276376C7741C96C45E628DD77FB1FB17C10DC0EA8A ] wbengine        C:\WINDOWS\system32\wbengine.exe
10:31:34.0095 0x13cc  wbengine - ok
10:31:34.0119 0x13cc  [ 5E3E24AA72FA75D6322C7286917BEB4A, 97D0CF00873A5A70C1B4A73AD41F4053B22810DA37FF2E8528D510216311FEE1 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
10:31:34.0152 0x13cc  WbioSrvc - ok
10:31:34.0159 0x13cc  [ 2B7CCCFBB166100842D31440228588CF, FC0BE611C5497A0579E7D8F268BBE1BD520A8A764F112C7C5CC631767B683B79 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
10:31:34.0170 0x13cc  wcifs - ok
10:31:34.0187 0x13cc  [ E00FE13E415C97C60E5A418965372A74, E74EBE34D3056F52231C7B12E6294AED1C4F02219E853D5E70AA05D823C800D5 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
10:31:34.0219 0x13cc  Wcmsvc - ok
10:31:34.0230 0x13cc  [ 2C396871F724DDF871A2EF4CADE5151D, 8CAD8A393F0CC447432E1BED21A691E25356F7DBC06E3887138A6F86CB1D656D ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
10:31:34.0252 0x13cc  wcncsvc - ok
10:31:34.0258 0x13cc  [ 1737BEF60CA384423CE4B32AF1C2BFFC, D61353D3B2EAEDFDCBB5DB3AD27E76396CC7755AFF01233307EAA1967493DE63 ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
10:31:34.0269 0x13cc  wcnfs - ok
10:31:34.0273 0x13cc  [ 38130C1C5FE0E08820EE57E1B087B659, 3705AA4699D4C402C0BBC5BC4E1EE67CB4A4B9C27702E88952A76891C3A3F496 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
10:31:34.0283 0x13cc  WdBoot - ok
10:31:34.0301 0x13cc  [ 0C6CBF3490EE5F0D62B5820568CA30B8, 97EDEC84DA72A900D7740B8763DDDAB600628F3F1E1DDE1212383C2E60FDC77C ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
10:31:34.0323 0x13cc  Wdf01000 - ok
10:31:34.0331 0x13cc  [ F7B6CB0F9ECD28848E2BDACEAB0D9204, B64D91A36600AEBE656F0514AF8653C294DE88054FE6DBB7B1A6D0A23D2A5131 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
10:31:34.0345 0x13cc  WdFilter - ok
10:31:34.0350 0x13cc  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
10:31:34.0367 0x13cc  WdiServiceHost - ok
10:31:34.0370 0x13cc  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
10:31:34.0387 0x13cc  WdiSystemHost - ok
10:31:34.0402 0x13cc  [ 2974422E31DBC953A585A065EF736948, B2E689579C12B1A8B2CB4F04875157E894CE747DF56A9B7083E04A8C9B85EAC5 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
10:31:34.0438 0x13cc  wdiwifi - ok
10:31:34.0443 0x13cc  [ 82A4F22C884B4BAE8B531640859F9871, 1C662557F671FA680E7CC2FC565B198470E421778BD03749CD05B2928568C430 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
10:31:34.0453 0x13cc  WdNisDrv - ok
10:31:34.0456 0x13cc  WdNisSvc - ok
10:31:34.0464 0x13cc  [ 9066FE8EAB91E15437CB3C43757F2A65, 1F8B3D8C90C7862CCAB91D170F49E7F1D58FABAFA1C8DDDE1796404D1DD98707 ] WebClient       C:\WINDOWS\System32\webclnt.dll
10:31:34.0483 0x13cc  WebClient - ok
10:31:34.0490 0x13cc  [ F322B8E6C5614E7975C8BF34B7A6710E, 299816001856E8C91BFBB9C48D87B7ACBD5A39F6A65147F5AE6EDB3065A893E9 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
10:31:34.0508 0x13cc  Wecsvc - ok
10:31:34.0511 0x13cc  [ 04CA184EB5743DE5A2CCEEF2DB2DA8B3, E16921496F57B78A152A103F8D58601C9687360048A6CB51E76A96E3B64CC0FA ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
10:31:34.0524 0x13cc  WEPHOSTSVC - ok
10:31:34.0529 0x13cc  [ BA78F20F7FD7709EA3AAAD91F8535EDA, D1DFBFCBBB8D4D992FBF3B340DB6A2F5DDC7E55F52E1100297EA2004FF752A2B ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
10:31:34.0546 0x13cc  wercplsupport - ok
10:31:34.0552 0x13cc  [ E5AE3B23620126483B957BDFF38FE7B7, 306AAA0B37F3914FE590A5DBFBF640C79173150C006BC7A6CF1683D85C0AFC5F ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
10:31:34.0568 0x13cc  WerSvc - ok
10:31:34.0580 0x13cc  [ 51D61CA3CED9A0C4E5501EEDBD48039F, 95F9CC67537DEABE501B59351624F02126BC9B9DBB72016423FF997090A2128B ] WFDSConMgrSvc   C:\WINDOWS\System32\wfdsconmgrsvc.dll
10:31:34.0615 0x13cc  WFDSConMgrSvc - ok
10:31:34.0622 0x13cc  [ 3C8F0ABD00E197101DCF43FEF8FB0D76, AF5C68B85EE1503ACD4AEA1D997F816C34293A77791D59A605DC18450B4906DE ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
10:31:34.0633 0x13cc  WFPLWFS - ok
10:31:34.0637 0x13cc  [ 2DEB40D6837956CE08A8F9EB3ECA5A01, B40D23E54CDF6BE05D6C5DA536BF6D998E79EDE9C391A42452F9F69EE206EA1E ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
10:31:34.0651 0x13cc  WiaRpc - ok
10:31:34.0655 0x13cc  [ 75014BF6510D4C6C69EEE5B7743A52AF, 11AEEF4D52C35E5A7006713836ECF1198A53CD02736E792B1C698144CA1363F0 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
10:31:34.0663 0x13cc  WIMMount - ok
10:31:34.0665 0x13cc  WinDefend - ok
10:31:34.0673 0x13cc  [ C8EBCFED8FD2CDF725E44AF93016621E, A0B76E55CC535A0F1D79C3C0EC59753086EAB669EC7ADA4F97656DCAD2A69448 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
10:31:34.0682 0x13cc  WindowsTrustedRT - ok
10:31:34.0686 0x13cc  [ D318557F9D7CA3836104F0B8ECB1F32E, 6850BBFB4F65167B052F3CA22FD72E9188A14FD2A9CC085861B4BC40CBA34249 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
10:31:34.0694 0x13cc  WindowsTrustedRTProxy - ok
10:31:34.0711 0x13cc  [ 61F0D6574577499FB43D9F4870B08A7F, 757ACD4F292C43B04B6428D84A7147DE8E565716D94B6B02F288F3B5E2D1C135 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
10:31:34.0738 0x13cc  WinHttpAutoProxySvc - ok
10:31:34.0743 0x13cc  [ 31DDF1D001336B2DCE7DF24E99EF1D04, A1FCABF4A263BFAE042FE7A9F6C15FD9B3D8E985278C32AE8975ECE79B341277 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
10:31:34.0751 0x13cc  WinMad - ok
10:31:34.0764 0x13cc  [ 9A26F7834706A6D8C8824EB08FD7C362, 750F6A0759D70BE481C70FE4BB21D18E756A8F0C23A014C2CE1E7729A1E625FE ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
10:31:34.0787 0x13cc  Winmgmt - ok
10:31:34.0842 0x13cc  [ 2E1A614EFB0523E20860AE7978DDA0A4, E13564690F9977747CA676D3843B467506447F060A5FF6676835A9C7A30BA409 ] WinNat          C:\WINDOWS\system32\drivers\winnat.sys
10:31:34.0877 0x13cc  WinNat - ok
10:31:34.0967 0x13cc  [ 27DAA9AA3E03C1068678D5659461BB32, AFDED6D671C430F296C9EAA73590111D6A8A9FA93DFE0595B90467FFE28EFB35 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
10:31:35.0057 0x13cc  WinRM - ok
10:31:35.0069 0x13cc  [ 03858B18BB6DF6A400D9FC5153FD28A8, C7AD69B022AEFDDDAFB74CCCDF20AF9CCDBA0097634BBBD07A2EFBA5922560C1 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
10:31:35.0081 0x13cc  WINUSB - ok
10:31:35.0085 0x13cc  [ 0BF4A43CF1F3A4D50AFA4561C3B4628D, 2D0B4E7004C8AC8A9EE07E6D5241BF32395CA142BF3B03FA9CF00BC6720A6AC7 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
10:31:35.0094 0x13cc  WinVerbs - ok
10:31:35.0110 0x13cc  [ 11DDD4C9BDF095A5F5B5ACA98FBBF7A2, CFA76C197987CC9EBFE4AC2AD6FE9A9620819B50E9DD423BCE13F7DB5DA641D8 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
10:31:35.0136 0x13cc  wisvc - ok
10:31:35.0177 0x13cc  [ E624376E7E7D9AC203113140D9E618A2, 3553D343665194492E38B8C437DE429CEAC135D69EC0CB951BA3E3A7549F673E ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
10:31:35.0256 0x13cc  WlanSvc - ok
10:31:35.0316 0x13cc  [ 2393C4DB3DF3D19B0B920AD607098E79, D632671247DE3808D9C5B36A3FF173C86BB3AD274D03C851BCD417CE62B3820D ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
10:31:35.0380 0x13cc  wlidsvc - ok
10:31:35.0409 0x13cc  [ E5AB2E0B4F766E34AFC768D9769A24D7, 0DE04B2F43B9DCC92F9215B1058EE4ABA228B9986051CF39959555C12DF017B3 ] wlpasvc         C:\WINDOWS\System32\lpasvc.dll
10:31:35.0458 0x13cc  wlpasvc - ok
10:31:35.0465 0x13cc  [ 0D6E1347A891607759340B1E55BA2A77, 033DF14920A581FE7E21C6930280AE159B5634F2FEAF79423E8D0B7D46500048 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
10:31:35.0475 0x13cc  WmiAcpi - ok
10:31:35.0483 0x13cc  [ F7B122E8A238354DE344B77216E8D9AC, 3C4F864655CFF786B33333E643AA929B2D2B01ECD56EEEEADE7CEAB38249DA3B ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
10:31:35.0504 0x13cc  wmiApSrv - ok
10:31:35.0506 0x13cc  WMPNetworkSvc - ok
10:31:35.0513 0x13cc  [ 1AE1076034392218EE89D2744EC2A071, 695C28E2697B12BBD919687176CE082E94887A5D8B6229F163A26F6EDF401C4C ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
10:31:35.0526 0x13cc  Wof - ok
10:31:35.0559 0x13cc  [ D571821EDAA1F23EB521314FB9AA1C88, 7F16E6915060BD5FABE0805284631F92EEC11234579D09C3CEDDBF73D312E7F5 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
10:31:35.0614 0x13cc  workfolderssvc - ok
10:31:35.0623 0x13cc  [ 2AD9CC8445F0E1A8900A9DE123643CD2, A5928B26722DFBB201A32DEF48B25D4BF291815EA68CF50CBE79EEA9260A71E3 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
10:31:35.0636 0x13cc  WPDBusEnum - ok
10:31:35.0641 0x13cc  [ 1FD80CBB192A20375F3664639DEB57B5, 7A4789D4B2F8E289726E1C723DC00D5AC1F8C5E00FB2879C9D0E6DDC97D2B1A6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
10:31:35.0649 0x13cc  WpdUpFltr - ok
10:31:35.0657 0x13cc  [ 3369EF007E43B88EAC8F1789B43D4393, 347F9F7DF980BB739895EDFE72E2E595EF56634330DC63DAA36403AB232B5B5A ] WpnService      C:\WINDOWS\system32\WpnService.dll
10:31:35.0675 0x13cc  WpnService - ok
10:31:35.0680 0x13cc  [ 41403B9466EDA80FACD7713478A56DF8, A71BF9C7A2483FE1F660AC9688FCB38BA2310F16A69EB117C948458364953F34 ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
10:31:35.0693 0x13cc  WpnUserService - ok
10:31:35.0699 0x13cc  [ 7CA09731EB7FC99B910C7F239E57720F, 502F8917A0811F37C39B2B3F5E9B4F38A0E899C30CB29D3ECD87A50FF228E536 ] WPRO_41_2001    C:\WINDOWS\system32\drivers\WPRO_41_2001.sys
10:31:35.0705 0x13cc  WPRO_41_2001 - ok
10:31:35.0709 0x13cc  [ DAF4451760B46CB383D287C4FAFFE97D, 658AFE31EF50E934FEDD2E7048257DBFE9E6DE5F1ACDC658B21737391CF1CC5A ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
10:31:35.0726 0x13cc  ws2ifsl - ok
10:31:35.0733 0x13cc  [ D4A0661AB0FE542460CA76BFB4FAA2D6, 149F0A0720C47BFFCA68165A46382E5CBB273F48483DBB598CEA320801664718 ] wscsvc
C:\WINDOWS\System32\wscsvc.dll
10:31:35.0751 0x13cc  wscsvc - ok
10:31:35.0754 0x13cc  [ F6E37A2C168A58F0172DA50018959228, C97305641F63BC84F5207A739F442ACB0A5FD9262331BB61C4B00CF2C6D94121 ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
10:31:35.0766 0x13cc  WSDPrintDevice - ok
10:31:35.0768 0x13cc  WSearch - ok
10:31:35.0814 0x13cc  [ 05BEDBBEEAAC22F98FCA529FAC659582, E4D2FFF98034E2E7FE0478AB9C8D677CA932349A976DFC0C2B65DB15C71354B4 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
10:31:35.0886 0x13cc  wuauserv - ok
10:31:35.0892 0x13cc  [ 455609BF60DA3B57EEAB863DEFCCF14D, F55271C42B7AFD17D01275703719C1F52C21996DB82AC78A70A8A8B62370623B ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
10:31:35.0907 0x13cc  WudfPf - ok
10:31:35.0920 0x13cc  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
10:31:35.0944 0x13cc  WUDFRd - ok
10:31:35.0949 0x13cc  [ 9EFE23CA208BF4B613FF4A6028DFAB10, 483D8D8DA578BF3EA5617EAB42457543EC6F97C1977BDD8ABFDF854AE3AAFD35 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
10:31:35.0964 0x13cc  wudfsvc - ok
10:31:35.0971 0x13cc  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
10:31:35.0987 0x13cc  WUDFWpdFs - ok
10:31:35.0992 0x13cc  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
10:31:36.0009 0x13cc  WUDFWpdMtp - ok
10:31:36.0034 0x13cc  [ 3EEF7185E0974D9AB2D65CA3214132CF, 44DB1D11B6B1D180F59AB3FE4D7235F7F2FD709A853F6A64E8E379FFFD16CD3C ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
10:31:36.0090 0x13cc  WwanSvc - ok
10:31:36.0103 0x13cc  [ FC0147AB34C7CDB2D8A1B29C207F2CD1, 737D40A4BE35AD13C091D8E320FAD3FD7C0C7E41C8B50E48D3C2151712A55718 ] xbgm            C:\WINDOWS\System32\xbgmsvc.dll
10:31:36.0118 0x13cc  xbgm - ok
10:31:36.0138 0x13cc  [ 8C7C5945C3545CA767BE111D78C15314, 5A938679DA3EDA2D9CA7034908DFEFCC7DAADB10DFD0CF4ECE882FF536D1BFA2 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
10:31:36.0176 0x13cc  XblAuthManager - ok
10:31:36.0199 0x13cc  [ A8BD191F46CC58E45637CB3E262CF0F2, CA65524427ECDB5E1138A5F8E885566064E507BA60FC31E0D9D17B9556CC9ADC ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
10:31:36.0238 0x13cc  XblGameSave - ok
10:31:36.0247 0x13cc  [ 3AC720A97FE4B6325F3012B21AF74390, 41AC655BD5CE5016BAA482534D1CEA6E11EAECE121344B45A5C8DF84A83807F4 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
10:31:36.0263 0x13cc  xboxgip - ok
10:31:36.0267 0x13cc  [ E099DED5C602AE4A7ECCF7CD4B1D2E33, 7FDAFFE13B87A8E6AA8721F8905FFF6EF04CAB93009F68EDA862B57EBB04514F ] XboxGipSvc      C:\WINDOWS\System32\XboxGipSvc.dll
10:31:36.0279 0x13cc  XboxGipSvc - ok
10:31:36.0299 0x13cc  [ 8489AA1A36074B3487BFDA8A9FDBAB3D, 59337C1F65AF42820260FCE271D18C2221B64A5E53005A11ECF397F651031C6A ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
10:31:36.0344 0x13cc  XboxNetApiSvc - ok
10:31:36.0351 0x13cc  [ 2E50A379A8E4F6C5D85E87C26C08D329, ADA0C344FE58A3772FFF7417268160E488741C5B2F08CA12ED587AB7F75756F6 ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
10:31:36.0362 0x13cc  xinputhid - ok
10:31:36.0364 0x13cc  ================ Scan global ===============================
10:31:36.0368 0x13cc  [ EEA8447A2E39A39F66C74BA66C421F92, 7FFC5294E0D0438E7450ED36947AB04D0C84DF4E1C9F2D49340D3BA586FFFAB2 ] C:\WINDOWS\system32\basesrv.dll
10:31:36.0376 0x13cc  [ A42970F5DAA633B35322F200C39DF4CF, 91EEA2A5BA8FF0CBCB058218B01E747D29ADE4544AFC5474C71DB380866B4F2E ] C:\WINDOWS\system32\winsrv.dll
10:31:36.0383 0x13cc  [ 7DD72CBE412C9567661F4B1CE9631FC1, 8D914805CBDAF448C8C132C4C3FEB1D90804F4F485180F7364A75EC5655A4DDB ] C:\WINDOWS\system32\sxssrv.dll
10:31:36.0400 0x13cc  [ 800D00D1A7ADA9E341CACDF287347584, 70AD5A458203B35F227F3F6B4783D00424C96AA9E29DB3090CEC8C00E62CD8E5 ] C:\WINDOWS\system32\services.exe
10:31:36.0409 0x13cc  [ Global ] - ok
10:31:36.0409 0x13cc  ================ Scan MBR ==================================
10:31:36.0410 0x13cc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:31:36.0574 0x13cc  \Device\Harddisk0\DR0 - ok
10:31:36.0574 0x13cc  ================ Scan VBR ==================================
10:31:36.0577 0x13cc  [ B44049D096C93E7678052B11DF9BC815 ] \Device\Harddisk0\DR0\Partition1
10:31:36.0579 0x13cc  \Device\Harddisk0\DR0\Partition1 - ok
10:31:36.0582 0x13cc  [ 4AFE8577535EDFBDDBBFAB19F1271092 ] \Device\Harddisk0\DR0\Partition2
10:31:36.0583 0x13cc  \Device\Harddisk0\DR0\Partition2 - ok
10:31:36.0584 0x13cc  ================ Scan generic autorun ======================
10:31:36.0584 0x13cc  SecurityHealth - ok
10:31:36.0600 0x13cc  [ F3E1B4D249B9E2E820870A3C1ED82AC8, AA8BA7B6B0C064253289896CE5283F429C43A22E9D58DB687130899F1A09F8EF ] C:\Windows\system32\igfxtray.exe
10:31:36.0627 0x13cc  IgfxTray - ok
10:31:36.0665 0x13cc  [ EE73B56ED71EB6383F25FA5468923BB2, 0A13F25C55D97A3F86766BED449265514147D41ABB392C9451B9FB070EC7E8E4 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
10:31:36.0705 0x13cc  NvBackend - ok
10:31:36.0714 0x13cc  [ ECB702B8C5650381C0784F1EEABB97BC, 9CC4DDAD2E9AE05A8C5762BA88A13C2B1EE4E25AE98EF01DD041FE35D611DA87 ] C:\Windows\system32\rundll32.exe
10:31:36.0733 0x13cc  ShadowPlay - ok
10:31:36.0738 0x13cc  [ 5677C8C60F4659E8626AC9036EEF38DF, 1C7D3EC3BCB3E34900DD9556A3EBAF449C68585DC8E07682E680790497105B8B ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
10:31:36.0749 0x13cc  Classic Start Menu - ok
10:31:36.0778 0x13cc  [ 72B851911C25A12185C0B02B7296EF76, 1BAE524B79C9DF7E69CAA1C3E341B4EE3128F006262D3EA53E699DF5DD9B879B ] C:\Program Files (x86)\Integrated Camera\monitor.exe
10:31:36.0832 0x13cc  Integrated Camera_Monitor - detected UnsignedFile.Multi.Generic ( 1 )
10:31:36.0949 0x13cc  Detect skipped due to KSN trusted
10:31:36.0949 0x13cc  Integrated Camera_Monitor - ok
10:31:37.0047 0x13cc  [ F43058736E2A514F00E29A8C06814B34, BA3F0AB27AB622A16A13411C9C2844FED678B532C78FF0D4FB557F601510AD6F ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
10:31:37.0119 0x13cc  BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
10:31:40.0217 0x13cc  Detect skipped due to KSN trusted
10:31:40.0217 0x13cc  BrStsMon00 - ok
10:31:40.0315 0x13cc  [ 9F1CEEB223F341A4FAA78763FD9B2EAC, 7F4A0184B97C0907847D33BFD9358909FD10E52B631876BBA79383EC301D4D32 ] C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
10:31:40.0371 0x13cc  IseUI - ok
10:31:40.0877 0x13cc  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
10:31:41.0210 0x13cc  OneDriveSetup - ok
10:31:41.0564 0x13cc  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
10:31:41.0889 0x13cc  OneDriveSetup - ok
10:31:41.0928 0x13cc  [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\Carola Ilgen\AppData\Local\FluxSoftware\Flux\flux.exe
10:31:41.0950 0x13cc  f.lux - ok
10:31:41.0952 0x13cc  Skype - ok
10:31:42.0281 0x13cc  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
10:31:42.0605 0x13cc  OneDriveSetup - ok
10:31:42.0634 0x13cc  [ 9203CEE59C720D1D4BB9A97E4DE4152D, 55743BBED85C3EDB764F30648F23951FE8C76FC4984216596306F4E453D0CCB5 ] C:\Program Files (x86)\Windows Mail\wab.exe
10:31:42.0710 0x13cc  WAB Migrate - ok
10:31:42.0711 0x13cc  Waiting for KSN requests completion. In queue: 6
10:31:43.0910 0x13cc  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.0 ), 0x60100 ( disabled : updated )
10:31:43.0910 0x13cc  AV detected via SS2: COMODO Antivirus, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 10.0.1.6223 ), 0x61000 ( enabled : updated )
10:31:43.0912 0x13cc  FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 10.0.1.6223 ), 0x61010 ( enabled )
10:31:44.0224 0x13cc  ============================================================
10:31:44.0224 0x13cc  Scan finished
10:31:44.0224 0x13cc  ============================================================
10:31:44.0245 0x24c8  Detected object count: 0
10:31:44.0245 0x24c8  Actual detected object count: 0
         
Das war jetzt vielleicht ein Batzen.

Alt 05.06.2017, 14:32   #8
M-K-D-B
/// TB-Ausbilder
 
ESET meldet Funde - Standard

ESET meldet Funde



Servus,



Comodo bitte während der Schritte deaktivieren, es stört nur die Bereinigung!






Schritt 0
Gib in das Cortana-Suchfeld (Textfeld links unten in der Taskleiste) "Aufgabenplanung" ein und drücke Enter.
Wähle links Aufgabenplanungsbibliothek > Microsoft > Office aus.
Wähle den Task OfficeBackgroundTaskHandlerRegistration aus und klicke rechts auf Deaktivieren.
Schließe die Aufgabenplanung wieder.






Schritt 1
  • Kopiere den Inhalt der folgenden Code-Box:
    Code:
    ATTFilter
    Start::
    CloseProcesses:
    HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
    ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
    ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
    ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
    ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
    GroupPolicy: Beschränkung <======= ACHTUNG
    FF user.js: detected! => C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\user.js [2016-03-04]
    FF NetworkProxy: Mozilla\Firefox\Profiles\j5h72v37.default -> type", 0
    Task: {1D85A55B-993A-45E3-B015-250C795151A1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
    Task: {4A7ED33F-A84F-48AC-B000-ABED4901E0AB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
    Task: {5FFE647A-3E5D-4594-9EA5-5B65B185DC03} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
    Task: {6C4BAE11-65C4-4950-BC26-FF6B6A1A14CA} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
    Task: {B87DE87D-F54B-4E90-8A66-A192864D7052} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
    Task: {C5050B7C-1F8D-40E9-9E24-20623960C6E4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
    Task: {E59B3A1A-4F35-4A9C-B55C-FFE33FBD2B8F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
    Task: {EABE54ED-1BBC-44FF-977C-F9A4D104791A} - System32\Tasks\{A77B8121-4DF6-4C06-AC86-940FC3B7AF54} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}\setup.exe" -c -runfromtemp -l0x0007 -removeonly
    Task: {EBA005EB-9167-49FC-B0CA-71599621456C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
    Unlock: C:\WINDOWS\system32\Drivers\etc\hosts
    C:\WINDOWS\system32\Drivers\etc\hosts
    CMD: dir "%ProgramFiles%"
    CMD: dir "%ProgramFiles(x86)%"
    CMD: dir "%ProgramData%"
    CMD: dir "%Appdata%"
    CMD: dir "%LocalAppdata%"
    CMD: dir "%CommonProgramFiles(x86)%"
    CMD: dir "%CommonProgramW6432%"
    CMD: dir "%UserProfile%"
    CMD: dir "C:\"
    Hosts:
    RemoveProxy:
    CMD: ipconfig /flushdns
    CMD: netsh winsock reset
    EmptyTemp:
    End::
             
  • Starte nun FRST und klicke den Entfernen Button.
  • Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
  • Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.





Schritt 2
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • Image File Execution Options Schlüssel
    • "Tracing" Schlüssel
    • "Prefetch" Dateien
    • Proxy
    • Winsock
    • Firewall
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
    • Hosts-Datei
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 3
  • Deinstalliere Malwarebytes' Anti-Malware 2 über die Systemsteuerung. (Bebilderte Anleitung)
  • Starte den Rechner im Anschluss neu auf.
  • Downloade dir den MBAM Uninstaller auf deinen Desktop.
  • Schließe alle offenen Programme und führe den Uninstaller aus. Der Rechner muss zum Abschluss neu gestartet werden.





Schritt 4
Downloade Dir bitte Malwarebytes Anti-Malware 3
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM nach dem Neustart, klicke auf Berichte.
  • Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
  • Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.





Schritt 5
  • Starte die FRST erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die beiden neuen Logdateien von FRST.
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 05.06.2017, 17:47   #9
Gloriaflyx
 
ESET meldet Funde - Standard

ESET meldet Funde



Dann mal ran an den Speck:

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-06-2017
durchgeführt von Gloriaflyx (05-06-2017 17:22:27) Run:1
Gestartet von C:\Users\Gloriaflyx\Desktop
Geladene Profile: Gloriaflyx (Verfügbare Profile: Gloriaflyx & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************

CloseProcesses:
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  -> Keine Datei
GroupPolicy: Beschränkung <======= ACHTUNG
FF user.js: detected! => C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\user.js [2016-03-04]
FF NetworkProxy: Mozilla\Firefox\Profiles\j5h72v37.default -> type", 0
Task: {1D85A55B-993A-45E3-B015-250C795151A1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {4A7ED33F-A84F-48AC-B000-ABED4901E0AB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {5FFE647A-3E5D-4594-9EA5-5B65B185DC03} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {6C4BAE11-65C4-4950-BC26-FF6B6A1A14CA} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {B87DE87D-F54B-4E90-8A66-A192864D7052} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {C5050B7C-1F8D-40E9-9E24-20623960C6E4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {E59B3A1A-4F35-4A9C-B55C-FFE33FBD2B8F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {EABE54ED-1BBC-44FF-977C-F9A4D104791A} - System32\Tasks\{A77B8121-4DF6-4C06-AC86-940FC3B7AF54} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}\setup.exe" -c -runfromtemp -l0x0007 -removeonly
Task: {EBA005EB-9167-49FC-B0CA-71599621456C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Unlock: C:\WINDOWS\system32\Drivers\etc\hosts
C:\WINDOWS\system32\Drivers\etc\hosts
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
CMD: dir "%UserProfile%"
CMD: dir "C:\"
Hosts:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:

*****************

Prozesse erfolgreich geschlossen.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoInternetOpenWith => Wert erfolgreich entfernt
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1 => Schlüssel erfolgreich entfernt
HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Schlüssel nicht gefunden. 
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2 => Schlüssel erfolgreich entfernt
HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Schlüssel nicht gefunden. 
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3 => Schlüssel erfolgreich entfernt
HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Schlüssel nicht gefunden. 
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4 => Schlüssel erfolgreich entfernt
HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Schlüssel nicht gefunden. 
C:\WINDOWS\system32\GroupPolicy\Machine => erfolgreich verschoben
C:\WINDOWS\system32\GroupPolicy\GPT.ini => erfolgreich verschoben
C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\user.js => nicht gefunden.
C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\user.js => nicht gefunden.
Firefox Proxy-Einstellungen wurden zurückgesetzt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1D85A55B-993A-45E3-B015-250C795151A1} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D85A55B-993A-45E3-B015-250C795151A1} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4A7ED33F-A84F-48AC-B000-ABED4901E0AB} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A7ED33F-A84F-48AC-B000-ABED4901E0AB} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FFE647A-3E5D-4594-9EA5-5B65B185DC03} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FFE647A-3E5D-4594-9EA5-5B65B185DC03} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C4BAE11-65C4-4950-BC26-FF6B6A1A14CA} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C4BAE11-65C4-4950-BC26-FF6B6A1A14CA} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B87DE87D-F54B-4E90-8A66-A192864D7052} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B87DE87D-F54B-4E90-8A66-A192864D7052} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5050B7C-1F8D-40E9-9E24-20623960C6E4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5050B7C-1F8D-40E9-9E24-20623960C6E4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E59B3A1A-4F35-4A9C-B55C-FFE33FBD2B8F} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E59B3A1A-4F35-4A9C-B55C-FFE33FBD2B8F} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EABE54ED-1BBC-44FF-977C-F9A4D104791A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EABE54ED-1BBC-44FF-977C-F9A4D104791A} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{A77B8121-4DF6-4C06-AC86-940FC3B7AF54} => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A77B8121-4DF6-4C06-AC86-940FC3B7AF54} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EBA005EB-9167-49FC-B0CA-71599621456C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EBA005EB-9167-49FC-B0CA-71599621456C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel erfolgreich entfernt
"C:\WINDOWS\system32\Drivers\etc\hosts" => wurde entsperrt
C:\WINDOWS\system32\Drivers\etc\hosts => erfolgreich verschoben

========= dir "%ProgramFiles%" =========

 Datentr„ger in Laufwerk C: ist System
 Volumeseriennummer: 7EBE-FDEA

 Verzeichnis von C:\Program Files

17.05.2017  17:58    <DIR>          .
17.05.2017  17:58    <DIR>          ..
27.08.2016  17:29    <DIR>          7-Zip
22.08.2016  20:02    <DIR>          Classic Shell
17.05.2017  17:58    <DIR>          Common Files
17.01.2014  18:49    <DIR>          COMODO
19.12.2014  22:23    <DIR>          dm
19.06.2016  12:18    <DIR>          DVD Maker
28.03.2014  16:06    <DIR>          Fraps
20.10.2016  09:26    <DIR>          Hola
22.09.2015  22:02    <DIR>          IIS Express
17.05.2017  17:58    <DIR>          Intel
20.03.2017  06:41    <DIR>          Internet Explorer
17.01.2014  22:38    <DIR>          Lenovo
12.03.2017  13:23    <DIR>          Microsoft Office 15
22.05.2017  22:06    <DIR>          Mozilla Firefox
17.05.2017  18:47    <DIR>          MSBuild
31.05.2017  21:34    <DIR>          NVIDIA Corporation
24.04.2017  10:51    <DIR>          Paint.NET
03.05.2017  10:27    <DIR>          PDFCreator
14.05.2016  15:25    <DIR>          R
17.05.2017  17:56    <DIR>          Realtek
12.01.2017  11:53    <DIR>          Recuva
17.05.2017  18:47    <DIR>          Reference Assemblies
17.05.2017  17:56    <DIR>          Synaptics
02.06.2014  20:32    <DIR>          Teamspeak
10.05.2017  18:29    <DIR>          UNP
20.03.2017  06:41    <DIR>          Windows Defender
20.03.2017  06:43    <DIR>          Windows Defender Advanced Threat Protection
17.05.2017  17:58    <DIR>          Windows Mail
20.03.2017  06:41    <DIR>          Windows Media Player
18.03.2017  23:03    <DIR>          Windows Multimedia Platform
17.05.2017  18:07    <DIR>          Windows NT
17.05.2017  18:52    <DIR>          Windows Photo Viewer
18.03.2017  23:03    <DIR>          Windows Portable Devices
18.03.2017  23:03    <DIR>          Windows Security
18.03.2017  23:03    <DIR>          WindowsPowerShell
               0 Datei(en),              0 Bytes
              37 Verzeichnis(se), 59.324.444.672 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramFiles(x86)%" =========

 Datentr„ger in Laufwerk C: ist System
 Volumeseriennummer: 7EBE-FDEA

 Verzeichnis von C:\Program Files (x86)

04.06.2017  22:27    <DIR>          .
04.06.2017  22:27    <DIR>          ..
18.06.2016  10:02    <DIR>          Adobe
08.03.2014  20:10    <DIR>          Age of Empires 2
31.08.2015  10:32    <DIR>          Ahnenblatt
20.02.2017  22:36    <DIR>          Anvsoft
13.05.2014  16:39    <DIR>          Assassin's Creed
28.03.2014  17:41    <DIR>          Assassin's Creed Brotherhood
26.03.2014  20:56    <DIR>          Assassin's Creed III
14.03.2015  16:08    <DIR>          Assassin's Creed Liberation
16.07.2016  22:36    <DIR>          Audacity
03.08.2015  17:25    <DIR>          Battle.net
23.03.2016  15:07    <DIR>          Brother
23.03.2016  15:07    <DIR>          Browny02
17.01.2014  19:33    <DIR>          CDBurnerXP
22.10.2015  13:22           159.657 changelog.txt
19.05.2015  21:14    <DIR>          Cisco
04.06.2017  22:27    <DIR>          Common Files
25.04.2017  21:09    <DIR>          COMODO
07.11.2015  18:45           375.544 createfileassoc.exe
18.06.2015  19:34    <DIR>          Diablo II
17.01.2014  18:18    <DIR>          Dolby Advanced Audio v2
20.03.2017  22:35    <DIR>          DVDVideoSoft
07.11.2015  18:45           447.464 error_report.exe
27.05.2017  16:21    <DIR>          ESET
04.06.2017  22:22    <DIR>          FanFictionDownloader
27.09.2016  21:11    <DIR>          Fraps
06.11.2016  12:13    <DIR>          FreeCodecPack
13.09.2015  16:41    <DIR>          gfx
10.01.2017  23:54    <DIR>          Google
28.06.2015  15:42    <DIR>          Hero Editor
22.09.2015  22:02    <DIR>          IIS Express
13.09.2015  16:41    <DIR>          imageformats
17.01.2014  22:35    <DIR>          Integrated Camera
16.08.2016  20:52    <DIR>          Intel
20.03.2017  06:41    <DIR>          Internet Explorer
17.01.2014  19:18    <DIR>          IrfanView
26.04.2017  18:14    <DIR>          Java
24.03.2014  14:05    <DIR>          Lame For Audacity
17.01.2014  22:38    <DIR>          Lenovo
24.07.2015  21:56    <DIR>          LG Electronics
21.09.2015  16:24         1.709.056 libeay32.dll
04.06.2017  22:13    <DIR>          LibreOffice 5
13.09.2015  23:01    <DIR>          lol game
29.12.2016  14:16    <DIR>           Malwarebytes Anti-Malware 
14.05.2015  09:12    <DIR>          Microsoft
26.05.2017  20:55    <DIR>          Microsoft Office
10.09.2016  11:12    <DIR>          Microsoft SQL Server Compact Edition
19.09.2014  11:28    <DIR>          Microsoft XNA
17.05.2017  17:58    <DIR>          Microsoft.NET
25.04.2017  21:01    <DIR>          Mozilla Firefox
25.05.2017  12:49    <DIR>          Mozilla Maintenance Service
04.06.2017  13:29    <DIR>          Mp3tag
17.05.2017  18:47    <DIR>          MSBuild
05.10.2013  00:58           660.128 msvcp120.dll
05.10.2013  00:58           963.232 msvcr120.dll
21.01.2017  17:59    <DIR>          MyHeritage
19.07.2014  18:45    <DIR>          NCH Software
13.09.2015  16:41    <DIR>          news
13.03.2014  22:51    <DIR>          No23
10.02.2017  18:02    <DIR>          NVIDIA Corporation
19.02.2015  15:26    <DIR>          Opera
07.11.2015  18:45         1.704.176 OverwolfTeamSpeakInstaller.exe
07.11.2015  18:45           475.112 package_inst.exe
10.10.2016  17:44    <DIR>          Paint.NET
03.02.2015  10:10    <DIR>          PDFCreator
13.09.2015  16:41    <DIR>          platforms
13.09.2015  16:41    <DIR>          plugins
22.10.2015  11:20               321 plugin_sdk.html
21.09.2015  16:47         5.626.368 Qt5Core.dll
21.09.2015  16:48         3.937.280 Qt5Gui.dll
21.09.2015  16:48         1.092.608 Qt5Network.dll
21.09.2015  16:47           216.576 Qt5Sql.dll
21.09.2015  16:50         5.424.128 Qt5Widgets.dll
22.10.2015  13:22           175.080 quazip.dll
14.06.2015  17:36    <DIR>          RD
18.08.2014  13:53    <DIR>          Realtek
17.05.2017  18:47    <DIR>          Reference Assemblies
17.01.2014  22:55    <DIR>          Secunia
29.02.2012  15:40    <DIR>          Setting
04.07.2014  21:12    <DIR>          Sims 3
23.05.2017  18:53    <DIR>          Skype
13.09.2015  16:41    <DIR>          sound
13.09.2015  16:41    <DIR>          soundbackends
13.09.2015  16:41    <DIR>          sqldrivers
21.09.2015  16:24           317.440 ssleay32.dll
05.06.2017  13:46    <DIR>          Steam
28.03.2014  19:07    <DIR>          Stronghold
13.09.2015  16:41    <DIR>          styles
17.05.2017  17:56    <DIR>          SunplusIT Integrated Camera
25.02.2015  17:40    <DIR>          SystemRequirementsLab
14.06.2015  17:28    <DIR>          temppath
28.07.2014  21:02    <DIR>          Temspeak server
13.09.2015  16:41    <DIR>          translations
07.11.2015  18:45        11.544.552 ts3client_win64.exe
23.03.2014  21:48    <DIR>          Ubisoft
07.11.2015  18:45           390.800 Uninstall.exe
07.11.2015  18:45         1.514.984 update.exe
22.10.2015  11:20           520.934 usb.ids
02.04.2015  21:16    <DIR>          VLC
31.03.2015  22:06    <DIR>          VS Revo Group
31.05.2017  21:34    <DIR>          VulkanRT
20.03.2017  06:41    <DIR>          Windows Defender
23.10.2014  21:44    <DIR>          Windows Live
17.05.2017  17:58    <DIR>          Windows Mail
20.03.2017  06:41    <DIR>          Windows Media Player
18.03.2017  23:03    <DIR>          Windows Multimedia Platform
18.03.2017  23:03    <DIR>          Windows NT
17.05.2017  18:52    <DIR>          Windows Photo Viewer
18.03.2017  23:03    <DIR>          Windows Portable Devices
18.03.2017  23:03    <DIR>          WindowsPowerShell
24.10.2016  19:12    <DIR>          YACReader
              20 Datei(en),     37.255.440 Bytes
              92 Verzeichnis(se), 59.324.538.880 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramData%" =========

 Datentr„ger in Laufwerk C: ist System
 Volumeseriennummer: 7EBE-FDEA

 Verzeichnis von C:\ProgramData

05.06.2016  15:10    <DIR>          .mono
18.04.2015  18:13    <DIR>          Adobe
26.09.2014  10:34    <DIR>          Age of Empires 3
17.06.2015  22:39    <DIR>          Battle.net
26.01.2017  21:20    <DIR>          Blackmagic Design
17.06.2015  22:40    <DIR>          Blizzard Entertainment
13.09.2015  16:36    <DIR>          boost_interprocess
23.03.2016  15:04    <DIR>          Brother
24.04.2014  15:04    <DIR>          Canneverbe Limited
30.08.2016  15:39    <DIR>          ClassicShell
16.07.2016  13:47    <DIR>          Comms
25.04.2017  21:09    <DIR>          Comodo
06.04.2017  18:20    <DIR>          Comodo Downloader
23.05.2017  21:48    <DIR>          DigitalWave.ApplicationUpdater_files
19.12.2014  21:26    <DIR>          hps
19.05.2015  21:14    <DIR>          Intel
17.01.2014  22:34    <DIR>          Lenovo
24.07.2015  21:37    <DIR>          LGMOBILEAX
17.03.2015  08:42    <DIR>          Malwarebytes
14.04.2014  15:47    <DIR>          McAfee
12.03.2017  13:23    <DIR>          Microsoft Help
17.05.2017  19:14    <DIR>          Microsoft OneDrive
22.09.2015  22:02               106 Microsoft.SqlServer.Compact.400.64.bc
22.03.2017  17:45                16 mntemp
22.03.2017  17:46    <DIR>          Movavi
22.03.2017  17:45    <DIR>          Movavi Video Converter 17
17.01.2014  19:21    <DIR>          Mozilla
22.03.2017  17:45             5.041 mudtcpaz.vzs
21.01.2017  17:56    <DIR>          MyHeritage
19.07.2014  18:45    <DIR>          NCH Software
19.07.2014  18:41    <DIR>          Nero
05.06.2017  17:22    <DIR>          NVIDIA
17.05.2017  17:58    <DIR>          NVIDIA Corporation
24.01.2015  14:26    <DIR>          Oracle
04.04.2017  16:07    <DIR>          Package Cache
26.04.2014  11:25    <DIR>          PDF Architect 2
10.06.2015  22:25    <DIR>          PDF Architect 3
31.07.2016  15:58    <DIR>          PDF Architect 4
23.03.2016  21:42    <DIR>          pdfforge
26.05.2017  20:56    <DIR>          regid.1991-06.com.microsoft
13.09.2015  15:09    <DIR>          Riot Games
19.05.2015  21:14    <DIR>          Roaming
23.05.2017  18:53    <DIR>          Skype
18.03.2017  23:03    <DIR>          SoftwareDistribution
17.03.2015  09:21    <DIR>          Spybot - Search & Destroy
09.05.2014  13:28    <DIR>          Sun
19.12.2014  21:38    <DIR>          tmp
28.03.2014  17:49    <DIR>          Ubisoft
17.05.2017  19:13    <DIR>          USOPrivate
17.05.2017  19:13    <DIR>          USOShared
20.03.2017  06:43    <DIR>          WindowsHolographicDevices
               3 Datei(en),          5.163 Bytes
              48 Verzeichnis(se), 59.324.522.496 Bytes frei

========= Ende von CMD: =========


========= dir "%Appdata%" =========

 Datentr„ger in Laufwerk C: ist System
 Volumeseriennummer: 7EBE-FDEA

 Verzeichnis von C:\Users\Gloriaflyx\AppData\Roaming

17.05.2017  17:57    <DIR>          .
17.05.2017  17:57    <DIR>          ..
05.06.2016  15:10    <DIR>          .mono
04.02.2016  21:17    <DIR>          Adobe
26.05.2017  11:11    <DIR>          Ahnenblatt
20.02.2017  22:26    <DIR>          Anvsoft
26.01.2017  13:28    <DIR>          Apowersoft
25.05.2017  20:42    <DIR>          Audacity
15.03.2014  15:26    <DIR>          BANDISOFT
20.06.2015  21:18    <DIR>          Battle.net
25.01.2014  14:37    <DIR>          Brother
11.11.2016  12:45    <DIR>          calibre
17.01.2014  19:33    <DIR>          Canneverbe Limited
19.06.2016  12:39    <DIR>          ClassicShell
17.03.2015  14:29    <DIR>          Comodo
23.04.2017  15:08    <DIR>          dvdcss
23.05.2017  21:48    <DIR>          DVDVideoSoft
26.01.2017  21:15    <DIR>          FlashIntegro
12.06.2014  20:04    <DIR>          freac
17.03.2015  10:26    <DIR>          Geek Uninstaller
10.11.2016  15:58    <DIR>          Hola
17.01.2014  17:50    <DIR>          Identities
13.05.2014  16:26    <DIR>          InstallShield
17.01.2014  18:31    <DIR>          Intel
13.05.2014  21:08    <DIR>          LibreOffice
13.09.2015  16:06    <DIR>          LolClient
17.01.2014  19:19    <DIR>          Macromedia
12.04.2011  09:54    <DIR>          Media Center Programs
08.10.2016  11:57    <DIR>          Morpheus Software
17.01.2014  19:21    <DIR>          Mozilla
04.06.2017  13:26    <DIR>          Mp3tag
21.01.2017  17:58    <DIR>          MyHeritage
19.07.2014  18:45    <DIR>          NCH Software
19.07.2014  18:29    <DIR>          Nero
27.09.2016  17:53    <DIR>          NVIDIA
19.02.2015  15:26    <DIR>          Opera Software
18.10.2014  18:05    <DIR>          Oracle
21.03.2014  15:35    <DIR>          Outerspace Software
14.01.2015  17:14    <DIR>          PDF Architect 2
10.06.2015  22:24    <DIR>          PDF Architect 3
31.10.2015  13:16    <DIR>          PDF Architect 4
18.01.2014  14:03    <DIR>          PunkBuster
17.01.2014  22:36    <DIR>          PwrMgr
13.09.2015  15:08    <DIR>          Riot Games
05.06.2017  17:15    <DIR>          Skype
13.09.2015  16:56    <DIR>          TS3Client
13.05.2014  16:42    <DIR>          Ubisoft
13.05.2014  15:52    <DIR>          Unity
03.05.2017  22:34    <DIR>          vlc
               0 Datei(en),              0 Bytes
              49 Verzeichnis(se), 59.324.522.496 Bytes frei

========= Ende von CMD: =========


========= dir "%LocalAppdata%" =========

 Datentr„ger in Laufwerk C: ist System
 Volumeseriennummer: 7EBE-FDEA

 Verzeichnis von C:\Users\Gloriaflyx\AppData\Local

04.06.2017  22:27    <DIR>          .
04.06.2017  22:27    <DIR>          ..
19.06.2016  12:34    <DIR>          ActiveSync
10.05.2017  10:48    <DIR>          Adobe
04.02.2016  21:16    <DIR>          Adobe_Systems_Incorporate
14.04.2016  20:40    <DIR>          Audacity
03.08.2015  17:26    <DIR>          Battle.net
17.06.2015  22:40    <DIR>          Blizzard Entertainment
18.07.2015  21:33    <DIR>          CEF
20.10.2016  09:26    <DIR>          Chromium
05.06.2017  17:18    <DIR>          ClassicShell
05.06.2016  15:10    <DIR>          Colossal Order
19.06.2016  12:47    <DIR>          Comms
17.08.2016  09:52    <DIR>          ConnectedDevicesPlatform
22.03.2017  17:47    <DIR>          converter
29.04.2017  14:47    <DIR>          CrashDumps
11.08.2014  10:53    <DIR>          DayZ
18.05.2017  21:45    <DIR>          DBG
05.11.2015  12:49            10.752 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
25.11.2016  22:13    <DIR>          Diagnostics
01.06.2015  16:56    <DIR>          DolphinFutures
16.08.2016  11:56    <DIR>          ElevatedDiagnostics
23.09.2015  15:13    <DIR>          FluxSoftware
14.01.2017  12:51            67.120 GDIPFONTCACHEV1.DAT
10.01.2017  23:54    <DIR>          Google
01.06.2015  07:33    <DIR>          GWX
04.12.2015  21:33    <DIR>          Intel_Corporation
17.01.2014  22:35    <DIR>          Lenovo
17.01.2014  19:26    <DIR>          Macromedia
05.06.2017  17:19    <DIR>          Microsoft
16.04.2014  15:42    <DIR>          Microsoft Help
25.04.2017  21:43    <DIR>          MicrosoftEdge
22.03.2017  17:47    <DIR>          Movavi
17.01.2014  19:21    <DIR>          Mozilla
19.07.2014  18:30    <DIR>          Nero
19.07.2014  18:29    <DIR>          Nero_AG
26.03.2014  22:55    <DIR>          NVIDIA
26.03.2014  22:56    <DIR>          NVIDIA Corporation
15.04.2015  20:17    <DIR>          openvr
19.02.2015  15:26    <DIR>          Opera Software
04.06.2017  22:25    <DIR>          Packages
10.10.2016  21:42    <DIR>          Paint.NET
03.05.2017  10:27    <DIR>          PDFCreator
22.06.2016  19:35    <DIR>          PeerDistRepub
17.01.2014  18:19    <DIR>          Programs
19.06.2016  12:33    <DIR>          Publishers
02.04.2014  17:34    <DIR>          PunkBuster
13.03.2014  22:52             1.434 RecConfig.xml
17.01.2014  22:55    <DIR>          Secunia PSI
11.12.2015  14:17    <DIR>          Skype
02.01.2017  22:17    <DIR>          speech
17.12.2016  21:49    <DIR>          Steam
05.06.2017  17:22    <DIR>          Temp
19.06.2016  12:32    <DIR>          TileDataLayer
26.11.2016  22:07    <DIR>          Ubisoft Game Launcher
13.05.2014  15:49    <DIR>          Unity
11.05.2017  13:51    <DIR>          UNP
26.01.2015  11:30    <DIR>          VirtualStore
04.10.2016  21:01    <DIR>          Windows Live
24.10.2016  18:55    <DIR>          YACReader
01.05.2016  21:52                 0 {0B179D57-EBA9-4D85-B0A3-C14982A9ED52}
26.10.2015  15:04                 0 {309B8B15-3C7F-4F34-B3F6-0066EA01FC36}
11.05.2016  20:19                 0 {3CF62346-6D52-4520-A926-FB0B6E652FF3}
22.04.2016  14:12                 0 {B01DDBE6-2D6A-4727-B346-D57950EA3E3A}
08.11.2015  20:24                 0 {BAE73680-28A1-4D05-AD07-486B48904EAC}
07.12.2015  14:05                 0 {D054697A-BAC1-4993-959D-79690D24E3EF}
26.01.2016  20:38                 0 {F1079BA0-943D-4D61-A261-CEFBF1919D56}
              10 Datei(en),         79.306 Bytes
              57 Verzeichnis(se), 59.324.518.400 Bytes frei

========= Ende von CMD: =========


========= dir "%CommonProgramFiles(x86)%" =========

 Datentr„ger in Laufwerk C: ist System
 Volumeseriennummer: 7EBE-FDEA

 Verzeichnis von C:\Program Files (x86)\Common Files

04.06.2017  22:27    <DIR>          .
04.06.2017  22:27    <DIR>          ..
18.04.2015  18:13    <DIR>          Adobe
18.06.2015  19:34    <DIR>          Blizzard Entertainment
26.05.2017  20:56    <DIR>          DESIGNER
20.03.2017  22:35    <DIR>          DVDVideoSoft
26.01.2017  21:25    <DIR>          FlashIntegro
17.01.2014  18:20    <DIR>          InstallShield
17.05.2017  17:56    <DIR>          Intel
17.01.2014  22:38    <DIR>          Lenovo
26.05.2017  20:56    <DIR>          Microsoft Shared
18.03.2017  23:03    <DIR>          Services
23.05.2017  18:53    <DIR>          Skype
17.05.2017  17:58    <DIR>          SpeechEngines
04.06.2017  22:29    <DIR>          Steam
20.03.2017  06:41    <DIR>          System
17.01.2014  19:41    <DIR>          Windows Live
               0 Datei(en),              0 Bytes
              17 Verzeichnis(se), 59.324.514.304 Bytes frei

========= Ende von CMD: =========


========= dir "%CommonProgramW6432%" =========

 Datentr„ger in Laufwerk C: ist System
 Volumeseriennummer: 7EBE-FDEA

 Verzeichnis von C:\Program Files\Common Files

17.05.2017  17:58    <DIR>          .
17.05.2017  17:58    <DIR>          ..
19.05.2015  21:14    <DIR>          Intel
17.01.2014  22:38    <DIR>          Lenovo
17.05.2017  17:58    <DIR>          microsoft shared
18.03.2017  23:03    <DIR>          Services
17.05.2017  17:58    <DIR>          SpeechEngines
20.03.2017  06:41    <DIR>          System
               0 Datei(en),              0 Bytes
               8 Verzeichnis(se), 59.324.518.400 Bytes frei

========= Ende von CMD: =========


========= dir "%UserProfile%" =========

 Datentr„ger in Laufwerk C: ist System
 Volumeseriennummer: 7EBE-FDEA

 Verzeichnis von C:\Users\Gloriaflyx

05.06.2017  11:48    <DIR>          .
05.06.2017  11:48    <DIR>          ..
22.07.2015  21:52    <DIR>          .android
22.03.2017  17:47    <DIR>          .fontconfig
17.01.2014  20:04    <DIR>          Application Data
22.07.2015  21:55    <DIR>          cminstaller
17.05.2017  19:13    <DIR>          Contacts
05.06.2017  17:22    <DIR>          Desktop
17.05.2017  19:13    <DIR>          Documents
17.05.2017  19:13    <DIR>          Downloads
17.05.2017  19:13    <DIR>          Favorites
17.05.2017  19:13    <DIR>          Links
23.05.2017  21:48    <DIR>          Music
17.05.2017  19:13    <DIR>          Pictures
19.12.2014  21:25    <DIR>          restore
19.05.2015  21:14    <DIR>          Roaming
17.05.2017  19:13    <DIR>          Saved Games
17.05.2017  19:13    <DIR>          Searches
16.03.2015  23:26    <DIR>          Start Menu
17.03.2015  10:05    <DIR>          Tracing
17.05.2017  19:13    <DIR>          Videos
               0 Datei(en),              0 Bytes
              21 Verzeichnis(se), 59.324.514.304 Bytes frei

========= Ende von CMD: =========


========= dir "C:\" =========

 Datentr„ger in Laufwerk C: ist System
 Volumeseriennummer: 7EBE-FDEA

 Verzeichnis von C:\

07.11.2014  20:26    <DIR>          5b9b24d7a42595adf4713d34
16.03.2015  23:26                 0 autoexec.bat
23.03.2016  15:07    <DIR>          Brother
29.12.2016  22:45                 2 END
07.11.2007  09:00            17.734 eula.1028.txt
07.11.2007  09:00            17.734 eula.1031.txt
07.11.2007  09:00            10.134 eula.1033.txt
07.11.2007  09:00            17.734 eula.1036.txt
07.11.2007  09:00            17.734 eula.1040.txt
07.11.2007  09:00               118 eula.1041.txt
07.11.2007  09:00            17.734 eula.1042.txt
07.11.2007  09:00            17.734 eula.2052.txt
07.11.2007  09:00            17.734 eula.3082.txt
05.06.2017  17:22    <DIR>          FRST
07.11.2007  09:00             1.110 globdata.ini
17.05.2017  18:47    <DIR>          inetpub
21.01.2017  17:57           562.688 install.exe
07.11.2007  09:00               843 install.ini
07.11.2007  09:03            76.304 install.res.1028.dll
07.11.2007  09:03            96.272 install.res.1031.dll
07.11.2007  09:03            91.152 install.res.1033.dll
07.11.2007  09:03            97.296 install.res.1036.dll
07.11.2007  09:03            95.248 install.res.1040.dll
07.11.2007  09:03            81.424 install.res.1041.dll
07.11.2007  09:03            79.888 install.res.1042.dll
07.11.2007  09:03            75.792 install.res.2052.dll
07.11.2007  09:03            96.272 install.res.3082.dll
19.06.2016  12:32    <DIR>          Intel
20.06.2016  09:25    <DIR>          Logs
26.03.2014  22:52    <DIR>          NVIDIA
18.03.2017  23:03    <DIR>          PerfLogs
17.05.2017  17:58    <DIR>          Program Files
04.06.2017  22:27    <DIR>          Program Files (x86)
05.06.2017  10:33           278.372 TDSSKiller.3.1.0.15_05.06.2017_10.30.08_log.txt
17.05.2017  17:58    <DIR>          Users
07.11.2007  09:00             5.686 vcredist.bmp
07.11.2007  09:09         1.442.522 VC_RED.cab
07.11.2007  09:12           232.960 VC_RED.MSI
05.06.2017  10:29    <DIR>          Windows
19.06.2016  12:33    <DIR>          Windows10Upgrade
              27 Datei(en),      3.448.221 Bytes
              13 Verzeichnis(se), 59.324.510.208 Bytes frei

========= Ende von CMD: =========

Hosts erfolgreich wiederhergestellt.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 54793920 B
Java, Flash, Steam htmlcache => 237571235 B
Windows/system/drivers => 7519517 B
Edge => 2742325 B
Chrome => 0 B
Firefox => 408952229 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 13986 B
NetworkService => 55994 B
Gloriaflyx => 470590126 B
DefaultAppPool => 0 B

RecycleBin => 134 B
EmptyTemp: => 1.1 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 17:22:45 ====
         
Code:
ATTFilter
# AdwCleaner v6.047 - Bericht erstellt am 05/06/2017 um 17:26:59
# Aktualisiert am 19/05/2017 von Malwarebytes
# Datenbank : 2017-05-19.1 [Lokal]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : Carola Ilgen - BALDER
# Gestartet von : C:\Users\Carola Ilgen\Desktop\adwcleaner_6.047.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\Carola Ilgen\AppData\Roaming\Hola
[-] Ordner gelöscht: C:\Program Files\Hola


***** [ Dateien ] *****

[-] Datei gelöscht: C:\END


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\Hola
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\Hola
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Hola
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
:: Hosts-Datei wiederhergestellt

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1953 Bytes] - [05/06/2017 17:26:59]
C:\AdwCleaner\AdwCleaner[S0].txt - [1974 Bytes] - [05/06/2017 17:26:33]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2099 Bytes] ##########
         
Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 05.06.17
Scan-Zeit: 17:35
Protokolldatei: mbm.txt
Administrator: Ja

-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.139
Version des Aktualisierungspakets: 1.0.2060
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Balder\Carola Ilgen

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 443602
Erkannte Bedrohungen: 0
(keine bösartigen Elemente erkannt)
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 0 Min., 58 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)
         

Alt 05.06.2017, 17:50   #10
Gloriaflyx
 
ESET meldet Funde - Standard

ESET meldet Funde



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-06-2017
durchgeführt von Gloriaflyx (Administrator) auf BALDER (05-06-2017 17:39:54)
Gestartet von C:\Users\Gloriaflyx\Desktop
Geladene Profile: Gloriaflyx (Verfügbare Profile: Gloriaflyx & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Flux Software LLC) C:\Users\Gloriaflyx\AppData\Local\FluxSoftware\Flux\flux.exe
(SunplusIT, Inc.) C:\Program Files (x86)\Integrated Camera\Monitor.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401896 2016-11-03] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-08-22] (IvoSoft)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1720696 2013-09-27] (SunplusIT, Inc.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2678784 2016-03-23] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3386576 2017-03-30] (COMODO)
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Run: [f.lux] => C:\Users\Gloriaflyx\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2015-09-23] (Flux Software LLC)
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 172.16.60.1
Tcpip\..\Interfaces\{674872c8-8b5a-47c5-887a-2bfeff0d36c4}: [DhcpNameServer] 192.168.44.1 192.168.44.1
Tcpip\..\Interfaces\{bb538318-92b1-40b0-88af-d342e62259b8}: [DhcpNameServer] 172.16.60.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-04-05] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default [2017-06-05]
FF user.js: detected! => C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\user.js [2016-03-04]
FF Homepage: Mozilla\Firefox\Profiles\j5h72v37.default -> hxxps://webmailer.hosteurope.de/
FF Extension: (Ghostery) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\firefox@ghostery.com.xpi [2017-06-02]
FF Extension: (Personas Plus) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\personas@christopher.beard.xpi [2017-05-18]
FF Extension: (uBlock Origin) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\uBlock0@raymondhill.net.xpi [2017-05-15]
FF Extension: (NoScript) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-05-31]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-10] ()
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-10] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3668857010-2765377856-186715415-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gloriaflyx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-14] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3668857010-2765377856-186715415-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-11-26] ()

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [lobonlhedgiilkfmbbbfhkaoefacipgj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [249856 2016-03-23] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10512032 2017-04-23] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-04-23] (COMODO)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-20] (Digital Wave Ltd.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-03] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [118480 2017-03-30] (COMODO)
R2 LPlatSvc; C:\WINDOWS\system32\LPlatSvc.exe [710144 2016-05-04] (Lenovo.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-03-25] ()
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [259176 2016-11-05] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [40960 2017-03-31] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [831504 2017-03-31] (COMODO)
R1 cmdHlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-03-31] (COMODO)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d62x64.sys [519680 2015-12-08] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-05-31] ()
R3 ikbevent; C:\WINDOWS\System32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\WINDOWS\System32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [138560 2016-06-15] (COMODO)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel Corporation)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188312 2017-06-05] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-06-05] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [44960 2017-06-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-05] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-06-05] (Malwarebytes)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-03-18] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_c8da725822079174\nvlddmkm.sys [14456920 2017-05-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [761600 2015-06-15] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51296 2016-11-05] (Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [735744 2016-03-11] (Sunplus)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-06-05] ()
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-05 17:39 - 2017-06-05 17:39 - 00001387 _____ C:\Users\Gloriaflyx\Desktop\mbm.txt
2017-06-05 17:34 - 2017-06-05 17:34 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-06-05 17:34 - 2017-06-05 17:34 - 00188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-06-05 17:34 - 2017-06-05 17:34 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-06-05 17:34 - 2017-06-05 17:34 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-06-05 17:34 - 2017-06-05 17:34 - 00044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-06-05 17:34 - 2017-06-05 17:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-06-05 17:34 - 2017-06-05 17:34 - 00000000 ____D C:\Program Files\Malwarebytes
2017-06-05 17:34 - 2017-05-31 11:09 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-06-05 17:32 - 2017-06-05 17:32 - 64025992 _____ (Malwarebytes ) C:\Users\Gloriaflyx\Desktop\mb3-setup-consumer-3.1.2.1733-1.0.139-1.0.2060.exe
2017-06-05 17:31 - 2017-06-05 17:31 - 00566128 _____ (Malwarebytes) C:\Users\Gloriaflyx\Desktop\mbam-clean-2.3.0.1001.exe
2017-06-05 17:28 - 2017-06-05 17:28 - 00002193 _____ C:\Users\Gloriaflyx\Desktop\AdwCleaner[C0].txt
2017-06-05 17:24 - 2017-06-05 17:26 - 00000000 ____D C:\AdwCleaner
2017-06-05 17:23 - 2017-06-05 17:33 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-06-05 17:22 - 2017-06-05 17:22 - 00033291 _____ C:\Users\Gloriaflyx\Desktop\Fixlog.txt
2017-06-05 17:21 - 2017-06-05 17:21 - 00002462 _____ C:\Users\Gloriaflyx\Desktop\Neues Textdokument.txt
2017-06-05 17:20 - 2017-06-05 17:20 - 00274495 _____ C:\Users\Gloriaflyx\Desktop\ESET meldet Funde.pdf
2017-06-05 17:18 - 2017-06-05 17:18 - 04110280 _____ C:\Users\Gloriaflyx\Desktop\adwcleaner_6.047.exe
2017-06-05 10:32 - 2017-06-05 10:32 - 00139141 _____ C:\Users\Gloriaflyx\Desktop\tdss.txt
2017-06-05 10:30 - 2017-06-05 10:33 - 00278372 _____ C:\TDSSKiller.3.1.0.15_05.06.2017_10.30.08_log.txt
2017-06-05 10:28 - 2017-06-05 17:40 - 00020008 _____ C:\Users\Gloriaflyx\Desktop\FRST.txt
2017-06-05 10:28 - 2017-06-05 10:30 - 00065598 _____ C:\Users\Gloriaflyx\Desktop\Addition.txt
2017-06-05 10:26 - 2017-06-05 10:26 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Gloriaflyx\Desktop\tdsskiller.exe
2017-06-05 10:26 - 2017-06-05 10:26 - 02433536 _____ (Farbar) C:\Users\Gloriaflyx\Desktop\FRST64.exe
2017-06-04 22:12 - 2017-06-04 22:13 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2017-06-04 13:27 - 2017-05-13 13:19 - 00000118 ____N C:\Users\Gloriaflyx\Desktop\Farbe aus Drogerie.txt
2017-06-04 12:50 - 2017-06-04 12:50 - 08408221 _____ C:\Users\Gloriaflyx\Desktop\Insecta.pdf
2017-06-04 12:50 - 2017-06-04 12:50 - 07512603 _____ C:\Users\Gloriaflyx\Desktop\Arthropoda2017.pdf
2017-06-04 12:50 - 2017-06-04 12:50 - 05695234 _____ C:\Users\Gloriaflyx\Desktop\Amphibien_Reptilien_2017_Kaltenpoth.pdf
2017-06-04 12:50 - 2017-06-04 12:50 - 02090938 _____ C:\Users\Gloriaflyx\Desktop\Artenkenntnis einheimischer Tierarten.pdf
2017-06-03 11:20 - 2017-05-03 18:21 - 00063161 _____ C:\Users\Gloriaflyx\Desktop\Konto_133301317-Auszug_2017_005.PDF
2017-06-02 20:40 - 2017-06-02 20:40 - 00063584 _____ C:\Users\Gloriaflyx\Desktop\Konto_133301317-Auszug_2017_006.PDF
2017-05-31 21:34 - 2017-05-31 21:34 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-31 21:34 - 2017-03-10 23:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-05-31 21:34 - 2017-03-10 23:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-05-31 21:34 - 2017-03-10 23:17 - 00254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-05-31 21:34 - 2017-03-10 23:17 - 00233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-05-31 21:32 - 2017-05-31 21:32 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-05-27 18:06 - 2017-06-05 17:39 - 00000000 ____D C:\FRST
2017-05-24 12:06 - 2017-05-24 12:06 - 01147686 _____ C:\Users\Gloriaflyx\Desktop\2_-_Spark[1].pdf
2017-05-18 21:45 - 2017-05-18 21:45 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\DBG
2017-05-18 07:54 - 2017-05-18 07:54 - 35397536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-05-18 07:54 - 2017-05-18 07:54 - 28632152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00969632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00920664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00618584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00507992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 40210520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 35290200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 03800992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 03256408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 01996704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438205.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 01598368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438205.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 01062816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 00999840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 11162000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 11129704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 10648520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 09335528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 09102488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 08891160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 01298696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 01013344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00791792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00703880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00626392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00591672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-05-18 04:34 - 2017-05-18 04:34 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-05-18 04:34 - 2017-05-18 04:34 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-05-17 19:14 - 2017-05-17 19:14 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-17 19:13 - 2017-05-17 19:13 - 00000020 ___SH C:\Users\Gloriaflyx\ntuser.ini
2017-05-17 19:13 - 2017-05-17 19:13 - 00000000 ____D C:\ProgramData\USOShared
2017-05-17 18:51 - 2017-05-17 18:51 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-17 18:51 - 2017-05-17 18:51 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-17 18:51 - 2017-05-17 18:51 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-17 18:51 - 2017-05-17 18:51 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-17 18:51 - 2017-05-17 18:51 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-17 18:51 - 2017-05-17 18:51 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-17 18:51 - 2017-05-17 18:51 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-17 18:51 - 2017-05-17 18:51 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-17 18:51 - 2017-05-17 18:51 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-17 18:49 - 2017-05-17 18:49 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-17 18:49 - 2017-05-17 17:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\system32\msmq
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files\MSBuild
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\inetpub
2017-05-17 18:47 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-17 18:47 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-17 18:05 - 2017-05-17 18:05 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-05-17 18:05 - 2017-05-17 18:05 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-05-17 18:03 - 2017-06-05 17:33 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-17 18:03 - 2017-05-17 18:03 - 00003500 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-17 18:03 - 2017-05-17 18:03 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-17 18:03 - 2017-05-17 18:03 - 00002432 _____ C:\WINDOWS\System32\Tasks\{3A39D014-2508-4DC8-8EED-5D3C5194CC6A}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002360 _____ C:\WINDOWS\System32\Tasks\{B4F731ED-C11E-4F9B-A092-6083F00D4F25}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002358 _____ C:\WINDOWS\System32\Tasks\{077EA0BA-9543-46EF-AA05-A3609078E68C}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002354 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_Dolby
2017-05-17 18:03 - 2017-05-17 18:03 - 00002352 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002342 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2017-05-17 18:03 - 2017-05-17 18:03 - 00002304 _____ C:\WINDOWS\System32\Tasks\{40397F46-4625-412F-9983-FCD60BC4A9E4}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002290 _____ C:\WINDOWS\System32\Tasks\{4428CE4F-B2B8-4E7A-802D-3985A4AE3A2E}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002290 _____ C:\WINDOWS\System32\Tasks\{3C95CE29-D5CC-4534-842A-1D344CDA2CE7}
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2017-05-17 18:00 - 2017-05-17 18:00 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-17 17:58 - 2017-05-17 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spiele
2017-05-17 17:58 - 2017-05-17 17:58 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-05-17 17:57 - 2017-06-05 17:22 - 00000000 ____D C:\Users\Gloriaflyx
2017-05-17 17:57 - 2017-05-17 18:02 - 00000000 ____D C:\Users\DefaultAppPool
2017-05-17 17:57 - 2017-05-17 18:01 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Vorlagen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Startmenü
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Netzwerkumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Lokale Einstellungen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Eigene Dateien
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Druckumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Videos
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Musik
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Bilder
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Local\Verlauf
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Local\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Anwendungsdaten
2017-05-17 17:56 - 2017-06-05 17:33 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-17 17:56 - 2017-06-05 17:32 - 02947146 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-17 17:56 - 2017-05-31 21:34 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-17 17:56 - 2017-05-18 07:56 - 00521816 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-05-17 17:56 - 2017-05-17 17:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-17 17:56 - 2017-05-17 17:58 - 00000000 ____D C:\Program Files\Intel
2017-05-17 17:56 - 2017-05-17 17:56 - 02011386 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-05-17 17:56 - 2017-05-17 17:56 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files\Synaptics
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files\Realtek
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files (x86)\SunplusIT Integrated Camera
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-05-17 17:56 - 2017-05-01 22:51 - 06437312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 02479552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00548800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00146880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-05-17 17:56 - 2017-04-25 23:11 - 07944687 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-05-17 17:56 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-17 17:55 - 2017-06-05 17:23 - 00503280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-17 17:55 - 2017-06-04 13:49 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-11 14:13 - 2017-05-17 19:13 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-11 13:51 - 2017-05-11 13:51 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\UNP
2017-05-10 18:28 - 2017-05-17 18:01 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-10 18:28 - 2017-05-10 18:29 - 00000000 ____D C:\Program Files\UNP
2017-05-10 10:46 - 2017-03-04 08:26 - 00261632 ____N (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-05 17:33 - 2016-08-16 20:50 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-05 17:33 - 2016-06-19 12:32 - 00000000 __SHD C:\Users\Gloriaflyx\IntelGraphicsProfiles
2017-06-05 17:33 - 2014-01-18 11:54 - 00034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-06-05 17:33 - 2014-01-17 19:41 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Skype
2017-06-05 17:32 - 2017-03-20 06:41 - 01355204 _____ C:\WINDOWS\system32\perfh007.dat
2017-06-05 17:32 - 2017-03-20 06:41 - 00327976 _____ C:\WINDOWS\system32\perfc007.dat
2017-06-05 17:32 - 2017-03-18 13:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-06-05 17:32 - 2016-11-19 11:26 - 00000000 ____D C:\Users\Gloriaflyx\AppData\LocalLow\Mozilla
2017-06-05 17:32 - 2014-01-17 18:49 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2017-06-05 17:30 - 2014-04-02 20:05 - 01421862 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2017-06-05 17:29 - 2016-06-19 12:39 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\ClassicShell
2017-06-05 17:22 - 2016-12-27 17:25 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-06-05 13:46 - 2014-07-01 13:19 - 00000000 ____D C:\Program Files (x86)\Steam
2017-06-05 10:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-04 22:25 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-04 22:25 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-04 22:25 - 2016-06-19 12:32 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\Packages
2017-06-04 22:22 - 2016-11-11 12:44 - 00000000 ____D C:\Program Files (x86)\FanFictionDownloader
2017-06-04 22:18 - 2016-06-19 12:34 - 00000000 __RHD C:\Users\Gloriaflyx\OneDrive
2017-06-04 22:14 - 2015-06-10 22:28 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Office
2017-06-04 13:29 - 2015-08-28 17:34 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2017-06-04 13:26 - 2015-08-28 17:34 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Mp3tag
2017-05-31 21:32 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-31 21:30 - 2010-11-21 05:27 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-26 22:02 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-26 20:56 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-26 20:55 - 2014-01-17 19:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-26 11:11 - 2015-08-31 10:32 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Ahnenblatt
2017-05-26 11:02 - 2017-03-29 13:14 - 00000000 ____D C:\Users\Gloriaflyx\Documents\Ahnenblatt
2017-05-25 22:03 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\L2Schemas
2017-05-25 20:42 - 2014-02-03 22:35 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Audacity
2017-05-25 12:49 - 2014-01-17 19:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-23 21:48 - 2017-03-20 22:36 - 00000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files
2017-05-23 21:48 - 2016-11-06 12:13 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\DVDVideoSoft
2017-05-23 19:58 - 2014-01-17 18:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-23 19:57 - 2014-01-17 18:51 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-23 18:53 - 2017-03-25 11:36 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-05-23 18:53 - 2014-01-17 19:39 - 00000000 ____D C:\ProgramData\Skype
2017-05-22 22:06 - 2017-02-08 20:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-05-21 17:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-19 11:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-18 22:52 - 2014-04-02 20:05 - 00000000 ___HD C:\VTRoot
2017-05-18 07:56 - 2017-03-20 06:43 - 00427608 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2017-05-18 07:50 - 2017-01-17 06:52 - 04136744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-05-18 07:50 - 2017-01-17 06:52 - 03647864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-05-18 04:34 - 2017-01-17 01:59 - 00045061 _____ C:\WINDOWS\system32\nvinfo.pb
2017-05-17 21:19 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-17 19:13 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-17 19:13 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-17 19:13 - 2016-04-27 07:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-17 18:55 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-17 18:52 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-17 18:52 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-05-17 18:47 - 2017-03-18 22:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-05-17 18:47 - 2017-03-18 22:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-05-17 18:47 - 2017-03-18 22:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2017-05-17 18:47 - 2017-03-18 22:56 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2017-05-17 18:47 - 2017-03-18 22:56 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2017-05-17 18:47 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-05-17 18:07 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-17 18:06 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-17 18:05 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-17 18:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-17 18:03 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-17 18:03 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-05-17 18:03 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-17 18:03 - 2016-06-19 12:23 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-17 18:01 - 2014-10-23 21:45 - 00000000 ____D C:\WINDOWS\de
2017-05-17 18:01 - 2014-03-27 11:48 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spiele
2017-05-17 17:58 - 2017-03-20 06:41 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\IME
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\schemas
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Cursors
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-17 17:58 - 2014-07-19 18:43 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2017-05-17 17:58 - 2014-01-17 18:31 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-05-17 17:57 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-05-17 17:56 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-05-17 17:56 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-17 17:41 - 2014-01-17 17:39 - 00008192 __RSH C:\BOOTSECT.BAK
2017-05-10 10:48 - 2014-07-10 22:11 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\Adobe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-10-22 13:22 - 2015-10-22 13:22 - 0159657 _____ () C:\Program Files (x86)\changelog.txt
2015-10-22 13:22 - 2015-11-07 18:45 - 0375544 _____ () C:\Program Files (x86)\createfileassoc.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 0447464 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\error_report.exe
2015-09-21 16:24 - 2015-09-21 16:24 - 1709056 _____ () C:\Program Files (x86)\libeay32.dll
2013-10-05 00:58 - 2013-10-05 00:58 - 0660128 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcp120.dll
2013-10-05 00:58 - 2013-10-05 00:58 - 0963232 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr120.dll
2015-08-27 10:07 - 2015-11-07 18:45 - 1704176 _____ (Overwolf) C:\Program Files (x86)\OverwolfTeamSpeakInstaller.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 0475112 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\package_inst.exe
2015-10-22 11:20 - 2015-10-22 11:20 - 0000321 _____ () C:\Program Files (x86)\plugin_sdk.html
2015-09-21 16:47 - 2015-09-21 16:47 - 5626368 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Core.dll
2015-09-21 16:48 - 2015-09-21 16:48 - 3937280 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Gui.dll
2015-09-21 16:48 - 2015-09-21 16:48 - 1092608 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Network.dll
2015-09-21 16:47 - 2015-09-21 16:47 - 0216576 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Sql.dll
2015-09-21 16:50 - 2015-09-21 16:50 - 5424128 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Widgets.dll
2015-10-22 13:22 - 2015-10-22 13:22 - 0175080 _____ () C:\Program Files (x86)\quazip.dll
2015-09-21 16:24 - 2015-09-21 16:24 - 0317440 _____ () C:\Program Files (x86)\ssleay32.dll
2015-10-22 13:21 - 2015-11-07 18:45 - 11544552 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\ts3client_win64.exe
2015-09-13 16:41 - 2015-11-07 18:45 - 0390800 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\Uninstall.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 1514984 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\update.exe
2015-10-22 11:20 - 2015-10-22 11:20 - 0520934 _____ () C:\Program Files (x86)\usb.ids
2015-11-08 20:24 - 2015-11-08 20:24 - 0000000 ____H () C:\Users\Gloriaflyx\AppData\Local\BITEEB2.tmp
2015-12-07 14:05 - 2015-12-07 14:05 - 0000000 ____H () C:\Users\Gloriaflyx\AppData\Local\BITF863.tmp
2014-03-24 11:50 - 2015-11-05 12:49 - 0010752 _____ () C:\Users\Gloriaflyx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-13 22:52 - 2014-03-13 22:52 - 0001434 _____ () C:\Users\Gloriaflyx\AppData\Local\RecConfig.xml
2016-05-01 21:51 - 2016-05-01 21:52 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{0B179D57-EBA9-4D85-B0A3-C14982A9ED52}
2015-10-26 15:04 - 2015-10-26 15:04 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{309B8B15-3C7F-4F34-B3F6-0066EA01FC36}
2016-05-11 20:19 - 2016-05-11 20:19 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{3CF62346-6D52-4520-A926-FB0B6E652FF3}
2016-04-22 14:12 - 2016-04-22 14:12 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{B01DDBE6-2D6A-4727-B346-D57950EA3E3A}
2015-11-08 20:23 - 2015-11-08 20:24 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{BAE73680-28A1-4D05-AD07-486B48904EAC}
2015-12-07 14:04 - 2015-12-07 14:05 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{D054697A-BAC1-4993-959D-79690D24E3EF}
2016-01-26 20:38 - 2016-01-26 20:38 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{F1079BA0-943D-4D61-A261-CEFBF1919D56}
2017-05-17 17:56 - 2017-05-17 17:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-22 22:02 - 2015-09-22 22:02 - 0000106 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
2017-03-22 17:45 - 2017-03-22 17:45 - 0000016 _____ () C:\ProgramData\mntemp
2017-03-22 17:45 - 2017-03-22 17:45 - 0005041 _____ () C:\ProgramData\mudtcpaz.vzs

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-30 21:44

==================== Ende von FRST.txt ============================
         

Alt 05.06.2017, 17:51   #11
Gloriaflyx
 
ESET meldet Funde - Standard

ESET meldet Funde



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-06-2017
durchgeführt von Gloriaflyx (05-06-2017 17:40:41)
Gestartet von C:\Users\Gloriaflyx\Desktop
Windows 10 Pro Version 1703 (X64) (2017-05-17 16:07:08)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3668857010-2765377856-186715415-500 - Administrator - Disabled)
Gloriaflyx (S-1-5-21-3668857010-2765377856-186715415-1000 - Administrator - Enabled) => C:\Users\Gloriaflyx
DefaultAccount (S-1-5-21-3668857010-2765377856-186715415-503 - Limited - Disabled)
Gast (S-1-5-21-3668857010-2765377856-186715415-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3668857010-2765377856-186715415-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: COMODO Advanced Protection (Enabled - Up to date) {B730BF64-C56F-6633-0EF5-9E639E46CC40}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Age of Empires® III: Complete Collection (HKLM\...\Steam App 105450) (Version:  - Ensemble Studios)
Age of Mythology: Extended Edition (HKLM\...\Steam App 266840) (Version:  - SkyBox Labs)
Ahnenblatt 2.88 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.88.0.1 - Dirk Böttcher)
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.20.00 - )
AoE 2 & TC v1.1 Userpatch AiO Update r5 r5 (HKLM-x32\...\{0CEC2F82-AEB2-4C4B-B450-62C6CEF159FE}_is1) (Version: 0.5 - line0)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Assassin's Creed Liberation HD (HKLM-x32\...\Uplay Install 625) (Version:  - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Cities: Skylines (HKLM\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
COMODO Internet Security Premium (HKLM\...\{901D1D88-408D-48E5-80DD-CC3145BD8456}) (Version: 10.0.1.6223 - COMODO Security Solutions Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Diablo II (HKLM-x32\...\Diablo II) (Version:  - Blizzard Entertainment)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
f.lux (HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Flux) (Version:  - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Video To MP3 Converter (HKLM-x32\...\Free Video To MP3 Converter_is1) (Version: 5.1.0.307 - Digital Wave Ltd)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Hero Editor V0.96 (HKLM-x32\...\ST6UNST #1) (Version:  - )
HL-5450DN (HKLM-x32\...\{7171B206-5C5A-4B7F-B9E1-1F1827FC769F}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.1 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{a2a04474-104a-49b3-9bf5-33afee260030}) (Version: 17.14.0 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.1.413499.43 - Comodo)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.10 - Lenovo)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.14.1 - LG Electronics)
LibreOffice 5.2.7.2 (HKLM-x32\...\{C89BB248-1889-4D6B-B310-A744A0545123}) (Version: 5.2.7.2 - The Document Foundation)
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8067.2115 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 53.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 de)) (Version: 53.0 - Mozilla)
Mozilla Firefox 53.0.3 (x64 de) (HKLM\...\Mozilla Firefox 53.0.3 (x64 de)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
Mp3tag v2.82 (HKLM-x32\...\Mp3tag) (Version: 2.82 - Florian Heidenreich)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7967.2073 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{1F895C18-6A2F-4A9E-BBE9-246783070F37}) (Version: 4.0.16 - dotPDN LLC)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.2 - pdfforge GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
R for Windows 3.3.0 (HKLM\...\R for Windows 3.3.0_is1) (Version: 3.3.0 - R Core Team)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{9B2D2419-CC47-4A73-A7A0-8FA2FFDE0C7C}) (Version: 6.1.1.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
The Sims(TM) 3 (HKLM-x32\...\Steam App 47890) (Version:  - The Sims Studio)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17323 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gloriaflyx\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Gloriaflyx\AppData\Local\Microsoft\OneDrive\17.3.6816.0313_1\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Gloriaflyx\AppData\Local\Microsoft\OneDrive\17.3.6816.0313_1\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Gloriaflyx\AppData\Local\Microsoft\OneDrive\17.3.6816.0313_1\amd64\FileSyncShell64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {26576267-54D3-4A94-97C7-4DCECB1AB3C3} - System32\Tasks\{3A39D014-2508-4DC8-8EED-5D3C5194CC6A} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller" -c -hunter
Task: {420FE51C-0D20-4591-B7CE-77DA17FC435F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {46734673-F9A6-4302-9D04-A119C0518E35} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {47A200AF-0889-49E0-B321-5A47994CCB96} - System32\Tasks\{B4F731ED-C11E-4F9B-A092-6083F00D4F25} => pcalua.exe -a "C:\Program Files (x86)\Die Sims\Die Sims 2\Sims2_uninst.exe" -d "C:\Program Files (x86)\Die Sims\Die Sims 2"
Task: {51DC85CF-A98A-43D8-8C1F-F7248B1FB113} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-26] (Microsoft Corporation)
Task: {799696A9-5758-492B-8927-81A7E88B1D69} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {856E8075-122F-45E5-BC1C-CE7C0E407608} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {88C43D0B-A2F3-4D79-B2FA-E2378BCFA74E} - System32\Tasks\{077EA0BA-9543-46EF-AA05-A3609078E68C} => pcalua.exe -a "C:\Program Files (x86)\Die Sims\Die Sims 2\eauninstall.exe" -d "C:\Program Files (x86)\Die Sims\Die Sims 2"
Task: {8E279186-208B-4384-BA38-55AEFA56EE1E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-10] (Adobe Systems Incorporated)
Task: {94BBF4A3-D101-498A-8DD5-9C76C5B2C63F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {9D320E3D-5658-4B76-BC1B-6B5DB3F33348} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-26] (Microsoft Corporation)
Task: {9DAF125B-A6D1-439B-933B-388A6A74B24B} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {9FCB8499-497D-41E5-89FE-0231E583FB37} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-26] (Microsoft Corporation)
Task: {A042F675-4FCB-4903-9A13-DE3CDDF82AAF} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-04-05] (Realtek Semiconductor)
Task: {A92B8410-5D79-45B0-A05A-A93C395ABB37} - System32\Tasks\{4428CE4F-B2B8-4E7A-802D-3985A4AE3A2E} => Firefox.exe hxxp://ui.skype.com/ui/0/7.16.0.102/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {AB28F491-13D7-441F-8BE3-99AEF1AF36E0} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {AC0DD1AA-2C9D-41FF-9BB4-E4C0B5CAB66C} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {B59D1B68-72A7-4E68-B9EF-3A0932C2E840} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
Task: {C3DA719C-9EF8-4F50-BF45-7143C26331AB} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {CA1E47C4-6FB4-4B1C-8C9E-2CEE7AD55373} - System32\Tasks\{40397F46-4625-412F-9983-FCD60BC4A9E4} => Firefox.exe hxxp://ui.skype.com/ui/0/6.11.0.102/de/go/help.faq.installer?source=lightinstaller&amp;LastError=1618
Task: {D9A35DD8-3F45-4EF2-BAB3-171204A5C81A} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {DC8BA37A-EFC5-4813-AF4D-6CF617B6471A} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-04-05] (Realtek Semiconductor)
Task: {E98AD572-71BE-4D8A-B936-AEEF09E30360} - System32\Tasks\{3C95CE29-D5CC-4534-842A-1D344CDA2CE7} => Firefox.exe hxxp://ui.skype.com/ui/0/7.16.0.102/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {EE29A92D-3408-4186-B873-7B505989B5B8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {F89037C2-30A8-4D5D-9474-4E51ED8EF8AB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-04-06 18:20 - 2017-04-23 00:28 - 00156352 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2013-09-24 11:53 - 2017-04-23 00:27 - 00107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2013-10-20 02:23 - 2017-04-23 00:27 - 00244928 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2013-04-15 16:45 - 2013-04-15 16:45 - 00182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 16:45 - 2013-04-15 16:45 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-01-18 14:03 - 2014-03-25 20:50 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-04-15 18:39 - 2016-03-16 12:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2014-12-11 15:15 - 2015-04-05 16:07 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2017-06-05 17:34 - 2017-05-31 11:09 - 02270664 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\autoexec.bat:$CmdTcID [64]
AlternateDataStreams: C:\install.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\createfileassoc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\error_report.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\OverwolfTeamSpeakInstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\package_inst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\ts3client_win64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\Uninstall.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\update.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\ST6UNST.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BRCOMB1A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\common_clang64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPD64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPO64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyAppv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\e1dmsg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\GfxResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GfxUIEx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv4_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ibmpmctl.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ig75icd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10idpp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10iumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd11dxva64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd12umd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdail64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdbcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdde64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdfcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdrcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdumdim64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdusc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfx11cmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmjit64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4531.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCPL.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIServicePS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDH.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDTCM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxexps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxext.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxOSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDK.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhsip64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelCpHDCPSvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelOpenCL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCComp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NicCo4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NicInstD.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6434520.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435382.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435445.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437654.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6434520.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435382.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435445.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437654.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEA64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynTPAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynTPCo34-11.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SynTPCo34-9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tpinspm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WdfCoInstaller01011.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AC3ACM.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\alf2cd.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLM03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLMW03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BROSNMP.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRRBTOOL.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRTCPCON.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\COMDLG32.OCX:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\common_clang32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\divx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\divxdec.ax:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ig75icd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10idpp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10iumd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd11dxva32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd12umd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdail32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdbcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdde32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdfcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdrcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdumdim32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdusc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfx11cmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmjit32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxexps32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhcp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhsip32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelOpenCL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\L3CODECX.AX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Lagarith.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\lame.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mcdvd_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mpg4c32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mslvddsfilter3.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msxml3a.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RICHTX32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Scg726.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SynCom.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TABCTL32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\VB6STKIT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vct3216.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvid.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvidcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvidvfw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\e1d62x64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ibmpmdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\igdkmd64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IntcDAud.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvpciflt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\stflt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynRMIHID_Aux.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynTP.sys:$CmdTcID [64]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\ajax.googleapis.com -> hxxp://ajax.googleapis.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\ajax.googleapis.com -> hxxps://ajax.googleapis.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\BALDER -> hxxp://BALDER
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\BALDER -> hxxps://BALDER
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\blank -> blank
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\lansweeper.com -> hxxp://lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\lansweeper.com -> hxxps://lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\update.lansweeper.com -> hxxp://update.lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\update.lansweeper.com -> hxxps://update.lansweeper.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2017-06-05 17:26 - 00000832 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 172.16.60.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{FE739527-3544-4C0F-A9E8-9EB45E2DF04F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{A0C4A37E-6493-42AB-8E3C-27BDB3D4AA92}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe

==================== Wiederherstellungspunkte =========================

31-05-2017 21:31:34 Windows Update
04-06-2017 22:08:31 Installed LibreOffice 5.2.7.2

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/05/2017 05:39:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/05/2017 05:39:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/05/2017 05:39:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/05/2017 05:39:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=23, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/05/2017 05:39:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=21, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/05/2017 05:39:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=18, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/05/2017 05:39:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/05/2017 05:39:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/05/2017 05:39:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/05/2017 05:39:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=23, Autor-ID=8086, Lieferant-ID=0, Lieferant-Typ=0


Systemfehler:
=============
Error: (06/05/2017 05:33:31 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/05/2017 05:33:31 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/05/2017 05:33:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (06/05/2017 05:33:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (06/05/2017 05:31:12 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/05/2017 05:31:12 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/05/2017 05:31:07 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (06/05/2017 05:31:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (06/05/2017 05:27:57 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (06/05/2017 05:27:57 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2017-06-05 17:39:42.968
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-05 17:33:19.735
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-05 17:33:19.697
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-05 17:33:17.384
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-05 17:33:17.384
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-05 17:31:10.838
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-05 17:31:10.800
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-05 17:31:08.197
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-05 17:31:08.197
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\SysWOW64\guard32.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-05 17:27:52.962
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 7876.91 MB
Verfügbarer physikalischer RAM: 5099.55 MB
Summe virtueller Speicher: 15812.91 MB
Verfügbarer virtueller Speicher: 12790.55 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:226.47 GB) (Free:56.32 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Daten) (Fixed) (Total:10.74 GB) (Free:10.05 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 0006A5E0)
Partition 1: (Active) - (Size=226.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=504 MB) - (Type=27)
Partition 3: (Not Active) - (Size=10.7 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 06.06.2017, 10:16   #12
M-K-D-B
/// TB-Ausbilder
 
ESET meldet Funde - Standard

ESET meldet Funde



Servus,



wir entfernen noch ein bisschen was und kontrollieren nochmal alles.



Hinweis: Der Suchlauf mit ESET kann länger dauern.





Schritt 1
  • Kopiere den Inhalt der folgenden Code-Box:
    Code:
    ATTFilter
    Start::
    CloseProcesses:
    FF user.js: detected! => C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\user.js [2016-03-04]
    EmptyTemp:
    End::
             
  • Starte nun FRST und klicke den Entfernen Button.
  • Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
  • Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.





Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 3

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset








Schritt 4
  • Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.







Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von HitmanPro,
  • die Logdatei von ESET,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 06.06.2017, 21:12   #13
Gloriaflyx
 
ESET meldet Funde - Standard

ESET meldet Funde



Hey Matthias,

ich schreibe grad vom Handy aus.
ich wollte gerade mit Schritt 1 beginnen, aber mein Virenprogramm scheint sich irgendwie mit FRST zu fetzen. Bisher wurde es virtualisiert, dem bin ich begekommen, indem ich FRST zu vertrauenswürdigen Dateien hinzugefügt habe und es einfach neugestartet habe. Jetzt nach einem FRST Update funktioniert gar nix mehr. Virenprogramm virtualisiert und FRST hängt sich auf, zeitweise ist sogar das Fenster einfach schwarz. Es lässt sich nicht beenden und meldet ständig Errors beim Sichern der Registry. Hab schon die ältere Version verwendet und/oder das Virenprogramm, das auch schwerfällig reagiert, abgeschaltet. Hat beides nicht geholfen, nur ein erzwungenes Abschalten des PCs hat zumindest dafür gesorgt, dass der Rechner überhaupt wieder reagiert hat.

EDIT: Hat sich erledigt. Ich habe ein bisschen die Einstellungen von CMOMODO verändert, aber da habe ich noch eine kleine Frage zu. Die kommt dann unten. Jetzt funzt FRST. Ist trotzdem zum kotzen.

Von FRST ist kein Fixlog erschienen.

Code:
ATTFilter
Code:
ATTFilter
HitmanPro 3.7.20.286
www.hitmanpro.com

   Computer name . . . . : BALDER
   Windows . . . . . . . : 10.0.0.15063.X64/8
   User name . . . . . . : Balder\Carola Ilgen
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2017-06-06 19:45:20
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 6m 21s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 7

   Objects scanned . . . : 2.181.269
   Files scanned . . . . : 35.762
   Remnants scanned  . . : 522.060 files / 1.623.447 keys

Suspicious files ____________________________________________________________

   C:\Users\Carola Ilgen\AppData\Local\PunkBuster\AC3\pb\PnkBstrK.sys
      Size . . . . . . . : 138.736 bytes
      Age  . . . . . . . : 1198.9 days (2014-02-23 22:28:41)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : B02A579C524B68FFFBF83E546637DADFF39C5F18D7B7A9A9D4CF17302A1A19B5
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Carola Ilgen\AppData\Local\PunkBuster\ACB\pb\PnkBstrK.sys
      Size . . . . . . . : 138.536 bytes
      Age  . . . . . . . : 1161.1 days (2014-04-02 17:34:39)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : A9F5C52018A3C28CD9CC2E1A1F8BA252D0DADC2F179F0CC8CB6CDDA8633976E3
      RSA Key Size . . . : 1024
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Carola Ilgen\AppData\Roaming\Ubisoft\Assassin's Creed Brotherhood\pb\pbcl.dll
      Size . . . . . . . : 943.913 bytes
      Age  . . . . . . . : 1161.1 days (2014-04-02 17:34:23)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : D18D53FA00CBB39C26BA9776DF9AA11C9ABCF653AA7469A781460D31565A74A1
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Carola Ilgen\AppData\Roaming\Ubisoft\Assassin's Creed Brotherhood\pb\pbcls.dll
      Size . . . . . . . : 943.913 bytes
      Age  . . . . . . . : 1161.1 days (2014-04-02 17:34:38)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : D18D53FA00CBB39C26BA9776DF9AA11C9ABCF653AA7469A781460D31565A74A1
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Carola Ilgen\Desktop\FRST-OlderVersion\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2.433.536 bytes
      Age  . . . . . . . : 1.4 days (2017-06-05 10:26:14)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 9E51FA16E351CB637E687A806F8F803BBABBFBD15977B3C7A418AF189D397266
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -1.9s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Kernel_ab_954915c3652de15a182316c34c35059cc760ae_00000000_cab_210c70f7\
         -1.8s C:\ProgramData\Microsoft\Windows\WER\ReportArchive\Kernel_ab_954915c3652de15a182316c34c35059cc760ae_00000000_cab_210c70f7\Report.wer
         -1.8s C:\Windows\Logs\SIH\SIH.20170605.102612.846.1.etl
          0.0s C:\Users\Carola Ilgen\Desktop\FRST-OlderVersion\FRST-OlderVersion\FRST64.exe

   C:\Users\Carola Ilgen\Desktop\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2.433.536 bytes
      Age  . . . . . . . : 0.0 days (2017-06-06 19:18:57)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : FE14D9CE6A7E6B6027AE58EDFA4AD710E822249417D951CFBE17EABEBABD9C85
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -9.8s C:\Users\Carola Ilgen\AppData\Roaming\Skype\DataRv\offline-storage.data-wal
         -9.8s C:\Users\Carola Ilgen\AppData\Roaming\Skype\DataRv\offline-storage.data-shm
         -6.5s C:\Users\Carola Ilgen\AppData\Roaming\Skype\carola-ilgen\main.lock
         -6.3s C:\Users\Carola Ilgen\AppData\Roaming\Skype\carola-ilgen\main.db-journal
         -6.3s C:\Users\Carola Ilgen\AppData\Roaming\Skype\carola-ilgen\statistics.lock
         -6.3s C:\Users\Carola Ilgen\AppData\Roaming\Skype\carola-ilgen\rclib.lock
         -6.3s C:\Users\Carola Ilgen\AppData\Roaming\Skype\carola-ilgen\rclib.db-journal
         -6.3s C:\Users\Carola Ilgen\AppData\Roaming\Skype\carola-ilgen\keyval.lock
         -6.2s C:\Users\Carola Ilgen\AppData\Roaming\Skype\carola-ilgen\media_messaging\media_cache_v3\asyncdb\cache_db.db-wal
         -6.2s C:\Users\Carola Ilgen\AppData\Roaming\Skype\carola-ilgen\media_messaging\media_cache_v3\asyncdb\cache_db.db-shm
         -6.1s C:\Users\Carola Ilgen\AppData\Roaming\Skype\carola-ilgen\media_messaging\emo_cache_v2\asyncdb\cache_db.db-wal
         -6.1s C:\Users\Carola Ilgen\AppData\Roaming\Skype\carola-ilgen\media_messaging\emo_cache_v2\asyncdb\cache_db.db-shm
         -6.1s C:\Users\Carola Ilgen\AppData\Roaming\Skype\carola-ilgen\media_messaging\storage_db\asyncdb\storage_db.db-wal
         -6.1s C:\Users\Carola Ilgen\AppData\Roaming\Skype\carola-ilgen\media_messaging\storage_db\asyncdb\storage_db.db-shm
         -6.0s C:\Users\Carola Ilgen\AppData\Roaming\Skype\carola-ilgen\msn.lock
         -6.0s C:\Users\Carola Ilgen\AppData\Local\Packages\Microsoft.SkypeApp_kzf8qxf38zg5c\LocalState\coexistence\WIN32-SignedIn
         -4.3s C:\Users\Carola Ilgen\AppData\Roaming\Skype\carola-ilgen\statistics.db-journal
         -4.3s C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\36a7527f-4adc-11e7-b22a-3c970ee14a3f.json
         -4.3s C:\ProgramData\Malwarebytes\MBAMService\MwacDetections\36a9b4e2-4adc-11e7-8705-3c970ee14a3f.json
         -3.7s C:\Users\Carola Ilgen\AppData\Roaming\Skype\carola-ilgen\msn.db-journal
         -3.6s C:\Users\Carola Ilgen\AppData\Roaming\Skype\carola-ilgen\keyval.db-journal
         -1.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{E0E5FA62-3C20-4446-9793-CF3949AD7CE5}
          0.0s C:\Users\Carola Ilgen\Desktop\FRST-OlderVersion\FRST64.exe
          0.9s C:\Users\Carola Ilgen\Desktop\FRST-OlderVersion\FRST-OlderVersion\
          1.7s C:\Windows\Prefetch\SEARCHUI.EXE-1EA5380E.pf
          1.7s C:\Windows\Prefetch\RUNTIMEBROKER.EXE-A02FF048.pf
          7.5s C:\Windows\Prefetch\FRST64.EXE-E763C2C8.pf

   C:\Users\Carola Ilgen\Desktop\FRST64.exe
      Size . . . . . . . : 2.433.536 bytes
      Age  . . . . . . . : 0.0 days (2017-06-06 19:03:34)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : FE14D9CE6A7E6B6027AE58EDFA4AD710E822249417D951CFBE17EABEBABD9C85
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -27.5s C:\Users\Carola Ilgen\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\sessionstore-backups\previous.js
         -27.1s C:\Users\Carola Ilgen\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\datareporting\archived\2017-06\1496768586914.4235cb2b-0eea-450b-93a7-f1b60f1cca3c.main.jsonlz4
         -5.7s C:\Users\Carola Ilgen\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\datareporting\archived\2017-06\1496768608337.72e78dac-3699-488b-8bed-dae957f68ac3.main.jsonlz4
         -2.7s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{D826AC35-D582-4E3B-B21E-71B03FC5C2A0}
         -0.4s C:\Users\Carola Ilgen\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
         -0.4s C:\Users\Carola Ilgen\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
         -0.2s C:\Users\Carola Ilgen\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
         -0.2s C:\Users\Carola Ilgen\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
          0.0s C:\Users\Carola Ilgen\Desktop\FRST64.exe
          1.0s C:\Users\Carola Ilgen\Desktop\FRST-OlderVersion\
         
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=bf407db68bec8b4ba34afb6d6821375a
# end=init
# utc_time=2017-06-06 05:56:28
# local_time=2017-06-06 07:56:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 33635
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=bf407db68bec8b4ba34afb6d6821375a
# end=updated
# utc_time=2017-06-06 05:58:29
# local_time=2017-06-06 07:58:29 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=bf407db68bec8b4ba34afb6d6821375a
# engine=33635
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-06-06 07:02:49
# local_time=2017-06-06 09:02:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='COMODO Antivirus'
# compatibility_mode=3096 16777213 100 87 3626483 113823481 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 8081 6908765 0 0
# scanned=343829
# found=0
# cleaned=0
# scan_time=3859
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-06-2017
durchgeführt von Gloriaflyx (Administrator) auf BALDER (06-06-2017 21:06:13)
Gestartet von C:\Users\Gloriaflyx\Desktop
Geladene Profile: Gloriaflyx (Verfügbare Profile: Gloriaflyx & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Lenovo.) C:\Windows\System32\LPlatSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Flux Software LLC) C:\Users\Gloriaflyx\AppData\Local\FluxSoftware\Flux\flux.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(SunplusIT, Inc.) C:\Program Files (x86)\Integrated Camera\Monitor.exe
(COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401896 2016-11-03] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-08-22] (IvoSoft)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [Integrated Camera_Monitor] => C:\Program Files (x86)\Integrated Camera\monitor.exe [1720696 2013-09-27] (SunplusIT, Inc.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2678784 2016-03-23] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [3386576 2017-03-30] (COMODO)
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Run: [f.lux] => C:\Users\Gloriaflyx\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2015-09-23] (Flux Software LLC)
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 172.16.60.1
Tcpip\..\Interfaces\{674872c8-8b5a-47c5-887a-2bfeff0d36c4}: [DhcpNameServer] 192.168.44.1 192.168.44.1
Tcpip\..\Interfaces\{bb538318-92b1-40b0-88af-d342e62259b8}: [DhcpNameServer] 172.16.60.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-05-26] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-05-26] (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-26] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-04-05] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default [2017-06-06]
FF Homepage: Mozilla\Firefox\Profiles\j5h72v37.default -> hxxps://webmailer.hosteurope.de/
FF Extension: (Ghostery) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\firefox@ghostery.com.xpi [2017-06-02]
FF Extension: (Personas Plus) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\personas@christopher.beard.xpi [2017-05-18]
FF Extension: (uBlock Origin) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\uBlock0@raymondhill.net.xpi [2017-05-15]
FF Extension: (NoScript) - C:\Users\Gloriaflyx\AppData\Roaming\Mozilla\Firefox\Profiles\j5h72v37.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-05-31]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-10] ()
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-10] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3668857010-2765377856-186715415-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Gloriaflyx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-14] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3668857010-2765377856-186715415-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-11-26] ()

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [lobonlhedgiilkfmbbbfhkaoefacipgj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [249856 2016-03-23] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3971264 2017-05-14] (Microsoft Corporation)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [10512032 2017-04-23] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2876096 2017-04-23] (COMODO)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-20] (Digital Wave Ltd.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-03] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [118480 2017-03-30] (COMODO)
R2 LPlatSvc; C:\WINDOWS\system32\LPlatSvc.exe [710144 2016-05-04] (Lenovo.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-03-25] ()
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [259176 2016-11-05] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [40960 2017-03-31] (COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [831504 2017-03-31] (COMODO)
R1 cmdHlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [50808 2017-03-31] (COMODO)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d62x64.sys [519680 2015-12-08] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-05-31] ()
R3 ikbevent; C:\WINDOWS\System32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\WINDOWS\System32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [138560 2016-06-15] (COMODO)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel Corporation)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [62208 2017-03-29] (COMODO)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188312 2017-06-06] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-06-06] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [44960 2017-06-06] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-06] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-06-06] (Malwarebytes)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-03-18] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_c8da725822079174\nvlddmkm.sys [14456920 2017-05-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [761600 2015-06-15] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51296 2016-11-05] (Synaptics Incorporated)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [735744 2016-03-11] (Sunplus)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-06-06] ()
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-06 21:06 - 2017-06-06 21:06 - 00019475 _____ C:\Users\Gloriaflyx\Desktop\FRST.txt
2017-06-06 19:54 - 2017-06-06 19:54 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2017-06-06 19:53 - 2017-06-06 19:53 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-06-06 19:52 - 2017-06-06 19:52 - 00000000 _____ C:\Users\Gloriaflyx\Desktop\Neues Textdokument (2).txt
2017-06-06 19:44 - 2017-06-06 19:52 - 00000000 ____D C:\ProgramData\HitmanPro
2017-06-06 19:02 - 2017-06-06 19:02 - 11584088 _____ (SurfRight B.V.) C:\Users\Gloriaflyx\Desktop\HitmanPro_x64.exe
2017-06-06 19:02 - 2017-06-06 19:02 - 02870984 _____ (ESET) C:\Users\Gloriaflyx\Desktop\esetsmartinstaller_deu.exe
2017-06-05 17:34 - 2017-06-06 20:58 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-06-05 17:34 - 2017-06-06 19:53 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-06-05 17:34 - 2017-06-06 19:53 - 00188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-06-05 17:34 - 2017-06-06 19:53 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-06-05 17:34 - 2017-06-06 19:53 - 00044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-06-05 17:34 - 2017-06-05 17:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-06-05 17:34 - 2017-06-05 17:34 - 00000000 ____D C:\Program Files\Malwarebytes
2017-06-05 17:34 - 2017-05-31 11:09 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-06-05 17:32 - 2017-06-05 17:32 - 64025992 _____ (Malwarebytes ) C:\Users\Gloriaflyx\Desktop\mb3-setup-consumer-3.1.2.1733-1.0.139-1.0.2060.exe
2017-06-05 17:31 - 2017-06-05 17:31 - 00566128 _____ (Malwarebytes) C:\Users\Gloriaflyx\Desktop\mbam-clean-2.3.0.1001.exe
2017-06-05 17:24 - 2017-06-05 17:26 - 00000000 ____D C:\AdwCleaner
2017-06-05 17:22 - 2017-06-06 19:52 - 00001564 _____ C:\Users\Gloriaflyx\Desktop\Fixlog.txt
2017-06-05 17:18 - 2017-06-05 17:18 - 04110280 _____ C:\Users\Gloriaflyx\Desktop\adwcleaner_6.047.exe
2017-06-05 10:30 - 2017-06-05 10:33 - 00278372 _____ C:\TDSSKiller.3.1.0.15_05.06.2017_10.30.08_log.txt
2017-06-05 10:26 - 2017-06-06 19:03 - 02433536 _____ (Farbar) C:\Users\Gloriaflyx\Desktop\FRST64.exe
2017-06-05 10:26 - 2017-06-05 10:26 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Gloriaflyx\Desktop\tdsskiller.exe
2017-06-04 22:12 - 2017-06-04 22:13 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2017-06-04 13:27 - 2017-05-13 13:19 - 00000118 ____N C:\Users\Gloriaflyx\Desktop\Farbe aus Drogerie.txt
2017-06-04 12:50 - 2017-06-04 12:50 - 08408221 _____ C:\Users\Gloriaflyx\Desktop\Insecta.pdf
2017-06-04 12:50 - 2017-06-04 12:50 - 07512603 _____ C:\Users\Gloriaflyx\Desktop\Arthropoda2017.pdf
2017-06-04 12:50 - 2017-06-04 12:50 - 05695234 _____ C:\Users\Gloriaflyx\Desktop\Amphibien_Reptilien_2017_Kaltenpoth.pdf
2017-06-04 12:50 - 2017-06-04 12:50 - 02090938 _____ C:\Users\Gloriaflyx\Desktop\Artenkenntnis einheimischer Tierarten.pdf
2017-06-03 11:20 - 2017-05-03 18:21 - 00063161 _____ C:\Users\Gloriaflyx\Desktop\Konto_133301317-Auszug_2017_005.PDF
2017-06-02 20:40 - 2017-06-02 20:40 - 00063584 _____ C:\Users\Gloriaflyx\Desktop\Konto_133301317-Auszug_2017_006.PDF
2017-05-31 21:34 - 2017-05-31 21:34 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-31 21:34 - 2017-03-10 23:17 - 00536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-05-31 21:34 - 2017-03-10 23:17 - 00525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-05-31 21:34 - 2017-03-10 23:17 - 00254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-05-31 21:34 - 2017-03-10 23:17 - 00233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-05-31 21:32 - 2017-05-31 21:32 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-05-27 18:06 - 2017-06-06 21:06 - 00000000 ____D C:\FRST
2017-05-24 12:06 - 2017-05-24 12:06 - 01147686 _____ C:\Users\Gloriaflyx\Desktop\2_-_Spark[1].pdf
2017-05-18 21:45 - 2017-05-18 21:45 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\DBG
2017-05-18 07:54 - 2017-05-18 07:54 - 35397536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-05-18 07:54 - 2017-05-18 07:54 - 28632152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00969632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00920664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00618584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-05-18 07:53 - 2017-05-18 07:53 - 00507992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 40210520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 35290200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 03800992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 03256408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 01996704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438205.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 01598368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438205.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 01062816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-05-18 07:52 - 2017-05-18 07:52 - 00999840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 11162000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 11129704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 10648520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 09335528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 09102488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 08891160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 01298696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 01013344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00791792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00703880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00626392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-05-18 07:50 - 2017-05-18 07:50 - 00591672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-05-18 04:34 - 2017-05-18 04:34 - 00000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-05-18 04:34 - 2017-05-18 04:34 - 00000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-05-17 19:14 - 2017-05-17 19:14 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-17 19:13 - 2017-05-17 19:13 - 00000020 ___SH C:\Users\Gloriaflyx\ntuser.ini
2017-05-17 19:13 - 2017-05-17 19:13 - 00000000 ____D C:\ProgramData\USOShared
2017-05-17 18:51 - 2017-05-17 18:51 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-17 18:51 - 2017-05-17 18:51 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-17 18:51 - 2017-05-17 18:51 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-17 18:51 - 2017-05-17 18:51 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-17 18:51 - 2017-05-17 18:51 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-17 18:51 - 2017-05-17 18:51 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-17 18:51 - 2017-05-17 18:51 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-17 18:51 - 2017-05-17 18:51 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-17 18:51 - 2017-05-17 18:51 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-17 18:51 - 2017-05-17 18:51 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-17 18:51 - 2017-05-17 18:51 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-17 18:51 - 2017-05-17 18:51 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-17 18:49 - 2017-05-17 18:49 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-17 18:49 - 2017-05-17 17:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\system32\msmq
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files\MSBuild
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-17 18:47 - 2017-05-17 18:47 - 00000000 ____D C:\inetpub
2017-05-17 18:47 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-17 18:47 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-17 18:47 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-17 18:05 - 2017-05-17 18:05 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2017-05-17 18:05 - 2017-05-17 18:05 - 00011433 _____ C:\WINDOWS\diagerr.xml
2017-05-17 18:03 - 2017-06-06 19:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-17 18:03 - 2017-05-17 18:03 - 00003500 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-17 18:03 - 2017-05-17 18:03 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-17 18:03 - 2017-05-17 18:03 - 00002432 _____ C:\WINDOWS\System32\Tasks\{3A39D014-2508-4DC8-8EED-5D3C5194CC6A}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002360 _____ C:\WINDOWS\System32\Tasks\{B4F731ED-C11E-4F9B-A092-6083F00D4F25}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002358 _____ C:\WINDOWS\System32\Tasks\{077EA0BA-9543-46EF-AA05-A3609078E68C}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002354 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_Dolby
2017-05-17 18:03 - 2017-05-17 18:03 - 00002352 _____ C:\WINDOWS\System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002342 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2017-05-17 18:03 - 2017-05-17 18:03 - 00002304 _____ C:\WINDOWS\System32\Tasks\{40397F46-4625-412F-9983-FCD60BC4A9E4}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002290 _____ C:\WINDOWS\System32\Tasks\{4428CE4F-B2B8-4E7A-802D-3985A4AE3A2E}
2017-05-17 18:03 - 2017-05-17 18:03 - 00002290 _____ C:\WINDOWS\System32\Tasks\{3C95CE29-D5CC-4534-842A-1D344CDA2CE7}
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\NCH Software
2017-05-17 18:03 - 2017-05-17 18:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2017-05-17 18:00 - 2017-05-17 18:00 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-17 17:58 - 2017-05-17 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spiele
2017-05-17 17:58 - 2017-05-17 17:58 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-05-17 17:57 - 2017-06-06 19:54 - 00000000 ____D C:\Users\DefaultAppPool
2017-05-17 17:57 - 2017-06-06 19:43 - 00000000 ____D C:\Users\Gloriaflyx
2017-05-17 17:57 - 2017-05-17 18:01 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Vorlagen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Startmenü
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Netzwerkumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Lokale Einstellungen
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Eigene Dateien
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Druckumgebung
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Videos
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Musik
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Documents\Eigene Bilder
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Local\Verlauf
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\AppData\Local\Anwendungsdaten
2017-05-17 17:57 - 2017-05-17 17:57 - 00000000 _SHDL C:\Users\Gloriaflyx\Anwendungsdaten
2017-05-17 17:56 - 2017-06-06 19:58 - 03133926 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-17 17:56 - 2017-06-06 19:53 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-17 17:56 - 2017-05-31 21:34 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-05-17 17:56 - 2017-05-18 07:56 - 00521816 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-05-17 17:56 - 2017-05-17 17:58 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-05-17 17:56 - 2017-05-17 17:58 - 00000000 ____D C:\Program Files\Intel
2017-05-17 17:56 - 2017-05-17 17:56 - 02011386 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-05-17 17:56 - 2017-05-17 17:56 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files\Synaptics
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files\Realtek
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 ____D C:\Program Files (x86)\SunplusIT Integrated Camera
2017-05-17 17:56 - 2017-05-17 17:56 - 00000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-05-17 17:56 - 2017-05-01 22:51 - 06437312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 02479552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00548800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00146880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-05-17 17:56 - 2017-05-01 22:51 - 00069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-05-17 17:56 - 2017-04-25 23:11 - 07944687 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-05-17 17:56 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-17 17:55 - 2017-06-06 21:03 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-17 17:55 - 2017-06-06 19:05 - 00503280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-11 14:13 - 2017-05-17 19:13 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-11 13:51 - 2017-05-11 13:51 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\UNP
2017-05-10 18:28 - 2017-05-17 18:01 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-10 18:28 - 2017-05-10 18:29 - 00000000 ____D C:\Program Files\UNP
2017-05-10 10:46 - 2017-03-04 08:26 - 00261632 ____N (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-06-06 21:06 - 2016-11-19 11:26 - 00000000 ____D C:\Users\Gloriaflyx\AppData\LocalLow\Mozilla
2017-06-06 21:04 - 2016-06-19 12:39 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\ClassicShell
2017-06-06 21:03 - 2014-01-17 19:41 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Skype
2017-06-06 21:03 - 2014-01-17 18:49 - 01474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2017-06-06 19:58 - 2017-03-20 06:41 - 01456856 _____ C:\WINDOWS\system32\perfh007.dat
2017-06-06 19:58 - 2017-03-20 06:41 - 00356392 _____ C:\WINDOWS\system32\perfc007.dat
2017-06-06 19:53 - 2016-08-16 20:50 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-06 19:53 - 2016-06-19 12:32 - 00000000 __SHD C:\Users\Gloriaflyx\IntelGraphicsProfiles
2017-06-06 19:53 - 2014-01-18 11:54 - 00034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-06-06 19:52 - 2017-03-18 13:40 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-06-06 19:34 - 2014-04-02 20:05 - 01427136 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2017-06-06 18:43 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-05 17:22 - 2016-12-27 17:25 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-06-05 13:46 - 2014-07-01 13:19 - 00000000 ____D C:\Program Files (x86)\Steam
2017-06-05 10:23 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-04 22:25 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-04 22:25 - 2016-06-19 12:32 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\Packages
2017-06-04 22:22 - 2016-11-11 12:44 - 00000000 ____D C:\Program Files (x86)\FanFictionDownloader
2017-06-04 22:18 - 2016-06-19 12:34 - 00000000 __RHD C:\Users\Gloriaflyx\OneDrive
2017-06-04 22:14 - 2015-06-10 22:28 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Office
2017-06-04 13:29 - 2015-08-28 17:34 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2017-06-04 13:26 - 2015-08-28 17:34 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Mp3tag
2017-05-31 21:32 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-31 21:30 - 2010-11-21 05:27 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-05-26 22:02 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-26 20:56 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-26 20:55 - 2014-01-17 19:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-26 11:11 - 2015-08-31 10:32 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Ahnenblatt
2017-05-26 11:02 - 2017-03-29 13:14 - 00000000 ____D C:\Users\Gloriaflyx\Documents\Ahnenblatt
2017-05-25 22:03 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\L2Schemas
2017-05-25 20:42 - 2014-02-03 22:35 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Audacity
2017-05-25 12:49 - 2014-01-17 19:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-23 21:48 - 2017-03-20 22:36 - 00000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files
2017-05-23 21:48 - 2016-11-06 12:13 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\DVDVideoSoft
2017-05-23 19:58 - 2014-01-17 18:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-23 19:57 - 2014-01-17 18:51 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-23 18:53 - 2017-03-25 11:36 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-05-23 18:53 - 2014-01-17 19:39 - 00000000 ____D C:\ProgramData\Skype
2017-05-22 22:06 - 2017-02-08 20:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-05-21 17:02 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-19 11:34 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-18 22:52 - 2014-04-02 20:05 - 00000000 ___HD C:\VTRoot
2017-05-18 07:56 - 2017-03-20 06:43 - 00427608 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2017-05-18 07:50 - 2017-01-17 06:52 - 04136744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-05-18 07:50 - 2017-01-17 06:52 - 03647864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-05-18 04:34 - 2017-01-17 01:59 - 00045061 _____ C:\WINDOWS\system32\nvinfo.pb
2017-05-17 21:19 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-17 19:13 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-17 19:13 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-17 19:13 - 2016-04-27 07:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-17 18:55 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-17 18:52 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-17 18:52 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-17 18:52 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-17 18:47 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2017-05-17 18:47 - 2017-03-18 22:59 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2017-05-17 18:47 - 2017-03-18 22:59 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2017-05-17 18:47 - 2017-03-18 22:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2017-05-17 18:47 - 2017-03-18 22:59 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2017-05-17 18:47 - 2017-03-18 22:59 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2017-05-17 18:47 - 2017-03-18 22:56 - 01380352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2017-05-17 18:47 - 2017-03-18 22:56 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2017-05-17 18:47 - 2017-03-18 22:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-05-17 18:47 - 2017-03-18 22:56 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2017-05-17 18:47 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-05-17 18:47 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-05-17 18:07 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-17 18:06 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-17 18:05 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-17 18:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-17 18:03 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-17 18:03 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-05-17 18:03 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-17 18:03 - 2016-06-19 12:23 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-17 18:01 - 2014-10-23 21:45 - 00000000 ____D C:\WINDOWS\de
2017-05-17 18:01 - 2014-03-27 11:48 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spiele
2017-05-17 17:58 - 2017-03-20 06:41 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\IME
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\schemas
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Cursors
2017-05-17 17:58 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-17 17:58 - 2014-07-19 18:43 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2017-05-17 17:58 - 2014-01-17 18:31 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-05-17 17:57 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-05-17 17:56 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Help
2017-05-17 17:56 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-17 17:41 - 2014-01-17 17:39 - 00008192 __RSH C:\BOOTSECT.BAK
2017-05-10 10:48 - 2014-07-10 22:11 - 00000000 ____D C:\Users\Gloriaflyx\AppData\Local\Adobe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-10-22 13:22 - 2015-10-22 13:22 - 0159657 _____ () C:\Program Files (x86)\changelog.txt
2015-10-22 13:22 - 2015-11-07 18:45 - 0375544 _____ () C:\Program Files (x86)\createfileassoc.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 0447464 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\error_report.exe
2015-09-21 16:24 - 2015-09-21 16:24 - 1709056 _____ () C:\Program Files (x86)\libeay32.dll
2013-10-05 00:58 - 2013-10-05 00:58 - 0660128 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcp120.dll
2013-10-05 00:58 - 2013-10-05 00:58 - 0963232 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr120.dll
2015-08-27 10:07 - 2015-11-07 18:45 - 1704176 _____ (Overwolf) C:\Program Files (x86)\OverwolfTeamSpeakInstaller.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 0475112 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\package_inst.exe
2015-10-22 11:20 - 2015-10-22 11:20 - 0000321 _____ () C:\Program Files (x86)\plugin_sdk.html
2015-09-21 16:47 - 2015-09-21 16:47 - 5626368 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Core.dll
2015-09-21 16:48 - 2015-09-21 16:48 - 3937280 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Gui.dll
2015-09-21 16:48 - 2015-09-21 16:48 - 1092608 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Network.dll
2015-09-21 16:47 - 2015-09-21 16:47 - 0216576 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Sql.dll
2015-09-21 16:50 - 2015-09-21 16:50 - 5424128 _____ (The Qt Company Ltd) C:\Program Files (x86)\Qt5Widgets.dll
2015-10-22 13:22 - 2015-10-22 13:22 - 0175080 _____ () C:\Program Files (x86)\quazip.dll
2015-09-21 16:24 - 2015-09-21 16:24 - 0317440 _____ () C:\Program Files (x86)\ssleay32.dll
2015-10-22 13:21 - 2015-11-07 18:45 - 11544552 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\ts3client_win64.exe
2015-09-13 16:41 - 2015-11-07 18:45 - 0390800 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\Uninstall.exe
2015-10-22 13:22 - 2015-11-07 18:45 - 1514984 _____ (TeamSpeak Systems GmbH) C:\Program Files (x86)\update.exe
2015-10-22 11:20 - 2015-10-22 11:20 - 0520934 _____ () C:\Program Files (x86)\usb.ids
2015-11-08 20:24 - 2015-11-08 20:24 - 0000000 ____H () C:\Users\Gloriaflyx\AppData\Local\BITEEB2.tmp
2015-12-07 14:05 - 2015-12-07 14:05 - 0000000 ____H () C:\Users\Gloriaflyx\AppData\Local\BITF863.tmp
2014-03-24 11:50 - 2015-11-05 12:49 - 0010752 _____ () C:\Users\Gloriaflyx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-13 22:52 - 2014-03-13 22:52 - 0001434 _____ () C:\Users\Gloriaflyx\AppData\Local\RecConfig.xml
2016-05-01 21:51 - 2016-05-01 21:52 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{0B179D57-EBA9-4D85-B0A3-C14982A9ED52}
2015-10-26 15:04 - 2015-10-26 15:04 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{309B8B15-3C7F-4F34-B3F6-0066EA01FC36}
2016-05-11 20:19 - 2016-05-11 20:19 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{3CF62346-6D52-4520-A926-FB0B6E652FF3}
2016-04-22 14:12 - 2016-04-22 14:12 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{B01DDBE6-2D6A-4727-B346-D57950EA3E3A}
2015-11-08 20:23 - 2015-11-08 20:24 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{BAE73680-28A1-4D05-AD07-486B48904EAC}
2015-12-07 14:04 - 2015-12-07 14:05 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{D054697A-BAC1-4993-959D-79690D24E3EF}
2016-01-26 20:38 - 2016-01-26 20:38 - 0000000 _____ () C:\Users\Gloriaflyx\AppData\Local\{F1079BA0-943D-4D61-A261-CEFBF1919D56}
2017-05-17 17:56 - 2017-05-17 17:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-22 22:02 - 2015-09-22 22:02 - 0000106 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
2017-03-22 17:45 - 2017-03-22 17:45 - 0000016 _____ () C:\ProgramData\mntemp
2017-03-22 17:45 - 2017-03-22 17:45 - 0005041 _____ () C:\ProgramData\mudtcpaz.vzs

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-30 21:44

==================== Ende von FRST.txt ============================
         

Geändert von Gloriaflyx (06.06.2017 um 19:41 Uhr)

Alt 06.06.2017, 21:13   #14
Gloriaflyx
 
ESET meldet Funde - Standard

ESET meldet Funde



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-06-2017
durchgeführt von Gloriaflyx (06-06-2017 21:06:57)
Gestartet von C:\Users\Gloriaflyx\Desktop
Windows 10 Pro Version 1703 (X64) (2017-05-17 16:07:08)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3668857010-2765377856-186715415-500 - Administrator - Disabled)
Gloriaflyx (S-1-5-21-3668857010-2765377856-186715415-1000 - Administrator - Enabled) => C:\Users\Gloriaflyx
DefaultAccount (S-1-5-21-3668857010-2765377856-186715415-503 - Limited - Disabled)
Gast (S-1-5-21-3668857010-2765377856-186715415-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3668857010-2765377856-186715415-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {0C515E80-E355-69BD-3445-A511E5C186FD}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: COMODO Advanced Protection (Enabled - Up to date) {B730BF64-C56F-6633-0EF5-9E639E46CC40}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {346ADFA5-A93A-68E5-1F1A-0C241B12C186}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Age of Empires® III: Complete Collection (HKLM\...\Steam App 105450) (Version:  - Ensemble Studios)
Age of Mythology: Extended Edition (HKLM\...\Steam App 266840) (Version:  - SkyBox Labs)
Ahnenblatt 2.88 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.88.0.1 - Dirk Böttcher)
Ansel (Version: 382.05 - NVIDIA Corporation) Hidden
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 8.20.00 - )
AoE 2 & TC v1.1 Userpatch AiO Update r5 r5 (HKLM-x32\...\{0CEC2F82-AEB2-4C4B-B450-62C6CEF159FE}_is1) (Version: 0.5 - line0)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Assassin's Creed Liberation HD (HKLM-x32\...\Uplay Install 625) (Version:  - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Cities: Skylines (HKLM\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
COMODO Internet Security Premium (HKLM\...\{901D1D88-408D-48E5-80DD-CC3145BD8456}) (Version: 10.0.1.6223 - COMODO Security Solutions Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Diablo II (HKLM-x32\...\Diablo II) (Version:  - Blizzard Entertainment)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
f.lux (HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\Flux) (Version:  - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Video To MP3 Converter (HKLM-x32\...\Free Video To MP3 Converter_is1) (Version: 5.1.0.307 - Digital Wave Ltd)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Hero Editor V0.96 (HKLM-x32\...\ST6UNST #1) (Version:  - )
HL-5450DN (HKLM-x32\...\{7171B206-5C5A-4B7F-B9E1-1F1827FC769F}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.1 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.1.28 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{a2a04474-104a-49b3-9bf5-33afee260030}) (Version: 17.14.0 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.1.413499.43 - Comodo)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lenovo Patch Utility (x32 Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.10 - Lenovo)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.14.1 - LG Electronics)
LibreOffice 5.2.7.2 (HKLM-x32\...\{C89BB248-1889-4D6B-B310-A744A0545123}) (Version: 5.2.7.2 - The Document Foundation)
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8067.2115 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 53.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 de)) (Version: 53.0 - Mozilla)
Mozilla Firefox 53.0.3 (x64 de) (HKLM\...\Mozilla Firefox 53.0.3 (x64 de)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
Mp3tag v2.82 (HKLM-x32\...\Mp3tag) (Version: 2.82 - Florian Heidenreich)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7967.2073 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{1F895C18-6A2F-4A9E-BBE9-246783070F37}) (Version: 4.0.16 - dotPDN LLC)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.5.2 - pdfforge GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
R for Windows 3.3.0 (HKLM\...\R for Windows 3.3.0_is1) (Version: 3.3.0 - R Core Team)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21236 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.115 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{9B2D2419-CC47-4A73-A7A0-8FA2FFDE0C7C}) (Version: 6.1.1.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
The Sims(TM) 3 (HKLM-x32\...\Steam App 47890) (Version:  - The Sims Studio)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17323 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gloriaflyx\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Gloriaflyx\AppData\Local\Microsoft\OneDrive\17.3.6816.0313_1\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Gloriaflyx\AppData\Local\Microsoft\OneDrive\17.3.6816.0313_1\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3668857010-2765377856-186715415-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Gloriaflyx\AppData\Local\Microsoft\OneDrive\17.3.6816.0313_1\amd64\FileSyncShell64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {26576267-54D3-4A94-97C7-4DCECB1AB3C3} - System32\Tasks\{3A39D014-2508-4DC8-8EED-5D3C5194CC6A} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller" -c -hunter
Task: {420FE51C-0D20-4591-B7CE-77DA17FC435F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {46734673-F9A6-4302-9D04-A119C0518E35} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {47A200AF-0889-49E0-B321-5A47994CCB96} - System32\Tasks\{B4F731ED-C11E-4F9B-A092-6083F00D4F25} => pcalua.exe -a "C:\Program Files (x86)\Die Sims\Die Sims 2\Sims2_uninst.exe" -d "C:\Program Files (x86)\Die Sims\Die Sims 2"
Task: {51DC85CF-A98A-43D8-8C1F-F7248B1FB113} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-26] (Microsoft Corporation)
Task: {799696A9-5758-492B-8927-81A7E88B1D69} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {856E8075-122F-45E5-BC1C-CE7C0E407608} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {88C43D0B-A2F3-4D79-B2FA-E2378BCFA74E} - System32\Tasks\{077EA0BA-9543-46EF-AA05-A3609078E68C} => pcalua.exe -a "C:\Program Files (x86)\Die Sims\Die Sims 2\eauninstall.exe" -d "C:\Program Files (x86)\Die Sims\Die Sims 2"
Task: {8E279186-208B-4384-BA38-55AEFA56EE1E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-10] (Adobe Systems Incorporated)
Task: {94BBF4A3-D101-498A-8DD5-9C76C5B2C63F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {9D320E3D-5658-4B76-BC1B-6B5DB3F33348} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-05-26] (Microsoft Corporation)
Task: {9DAF125B-A6D1-439B-933B-388A6A74B24B} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {9FCB8499-497D-41E5-89FE-0231E583FB37} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-26] (Microsoft Corporation)
Task: {A042F675-4FCB-4903-9A13-DE3CDDF82AAF} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-04-05] (Realtek Semiconductor)
Task: {A92B8410-5D79-45B0-A05A-A93C395ABB37} - System32\Tasks\{4428CE4F-B2B8-4E7A-802D-3985A4AE3A2E} => Firefox.exe hxxp://ui.skype.com/ui/0/7.16.0.102/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {AB28F491-13D7-441F-8BE3-99AEF1AF36E0} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {AC0DD1AA-2C9D-41FF-9BB4-E4C0B5CAB66C} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {B59D1B68-72A7-4E68-B9EF-3A0932C2E840} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()
Task: {C3DA719C-9EF8-4F50-BF45-7143C26331AB} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2017-04-23] (COMODO)
Task: {CA1E47C4-6FB4-4B1C-8C9E-2CEE7AD55373} - System32\Tasks\{40397F46-4625-412F-9983-FCD60BC4A9E4} => Firefox.exe hxxp://ui.skype.com/ui/0/6.11.0.102/de/go/help.faq.installer?source=lightinstaller&amp;LastError=1618
Task: {D9A35DD8-3F45-4EF2-BAB3-171204A5C81A} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2017-04-23] (COMODO)
Task: {DC8BA37A-EFC5-4813-AF4D-6CF617B6471A} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-04-05] (Realtek Semiconductor)
Task: {E98AD572-71BE-4D8A-B936-AEEF09E30360} - System32\Tasks\{3C95CE29-D5CC-4534-842A-1D344CDA2CE7} => Firefox.exe hxxp://ui.skype.com/ui/0/7.16.0.102/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {EE29A92D-3408-4186-B873-7B505989B5B8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {F89037C2-30A8-4D5D-9474-4E51ED8EF8AB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-04-06 18:20 - 2017-04-23 00:28 - 00156352 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdwrhlp.dll
2013-09-24 11:53 - 2017-04-23 00:27 - 00107200 _____ () C:\Program Files\COMODO\COMODO Internet Security\cavwpps.dll
2013-10-20 02:23 - 2017-04-23 00:27 - 00244928 _____ () C:\Program Files\COMODO\COMODO Internet Security\cmdcomps.dll
2017-06-05 17:34 - 2017-05-31 11:09 - 02270664 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2013-04-15 16:45 - 2013-04-15 16:45 - 00182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 16:45 - 2013-04-15 16:45 - 00060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-01-18 14:03 - 2014-03-25 20:50 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2013-04-15 18:39 - 2016-03-16 12:25 - 00073912 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2014-12-11 15:15 - 2015-04-05 16:07 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2017-05-08 19:47 - 2017-05-08 19:47 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-05-08 19:47 - 2017-05-08 19:47 - 26322944 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 00441856 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 02139648 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 02901928 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2016-06-19 14:31 - 2016-06-19 14:31 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 00641024 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-08 19:47 - 2017-05-08 19:47 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2017-06-01 18:48 - 2017-06-01 18:48 - 30965760 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\Music.UI.exe
2017-06-01 18:48 - 2017-06-01 18:48 - 09016320 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-05-26 19:42 - 2017-05-26 19:43 - 03140520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17042.14111.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-01 18:48 - 2017-06-01 18:48 - 23661056 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\Video.UI.exe
2017-06-01 18:48 - 2017-06-01 18:48 - 09016320 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-05-26 19:42 - 2017-05-26 19:43 - 03140520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17042.14211.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\autoexec.bat:$CmdTcID [64]
AlternateDataStreams: C:\install.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\createfileassoc.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\error_report.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\OverwolfTeamSpeakInstaller.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\package_inst.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\ts3client_win64.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\Uninstall.exe:$CmdTcID [64]
AlternateDataStreams: C:\Program Files (x86)\update.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\ST6UNST.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\BRCOMB1A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\cdpreference.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\common_clang64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPA64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPD64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPO64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DDPP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\difx64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyApp.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\DPTopologyAppv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\e1dmsg.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\FMAPO64.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\GfxResources.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\GfxUIEx.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv2_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Gfxv4_0.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ibmpmctl.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\ig75icd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10idpp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd10iumd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd11dxva64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igd12umd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdail64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdbcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdde64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdfcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdmd64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdrcl64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdumdim64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igdusc64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfx11cmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmjit64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxcmrt64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCoIn_v4531.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCPL.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxCUIServicePS.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDH.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDHLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDILibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxDTCM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxEMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxexps.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxext.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxLHMLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxOSP.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDK.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLib.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\igfxSDKLibv2_0.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhcp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\iglhsip64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelCpHDCPSvc.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelOpenCL64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiMCComp64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\IntelWiDiUMS64.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NicCo4.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\NicInstD.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6434520.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435382.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6435445.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispco6437654.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6434520.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435382.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6435445.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\nvdispgenco6437654.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEA64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EED64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEG64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEL64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\R4EEP64A.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RCoInstII64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RltkAPO64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTCOM64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkApi64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCfg64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtkCoLDR64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtlCPAPI64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RtPgEx64.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\RTSnMg64.cpl:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynCOM.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynTPAPI.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\SynTPCo34-11.dll:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\SynTPCo34-9.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\tpinspm.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\WdfCoInstaller01011.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\AC3ACM.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\alf2cd.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLM03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRLMW03A.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BROSNMP.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRRBTOOL.EXE:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\BRTCPCON.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\COMDLG32.OCX:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\common_clang32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DCompiler_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3dx10_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\D3DX9_39.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\divx.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\divxdec.ax:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\SysWOW64\ig75icd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10idpp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd10iumd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd11dxva32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igd12umd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdail32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdbcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdde32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdfcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdmd32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdrcl32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdumdim32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igdusc32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfx11cmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmjit32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxcmrt32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\igfxexps32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhcp32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\iglhsip32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\indexeddbserver.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\IntelOpenCL32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\L3CODECX.AX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Lagarith.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\lame.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mcdvd_32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mpg4c32.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\mslvddsfilter3.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\msxml3a.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.ex0:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.exe:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\PnkBstrB.xtr:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\RICHTX32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\Scg726.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\SynCom.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\TABCTL32.OCX:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\VB6STKIT.DLL:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\vct3216.acm:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvid.ax:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvidcore.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\SysWOW64\xvidvfw.dll:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\e1d62x64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ibmpmdrv.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\igdkmd64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\IntcDAud.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\nvpciflt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\RTKVHD64.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_AMDASF_Aux.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\Smb_driver_Intel_Aux.sys:$CmdTcID [130]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\stflt.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynRMIHID_Aux.sys:$CmdTcID [64]
AlternateDataStreams: C:\WINDOWS\system32\Drivers\SynTP.sys:$CmdTcID [64]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\ajax.googleapis.com -> hxxp://ajax.googleapis.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\ajax.googleapis.com -> hxxps://ajax.googleapis.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\BALDER -> hxxp://BALDER
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\BALDER -> hxxps://BALDER
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\blank -> blank
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\lansweeper.com -> hxxp://lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\lansweeper.com -> hxxps://lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\update.lansweeper.com -> hxxp://update.lansweeper.com
IE trusted site: HKU\S-1-5-21-3668857010-2765377856-186715415-1000\...\update.lansweeper.com -> hxxps://update.lansweeper.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2017-06-05 17:26 - 00000832 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3668857010-2765377856-186715415-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gloriaflyx\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 172.16.60.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{FE739527-3544-4C0F-A9E8-9EB45E2DF04F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{A0C4A37E-6493-42AB-8E3C-27BDB3D4AA92}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe

==================== Wiederherstellungspunkte =========================

31-05-2017 21:31:34 Windows Update
04-06-2017 22:08:31 Installed LibreOffice 5.2.7.2

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/06/2017 09:04:05 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\microsoft office\root\office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft office\root\office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/06/2017 09:04:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (06/06/2017 09:03:42 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (06/06/2017 07:58:07 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\r\r-3.3.0\tcl\bin64\tk85.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\r\r-3.3.0\tcl\bin64\tk85.dll" in Zeile 9.
Der Wert "x64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (06/06/2017 07:57:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (06/06/2017 07:57:11 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\microsoft office\root\office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft office\root\office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/06/2017 07:57:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (06/06/2017 07:56:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Gloriaflyx\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (06/06/2017 07:53:22 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0

Error: (06/06/2017 07:53:22 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0


Systemfehler:
=============
Error: (06/06/2017 07:58:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (06/06/2017 07:58:21 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CAROLA~1\AppData\Local\Temp\ehdrv.sys

Error: (06/06/2017 07:58:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (06/06/2017 07:58:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CAROLA~1\AppData\Local\Temp\ehdrv.sys

Error: (06/06/2017 07:58:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (06/06/2017 07:58:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CAROLA~1\AppData\Local\Temp\ehdrv.sys

Error: (06/06/2017 07:56:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (06/06/2017 07:56:56 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CAROLA~1\AppData\Local\Temp\ehdrv.sys

Error: (06/06/2017 07:56:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (06/06/2017 07:56:55 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\CAROLA~1\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2017-06-06 21:03:49.398
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-06 21:03:24.856
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-06 20:13:03.193
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-06 20:08:44.346
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-06 20:07:35.908
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\DriverStore\FileRepository\nvltwu.inf_amd64_c8da725822079174\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-06-06 20:07:26.248
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-06 19:53:19.873
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-06 19:53:19.810
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-06 19:53:19.807
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2017-06-06 19:53:19.804
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 7876.91 MB
Verfügbarer physikalischer RAM: 4664.7 MB
Summe virtueller Speicher: 15812.91 MB
Verfügbarer virtueller Speicher: 12102.93 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:226.47 GB) (Free:55.89 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Daten) (Fixed) (Total:10.74 GB) (Free:10.05 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 0006A5E0)
Partition 1: (Active) - (Size=226.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=504 MB) - (Type=27)
Partition 3: (Not Active) - (Size=10.7 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 06.06.2017, 21:25   #15
Gloriaflyx
 
ESET meldet Funde - Standard

ESET meldet Funde



So, nun die Fragen:

Ich habe jetzt keine Probleme bemerkt, das blöde Ding hat nur bei der Auführung von FRST einen False Positive, aber ich habe eine Frage bzgl. meines Virenprogramms, wie ich oben ja schon beschrieben habe.
Ich musste ein paar Echtzeitkomponenten ausschalten, damit FRST funktioniert und da habe ich mir die Frage gestellt, welche Komponenten, rot markiert, eigentlich wichtig sind (hatte vorher alle aktiv.) Das blau markierte bezieht sich auf die Einstellung des HIPS.
Und eine kleine Frage aus Neugier: Was hatte sich denn bei mir eingenistet?

LG
Gloriaflyx
Miniaturansicht angehängter Grafiken
ESET meldet Funde-comodo.jpg  

Antwort

Themen zu ESET meldet Funde
.dll, administrator, adobe flash player, adware, defender, dll, error, explorer, firefox, flash player, homepage, mozilla, nvidia, ordner, prozesse, realtek, registry, rundll, scan, security, services.exe, software, system, teamspeak, ublock, windows



Ähnliche Themen: ESET meldet Funde


  1. XP Rechner Funde von eset und Avira
    Log-Analyse und Auswertung - 20.12.2016 (1)
  2. ESET Scanner meldet Infektion
    Mülltonne - 06.04.2016 (1)
  3. win 10 äusserst langsam. Funde von eset online scanner: win32/adware.AdInstaller.F Anwendung
    Plagegeister aller Art und deren Bekämpfung - 15.03.2016 (54)
  4. Einige Funde meine ESET Antivirus
    Log-Analyse und Auswertung - 26.06.2015 (19)
  5. Windows 7 mehrere funde via Eset
    Log-Analyse und Auswertung - 21.03.2015 (19)
  6. Eset Virenscan meldet befallene Website
    Plagegeister aller Art und deren Bekämpfung - 07.11.2014 (3)
  7. Eset Online Scanner: 25 Funde - Was tun?
    Plagegeister aller Art und deren Bekämpfung - 22.07.2014 (1)
  8. Sweetpage und mehrere Funde von MBAM und ESET
    Log-Analyse und Auswertung - 29.06.2014 (23)
  9. Avast meldet Dropper.gen, Eset DownloadSponsor.A in RecycleBin
    Plagegeister aller Art und deren Bekämpfung - 29.06.2014 (5)
  10. ESET meldet spy.zbot.aao trojaner
    Plagegeister aller Art und deren Bekämpfung - 05.12.2013 (9)
  11. Eset meldet Win32/Virut.NBP Virus
    Plagegeister aller Art und deren Bekämpfung - 25.10.2013 (9)
  12. Funde mit Malwarebytes und Eset
    Log-Analyse und Auswertung - 25.09.2013 (3)
  13. ESET hat mir 3 Funde gemeldet
    Log-Analyse und Auswertung - 25.01.2013 (4)
  14. Eset meldet Kryptik AMQ Trojaner
    Log-Analyse und Auswertung - 08.11.2012 (2)
  15. Eset findet Win32/Adware Toolbar Dealio+35 funde von mbam
    Log-Analyse und Auswertung - 01.03.2012 (11)
  16. ESET meldet CDBurnerXP als Virus
    Plagegeister aller Art und deren Bekämpfung - 01.08.2011 (1)
  17. ESET meldet WIN32/Conficker.AL Wurm
    Plagegeister aller Art und deren Bekämpfung - 02.07.2009 (0)

Zum Thema ESET meldet Funde - Hallo liebes Trojaner-Board-Team, wie bereits der Titel sagt, meldet ESET bei mir ein paar Funde. Leider habe ich vergessen einen Screenshot anzufertigen. was ist noch weiß ist, dass es insgesamt - ESET meldet Funde...
Archiv
Du betrachtest: ESET meldet Funde auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.