| |
| |||||||
Log-Analyse und Auswertung: Malewarebytes findet: PUP.Optional.StartPage24Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
16.11.2017, 16:23
| #1 |
| |  Malewarebytes findet: PUP.Optional.StartPage24 Hey ihr Lieben, Malewarebytes hat mir vorhin folgenden Fund angezeigt: PUP.Optional.StartPage24 Der Fund befindet sich in einem Mozilla Firefox Profile und kommt vermutlich durch eine Extension.... Vlt. könnt ihr mir ja bei der Entfernung helfen *hoff* Ich habe den Fund zunächst einmal in die Quarantäne verschoben und dann im Anschluß FRST laufen lassen. Folgende Logs wurden ausgelesen (im nächsten Post, weil zu lang): Viele Dank und viele liebe Grüße Idrial FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-11-2017
durchgeführt von webma (Administrator) auf REJJA-PC (16-11-2017 15:52:15)
Gestartet von C:\Users\webma\Downloads
Geladene Profile: webma & (Verfügbare Profile: webma)
Platform: Windows 10 Home Version 1703 15063.726 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\AURA\AsRogAuraService.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\data\SWARM_CONNECT\SwarmHW_Service.exe
() C:\Program Files (x86)\ASUS\AURA\AsRogAuraGpuDllServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
(Palit Microsystems Ltd.) C:\Program Files (x86)\Thunder Master\THPanel.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(ROCCAT) C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe
() C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\detect_start_process.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Spotify Ltd) C:\Users\webma\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17092.13511.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-09] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17988216 2017-08-18] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-11] (AVAST Software)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Safe Shopping] => C:\Program Files (x86)\Avira\Safe Shopping\Avira Safe Shopping.exe [546960 2017-10-30] (Avira Operations Gmbh & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [65120 2017-11-07] (Avira Operations GmbH & Co. KG)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2030440 2017-03-30] (Palit Microsystems Ltd.)
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\Run: [Discord] => C:\Users\webma\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\Run: [Spotify] => C:\Users\webma\AppData\Roaming\Spotify\Spotify.exe [21025392 2017-11-11] (Spotify Ltd)
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\Run: [Spotify Web Helper] => C:\Users\webma\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-11] (Spotify Ltd)
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2030440 2017-03-30] (Palit Microsystems Ltd.)
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\Run: [Discord] => C:\Users\webma\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\Run: [Spotify] => C:\Users\webma\AppData\Roaming\Spotify\Spotify.exe [21025392 2017-11-11] (Spotify Ltd)
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\Run: [Spotify Web Helper] => C:\Users\webma\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-11] (Spotify Ltd)
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2030440 2017-03-30] (Palit Microsystems Ltd.)
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\Run: [Discord] => C:\Users\webma\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\Run: [Spotify] => C:\Users\webma\AppData\Roaming\Spotify\Spotify.exe [21025392 2017-11-11] (Spotify Ltd)
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\Run: [Spotify Web Helper] => C:\Users\webma\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-11] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROCCAT Swarm.lnk [2017-09-13]
ShortcutTarget: ROCCAT Swarm.lnk -> C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe (ROCCAT)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{9e1808a1-db4e-4966-9749-284804235294}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-09-14] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-14] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\webma\AppData\Roaming\Mozilla\Firefox\Profiles\IRezVTFY.default [2017-11-16]
FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\webma\AppData\Roaming\Mozilla\Firefox\Profiles\IRezVTFY.default\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-10-13] [Legacy]
FF Extension: (Avast Online Security) - C:\Users\webma\AppData\Roaming\Mozilla\Firefox\Profiles\IRezVTFY.default\Extensions\wrc@avast.com.xpi [2017-10-13]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\webma\AppData\Roaming\Mozilla\Firefox\Profiles\IRezVTFY.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2017-11-15]
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-14] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-07-05]
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://istream.link/search.php?query={searchTerms}&type=web&src=njlppdgedlaobpcbobcllbibebebkgam&frm=ob
CHR DefaultSearchKeyword: Default -> istream.link
CHR DefaultSuggestURL: Default -> hxxps://istream.link/suggest.php?client=chrome&q={searchTerms}
CHR Profile: C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default [2017-11-16]
CHR Extension: (Präsentationen) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (BetterTTV) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-09-16]
CHR Extension: (Docs) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-13]
CHR Extension: (YouTube) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-13]
CHR Extension: (Avast SafePrice) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-10-18]
CHR Extension: (Tabellen) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Docs Offline) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-13]
CHR Extension: (LottaDeals) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigcbafcnfakaokfjaplokfbgmjldpfg [2017-09-14]
CHR Extension: (iStream.link Media Search) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\njlppdgedlaobpcbobcllbibebebkgam [2017-09-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-13]
CHR Extension: (Google Mail) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-13]
CHR Extension: (Chrome Media Router) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-16]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iigcbafcnfakaokfjaplokfbgmjldpfg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [njlppdgedlaobpcbobcllbibebebkgam] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-10-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-10-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-10-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1525240 2017-10-15] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe [933840 2017-02-17] ()
R2 AsRogAuraService; C:\Program Files (x86)\ASUS\AURA\AsRogAuraService.exe [856536 2017-02-17] (ASUSTek Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [Datei ist nicht signiert]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-11] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-11] (AVAST Software)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [413592 2017-11-02] (Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [332016 2017-10-25] (Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [101792 2017-11-08] (Avira Operations GmbH & Co. KG)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3885592 2017-03-03] (devolo AG)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-08-18] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-10-27] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-10-27] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-10-27] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460920 2017-10-27] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123104 2017-11-02] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3002728 2017-11-02] (Electronic Arts)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [74256 2017-11-07] (Avira Operations GmbH & Co. KG)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [730304 2016-01-11] (Wacom Technology, Corp.)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [43400 2017-03-01] (Advanced Micro Devices, Inc)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [33120 2017-05-11] (Advanced Micro Devices, Inc)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices, Inc. )
R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31112 2017-10-10] (Advanced Micro Devices)
R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243056 2017-06-12] (Advanced Micro Devices, Inc. )
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2016-11-18] ()
S3 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [321032 2017-10-11] (AVAST Software s.r.o.)
S3 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-10-11] (AVAST Software s.r.o.)
S3 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-10-11] (AVAST Software s.r.o.)
S3 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-10-11] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47008 2017-10-11] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147776 2017-10-11] (AVAST Software)
S3 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-10-11] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-10-11] (AVAST Software)
S3 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1029872 2017-10-26] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [587168 2017-10-11] (AVAST Software)
S3 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [201352 2017-10-11] (AVAST Software)
S3 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [363440 2017-10-11] (AVAST Software)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-08-17] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [176224 2017-09-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-08-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-08-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-08-17] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [38048 2017-08-17] (Avira Operations GmbH & Co. KG)
R3 cpuz140; C:\WINDOWS\TEMP\cpuz140\cpuz140_x64.sys [43840 2017-11-16] (CPUID)
R3 e1rexpress; C:\WINDOWS\system32\DRIVERS\e1r65x64.sys [540112 2016-07-29] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-01] ()
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-08-18] (Logitech Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193464 2017-11-16] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-11-16] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2017-11-16] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2017-11-16] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-11-16] (Malwarebytes)
R2 NPF_devolo; C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys [36496 2017-02-20] (Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f936d37e592b25aa\nvlddmkm.sys [16936048 2017-10-28] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-10-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50808 2017-10-27] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-10-27] (NVIDIA Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
U3 aswbdisk; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-11-16 15:52 - 2017-11-16 15:52 - 000027529 _____ C:\Users\webma\Downloads\FRST.txt
2017-11-16 15:52 - 2017-11-16 15:52 - 000000000 ____D C:\FRST
2017-11-16 15:51 - 2017-11-16 15:51 - 002392576 _____ (Farbar) C:\Users\webma\Downloads\FRST64.exe
2017-11-16 15:44 - 2017-11-16 15:45 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-11-16 15:44 - 2017-11-16 15:44 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-11-16 15:44 - 2017-11-16 15:44 - 000193464 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2017-11-16 15:44 - 2017-11-16 15:44 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-11-16 15:44 - 2017-11-16 15:44 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-11-16 15:44 - 2017-11-16 15:44 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-11-16 15:44 - 2017-11-16 15:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-16 15:44 - 2017-11-16 15:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-16 15:44 - 2017-11-16 15:44 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-16 15:44 - 2017-11-01 08:54 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-11-16 15:43 - 2017-11-16 15:43 - 078346672 _____ (Malwarebytes ) C:\Users\webma\Downloads\mb3-setup-consumer-3.3.1.2183.exe
2017-11-16 14:59 - 2017-11-16 14:59 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-11-16 14:30 - 2017-11-16 14:30 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne270b1e7f75571a7
2017-11-16 14:25 - 2017-11-16 14:25 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignfeb1f9f24f869918
2017-11-16 14:25 - 2017-11-16 14:25 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5e5fd04646439560
2017-11-16 14:25 - 2017-11-16 14:25 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign2dbddcb279cc25a4
2017-11-16 14:25 - 2017-11-16 14:25 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign228df931abe9f043
2017-11-16 09:30 - 2017-11-16 09:30 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignee27ef57d6c9bcc1
2017-11-16 09:29 - 2017-11-16 09:29 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign93360022788965b7
2017-11-16 09:29 - 2017-11-16 09:29 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4c93869a452991b5
2017-11-16 09:29 - 2017-11-16 09:29 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1b33b8aaaf1234b3
2017-11-16 01:26 - 2017-11-16 01:26 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign37313beb7e1bd9ac
2017-11-16 01:21 - 2017-11-16 01:21 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1bf82389ef0a6813
2017-11-16 01:21 - 2017-11-16 01:21 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign00296db11bfb63b2
2017-11-16 01:14 - 2017-11-16 01:14 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna141cb168853d4ef
2017-11-16 00:18 - 2017-11-16 00:18 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign14a24f537d576e3e
2017-11-16 00:15 - 2017-11-16 00:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignba5fdbdcba65406b
2017-11-16 00:15 - 2017-11-16 00:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3f593a025efb19ef
2017-11-16 00:15 - 2017-11-16 00:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign206fdd5391b5f26f
2017-11-15 19:51 - 2017-11-15 19:51 - 000001193 _____ C:\Users\Public\Desktop\Avira.lnk
2017-11-15 08:14 - 2017-11-02 06:21 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-11-15 08:14 - 2017-11-02 06:21 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-11-15 08:14 - 2017-11-02 06:21 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-15 08:14 - 2017-11-02 06:21 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-11-15 08:14 - 2017-11-02 06:21 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-11-15 08:14 - 2017-11-02 06:21 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-11-15 08:14 - 2017-11-02 06:20 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-11-15 08:14 - 2017-11-02 06:20 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-11-15 08:14 - 2017-11-02 06:20 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-11-15 08:14 - 2017-11-02 06:20 - 000965016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-11-15 08:14 - 2017-11-02 06:20 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-11-15 08:14 - 2017-11-02 06:20 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-15 08:14 - 2017-11-02 06:20 - 000543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-11-15 08:14 - 2017-11-02 06:20 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-11-15 08:14 - 2017-11-02 06:20 - 000469568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-15 08:14 - 2017-11-02 06:20 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-11-15 08:14 - 2017-11-02 06:20 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-11-15 08:14 - 2017-11-02 06:16 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-15 08:14 - 2017-11-02 06:16 - 002398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-11-15 08:14 - 2017-11-02 06:16 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-15 08:14 - 2017-11-02 06:15 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-11-15 08:14 - 2017-11-02 06:15 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2017-11-15 08:14 - 2017-11-02 06:14 - 000667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-15 08:14 - 2017-11-02 06:14 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2017-11-15 08:14 - 2017-11-02 06:13 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-11-15 08:14 - 2017-11-02 06:13 - 002443672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-15 08:14 - 2017-11-02 06:13 - 001345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-15 08:14 - 2017-11-02 06:13 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-15 08:14 - 2017-11-02 06:13 - 000212888 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-11-15 08:14 - 2017-11-02 06:13 - 000095640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-11-15 08:14 - 2017-11-02 06:12 - 000727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-11-15 08:14 - 2017-11-02 06:12 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-11-15 08:14 - 2017-11-02 06:12 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-11-15 08:14 - 2017-11-02 06:12 - 000643192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-11-15 08:14 - 2017-11-02 06:12 - 000430848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-15 08:14 - 2017-11-02 06:12 - 000412752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-11-15 08:14 - 2017-11-02 06:12 - 000319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-11-15 08:14 - 2017-11-02 06:12 - 000144248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-11-15 08:14 - 2017-11-02 06:12 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2017-11-15 08:14 - 2017-11-02 06:12 - 000026472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-11-15 08:14 - 2017-11-02 06:11 - 021353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-11-15 08:14 - 2017-11-02 06:10 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-15 08:14 - 2017-11-02 06:05 - 000871408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-11-15 08:14 - 2017-11-02 06:05 - 000187800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-11-15 08:14 - 2017-11-02 06:04 - 001292360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-15 08:14 - 2017-11-02 06:03 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-11-15 08:14 - 2017-11-02 05:49 - 001838848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-11-15 08:14 - 2017-11-02 05:45 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-11-15 08:14 - 2017-11-02 05:45 - 000613136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-11-15 08:14 - 2017-11-02 05:45 - 000362144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-11-15 08:14 - 2017-11-02 05:45 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-11-15 08:14 - 2017-11-02 05:45 - 000283544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-11-15 08:14 - 2017-11-02 05:45 - 000172952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-11-15 08:14 - 2017-11-02 05:45 - 000133896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-11-15 08:14 - 2017-11-02 05:44 - 023680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-15 08:14 - 2017-11-02 05:44 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-15 08:14 - 2017-11-02 05:44 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-11-15 08:14 - 2017-11-02 05:43 - 020372896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-11-15 08:14 - 2017-11-02 05:37 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-15 08:14 - 2017-11-02 05:37 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-11-15 08:14 - 2017-11-02 05:37 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-11-15 08:14 - 2017-11-02 05:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-11-15 08:14 - 2017-11-02 05:37 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-11-15 08:14 - 2017-11-02 05:36 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-11-15 08:14 - 2017-11-02 05:36 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-11-15 08:14 - 2017-11-02 05:35 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-11-15 08:14 - 2017-11-02 05:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-11-15 08:14 - 2017-11-02 05:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-11-15 08:14 - 2017-11-02 05:35 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2017-11-15 08:14 - 2017-11-02 05:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-15 08:14 - 2017-11-02 05:34 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-11-15 08:14 - 2017-11-02 05:34 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2017-11-15 08:14 - 2017-11-02 05:34 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-11-15 08:14 - 2017-11-02 05:34 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-11-15 08:14 - 2017-11-02 05:34 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2017-11-15 08:14 - 2017-11-02 05:34 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-11-15 08:14 - 2017-11-02 05:34 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-15 08:14 - 2017-11-02 05:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-11-15 08:14 - 2017-11-02 05:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-11-15 08:14 - 2017-11-02 05:33 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-11-15 08:14 - 2017-11-02 05:33 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2017-11-15 08:14 - 2017-11-02 05:33 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2017-11-15 08:14 - 2017-11-02 05:33 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-11-15 08:14 - 2017-11-02 05:33 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll
2017-11-15 08:14 - 2017-11-02 05:32 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-11-15 08:14 - 2017-11-02 05:32 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-11-15 08:14 - 2017-11-02 05:32 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2017-11-15 08:14 - 2017-11-02 05:31 - 020512256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-15 08:14 - 2017-11-02 05:31 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-11-15 08:14 - 2017-11-02 05:31 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-11-15 08:14 - 2017-11-02 05:31 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2017-11-15 08:14 - 2017-11-02 05:30 - 013381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-15 08:14 - 2017-11-02 05:30 - 007339008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-11-15 08:14 - 2017-11-02 05:30 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-15 08:14 - 2017-11-02 05:30 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-11-15 08:14 - 2017-11-02 05:30 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-11-15 08:14 - 2017-11-02 05:30 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-11-15 08:14 - 2017-11-02 05:30 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-11-15 08:14 - 2017-11-02 05:30 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-11-15 08:14 - 2017-11-02 05:30 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-11-15 08:14 - 2017-11-02 05:30 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-11-15 08:14 - 2017-11-02 05:30 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-11-15 08:14 - 2017-11-02 05:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-11-15 08:14 - 2017-11-02 05:29 - 019338240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-15 08:14 - 2017-11-02 05:29 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-11-15 08:14 - 2017-11-02 05:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-11-15 08:14 - 2017-11-02 05:29 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-11-15 08:14 - 2017-11-02 05:29 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-15 08:14 - 2017-11-02 05:29 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-11-15 08:14 - 2017-11-02 05:28 - 023684096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-15 08:14 - 2017-11-02 05:28 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-11-15 08:14 - 2017-11-02 05:28 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-11-15 08:14 - 2017-11-02 05:28 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-11-15 08:14 - 2017-11-02 05:28 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-15 08:14 - 2017-11-02 05:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-15 08:14 - 2017-11-02 05:27 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-11-15 08:14 - 2017-11-02 05:27 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-11-15 08:14 - 2017-11-02 05:27 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-11-15 08:14 - 2017-11-02 05:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-11-15 08:14 - 2017-11-02 05:27 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-15 08:14 - 2017-11-02 05:27 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-11-15 08:14 - 2017-11-02 05:27 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll
2017-11-15 08:14 - 2017-11-02 05:26 - 008197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-15 08:14 - 2017-11-02 05:26 - 005963776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-11-15 08:14 - 2017-11-02 05:26 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-11-15 08:14 - 2017-11-02 05:26 - 003060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-11-15 08:14 - 2017-11-02 05:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-11-15 08:14 - 2017-11-02 05:26 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-11-15 08:14 - 2017-11-02 05:26 - 001937408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2017-11-15 08:14 - 2017-11-02 05:26 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-11-15 08:14 - 2017-11-02 05:26 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-15 08:14 - 2017-11-02 05:26 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-11-15 08:14 - 2017-11-02 05:26 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2017-11-15 08:14 - 2017-11-02 05:25 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-15 08:14 - 2017-11-02 05:25 - 011888128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-11-15 08:14 - 2017-11-02 05:25 - 004727808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-15 08:14 - 2017-11-02 05:25 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-11-15 08:14 - 2017-11-02 05:25 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-11-15 08:14 - 2017-11-02 05:25 - 002052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-15 08:14 - 2017-11-02 05:25 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-11-15 08:14 - 2017-11-02 05:25 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-11-15 08:14 - 2017-11-02 05:25 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-11-15 08:14 - 2017-11-02 05:25 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-11-15 08:14 - 2017-11-02 05:25 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-11-15 08:14 - 2017-11-02 05:25 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-11-15 08:14 - 2017-11-02 05:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-11-15 08:14 - 2017-11-02 05:25 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-11-15 08:14 - 2017-11-02 05:24 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-11-15 08:14 - 2017-11-02 05:24 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-11-15 08:14 - 2017-11-02 05:24 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-15 08:14 - 2017-11-02 05:24 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-11-15 08:14 - 2017-11-02 05:24 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-11-15 08:14 - 2017-11-02 05:24 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-11-15 08:14 - 2017-11-02 05:23 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-15 08:14 - 2017-11-02 05:23 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-15 08:14 - 2017-11-02 05:23 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-11-15 08:14 - 2017-11-02 05:23 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-11-15 08:14 - 2017-11-02 05:23 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-15 08:14 - 2017-11-02 05:23 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-11-15 08:14 - 2017-11-02 05:23 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-15 08:14 - 2017-11-02 05:22 - 006254080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-15 08:14 - 2017-11-02 05:22 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-11-15 08:14 - 2017-11-02 05:22 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-11-15 08:14 - 2017-11-02 05:22 - 001884160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2017-11-15 08:14 - 2017-11-02 05:22 - 001494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-11-15 08:14 - 2017-11-02 05:21 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-11-15 08:14 - 2017-11-02 05:21 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-15 08:14 - 2017-11-02 05:21 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-11-15 08:14 - 2017-11-02 05:21 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-15 08:14 - 2017-11-02 05:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-15 08:14 - 2017-10-25 08:40 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-15 08:14 - 2017-10-15 16:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-11-15 08:14 - 2017-10-15 16:03 - 006765728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-11-15 08:14 - 2017-10-15 16:01 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-11-15 08:14 - 2017-10-15 15:59 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-11-15 08:14 - 2017-10-15 15:57 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-11-15 08:14 - 2017-10-15 15:57 - 000409496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-11-15 08:14 - 2017-10-15 15:56 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-11-15 08:14 - 2017-10-15 15:55 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-11-15 08:14 - 2017-10-15 15:53 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-11-15 08:14 - 2017-10-15 15:53 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-11-15 08:14 - 2017-10-15 15:51 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-11-15 08:14 - 2017-10-15 15:49 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-11-15 08:14 - 2017-10-15 15:49 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-11-15 08:14 - 2017-10-15 15:45 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-11-15 08:14 - 2017-10-15 15:45 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-11-15 08:14 - 2017-10-15 15:44 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-11-15 08:14 - 2017-10-15 15:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-11-15 08:14 - 2017-10-15 15:42 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-11-15 08:14 - 2017-10-15 15:42 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-11-15 08:14 - 2017-10-15 15:41 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-11-15 08:14 - 2017-10-15 15:41 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-11-15 08:14 - 2017-10-15 15:38 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-11-15 08:14 - 2017-10-15 15:15 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-11-15 08:14 - 2017-10-15 15:14 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-11-15 08:14 - 2017-10-15 15:13 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-11-15 08:14 - 2017-10-15 15:10 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-11-15 08:14 - 2017-10-15 15:09 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-11-15 08:14 - 2017-10-15 15:09 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-11-15 08:14 - 2017-10-15 15:08 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-11-15 08:14 - 2017-10-15 15:08 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-11-15 08:14 - 2017-10-15 15:07 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-11-15 08:14 - 2017-10-15 15:05 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-11-15 08:14 - 2017-10-15 15:05 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-11-15 08:14 - 2017-10-15 15:04 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-11-15 08:14 - 2017-10-15 15:02 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-11-15 08:14 - 2017-10-15 15:00 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-11-14 17:10 - 2017-11-14 17:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7b6f3e9bdaed11e2
2017-11-14 17:06 - 2017-11-14 17:06 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign950b9b8e647b1f03
2017-11-14 17:05 - 2017-11-14 17:05 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf2eb2c53f8e533af
2017-11-14 17:05 - 2017-11-14 17:05 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignab81a3b4a0c0ab51
2017-11-14 17:05 - 2017-11-14 17:05 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign621758f4e7f96120
2017-11-14 13:59 - 2017-11-14 13:59 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign015e2309645afec9
2017-11-14 13:45 - 2017-11-14 13:45 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4ce810d7e4ca8f9e
2017-11-14 13:41 - 2017-11-14 13:41 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign845bfe61afc94c97
2017-11-14 13:41 - 2017-11-14 13:41 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign63b1fdf75d40f85e
2017-11-14 13:41 - 2017-11-14 13:41 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1ab2a62162c68306
2017-11-14 11:54 - 2017-11-14 11:54 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7eb9268c44364055
2017-11-13 23:28 - 2017-11-13 23:28 - 000000000 ____D C:\Windows.old
2017-11-13 21:16 - 2017-11-13 21:16 - 003258261 _____ C:\Users\webma\Downloads\AMD-Encoder-for-OBS-Studio.2.2.4.zip
2017-11-13 21:16 - 2017-11-13 21:16 - 000000000 ____D C:\Users\webma\Downloads\AMD-Encoder-for-OBS-Studio.2.2.4
2017-11-13 21:14 - 2017-11-13 21:14 - 001810764 _____ C:\Users\webma\Downloads\AMD-Encoder-for-OBS-Studio.2.2.4.7z
2017-11-13 20:43 - 2017-11-16 09:26 - 000000000 ____D C:\Users\Public\Speedup Sessions
2017-11-13 20:15 - 2017-11-13 20:15 - 004529185 _____ C:\Users\webma\Downloads\Lina - Dreist [720p].mp4
2017-11-13 17:57 - 2017-11-13 17:57 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne38674d189bfde91
2017-11-13 17:43 - 2017-11-13 17:43 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigneb57a3929b08ad63
2017-11-13 16:30 - 2017-11-13 16:30 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne1fb8ee366dbb8ab
2017-11-13 16:29 - 2017-11-13 16:29 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign6414ee50e2820eec
2017-11-13 16:28 - 2017-11-13 16:28 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc833029646288934
2017-11-13 16:26 - 2017-11-13 16:26 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna84d3ebd0fc31f3d
2017-11-13 16:26 - 2017-11-13 16:26 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8b996e5bddd9965e
2017-11-13 16:15 - 2017-11-13 16:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8f05f8077a291609
2017-11-13 16:15 - 2017-11-13 16:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign6bf8ef933aeceb0a
2017-11-13 16:15 - 2017-11-13 16:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign186485e670a18d73
2017-11-13 15:17 - 2017-11-13 15:17 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignbbe7fbb5d024df65
2017-11-13 15:14 - 2017-11-13 15:14 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb26321ecd3b04d0b
2017-11-13 15:13 - 2017-11-13 15:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign69ceef32c42a6c25
2017-11-13 15:13 - 2017-11-13 15:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0322f8b722aae701
2017-11-13 14:03 - 2017-11-13 14:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign383d04b2a80a9dde
2017-11-13 11:33 - 2017-11-13 11:33 - 000000000 ____D
|
|
16.11.2017, 16:24
| #2 |
| | Malewarebytes findet: PUP.Optional.StartPage24 FRST Teil 2
__________________Code:
ATTFilter C:\Users\webma\AppData\Local\Tempzxpsign205139ced67a45b3
2017-11-13 11:17 - 2017-11-13 11:17 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign2ab94e7dd7345497
2017-11-13 11:13 - 2017-11-13 11:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign99107a3ca352a24c
2017-11-13 11:13 - 2017-11-13 11:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign817f5db8622b5a9e
2017-11-13 11:13 - 2017-11-13 11:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign26e4f19a9288de02
2017-11-13 11:10 - 2017-11-13 11:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign2a73e72a6ae7a8b1
2017-11-13 10:55 - 2017-11-13 10:55 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd9f3f9c7453b0d3f
2017-11-13 10:18 - 2017-11-13 10:18 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne6cb9749451b293e
2017-11-13 10:18 - 2017-11-13 10:18 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign6c2c4850789cf79c
2017-11-13 10:04 - 2017-11-13 10:04 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7f6783e3b1102ab3
2017-11-13 08:56 - 2017-11-13 08:56 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7c293c000ac147c5
2017-11-13 08:55 - 2017-11-13 08:55 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne546c2e71181aad3
2017-11-13 08:55 - 2017-11-13 08:55 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb025918d1be2917e
2017-11-13 08:43 - 2017-11-13 09:26 - 2116807362 _____ C:\Users\webma\Downloads\188835416-92213409-7a6ff9da-a33f-42ed-8721-7f5afb4d870a.mp4
2017-11-13 00:44 - 2017-11-13 00:44 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0c195a62de8cf271
2017-11-13 00:41 - 2017-11-13 00:41 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna62d065bccb7ae87
2017-11-13 00:41 - 2017-11-13 00:41 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0b632c6d40b91630
2017-11-12 23:15 - 2017-11-12 23:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna157ecc850ef0026
2017-11-12 13:58 - 2017-11-12 13:58 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1bd59725f266e1aa
2017-11-12 13:34 - 2017-11-12 13:34 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignabac901e719327ea
2017-11-12 13:34 - 2017-11-12 13:34 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5d2eef0acd683b21
2017-11-12 13:34 - 2017-11-12 13:34 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign14dfbea261033029
2017-11-12 11:03 - 2017-11-12 11:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign34f301301ac778ff
2017-11-12 11:00 - 2017-11-12 11:00 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign43b609719df7e2d5
2017-11-12 11:00 - 2017-11-12 11:00 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1f27e365eaacd78a
2017-11-12 02:36 - 2017-11-12 02:36 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf1ee4895cb16280e
2017-11-11 21:06 - 2017-11-11 21:06 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne04a3200f8bb9f45
2017-11-11 21:03 - 2017-11-11 21:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignccc203ae2b588b7a
2017-11-11 21:03 - 2017-11-11 21:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigncc9ccbcc2478ffd7
2017-11-11 14:40 - 2017-11-11 14:40 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7b67ce9c13c90980
2017-11-11 14:32 - 2017-11-11 14:32 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignabdf3330b533689f
2017-11-11 14:32 - 2017-11-11 14:32 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3abd1f7d64cfd8ac
2017-11-11 13:58 - 2017-11-11 13:58 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1c0e22501cc46c19
2017-11-10 18:34 - 2017-11-10 18:34 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb4bb6cdd3da25311
2017-11-10 18:33 - 2017-11-10 18:33 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign6d8a4e6fd3c14161
2017-11-10 18:33 - 2017-11-10 18:33 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign56f9c3ae59c69ce9
2017-11-10 18:03 - 2017-11-10 18:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7b0ec691ee6bb7d9
2017-11-10 17:16 - 2017-11-10 17:16 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4cf82c826c0cd3f7
2017-11-10 17:02 - 2017-11-10 17:02 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne8d9ab4475676178
2017-11-10 17:02 - 2017-11-10 17:02 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8dcf3b8694aed8ae
2017-11-10 17:02 - 2017-11-10 17:02 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3df93fee444cabf2
2017-11-10 16:20 - 2017-11-10 16:20 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign97bbf200fa720afb
2017-11-10 16:18 - 2017-11-10 16:18 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc764bdd505cffbf9
2017-11-10 16:18 - 2017-11-10 16:18 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9596285e18b848cb
2017-11-10 16:18 - 2017-11-10 16:18 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0c67454b59bd9b6d
2017-11-10 15:22 - 2017-11-10 15:22 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd99e5c41b5f791f7
2017-11-10 15:01 - 2017-11-10 15:01 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3eea02a5d5a952fd
2017-11-10 10:25 - 2017-11-10 10:25 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9d66a741cfca14d0
2017-11-10 10:24 - 2017-11-10 10:24 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna0e9bbd704acea6c
2017-11-10 10:24 - 2017-11-10 10:24 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4cb1d41acbae17e4
2017-11-10 09:31 - 2017-11-10 09:31 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign909105333f96f4ba
2017-11-10 09:25 - 2017-11-10 09:25 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna3f7878037e586d3
2017-11-10 09:24 - 2017-11-10 09:24 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc33a6bcca4552b8b
2017-11-10 09:24 - 2017-11-10 09:24 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1b87665b2297f543
2017-11-10 09:12 - 2017-11-10 09:12 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign38460f03d3b99487
2017-11-10 08:30 - 2017-11-10 08:30 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign73e872b098ef1ef9
2017-11-10 08:29 - 2017-11-10 08:29 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf7c922679c2b3ec8
2017-11-10 08:29 - 2017-11-10 08:29 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna7d89078394105f9
2017-11-10 08:29 - 2017-11-10 08:29 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1ba396532840944f
2017-11-10 08:23 - 2017-11-10 08:23 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign32b29b8a7ce9bc7b
2017-11-09 21:23 - 2017-11-09 21:24 - 015858264 _____ C:\Users\webma\Downloads\Velvet Hanging Cloths (1).zip
2017-11-09 21:18 - 2017-11-09 21:18 - 040107750 _____ C:\Users\webma\Downloads\LeahLillith_BoomShockHair_001.package
2017-11-09 21:18 - 2017-11-09 21:18 - 007251203 _____ C:\Users\webma\Downloads\jennisims_NewseaS4HairTellMe(Retexture).zip
2017-11-09 21:06 - 2017-11-09 21:06 - 015858264 _____ C:\Users\webma\Downloads\Velvet Hanging Cloths.zip
2017-11-09 21:05 - 2017-11-09 21:05 - 028990152 _____ C:\Users\webma\Downloads\[novvvas] Velvet Hanging Cloths Recolors.rar
2017-11-09 21:03 - 2017-11-09 21:04 - 025754245 _____ C:\Users\webma\Downloads\simiracle leahlillith clique toddler.package
2017-11-09 21:03 - 2017-11-09 21:03 - 025751414 _____ C:\Users\webma\Downloads\simiracle leahlillith clique kids.package
2017-11-09 21:03 - 2017-11-09 21:03 - 025751414 _____ C:\Users\webma\Downloads\simiracle leahlillith clique kids (1).package
2017-11-09 21:03 - 2017-11-09 21:03 - 011569126 _____ C:\Users\webma\Downloads\1392526.zip
2017-11-09 21:02 - 2017-11-09 21:02 - 024188521 _____ C:\Users\webma\Downloads\LeahLillith_CliqueHair_001.package
2017-11-09 21:01 - 2017-11-09 21:01 - 000650118 _____ C:\Users\webma\Downloads\PS_EyebrowContour_N01.package
2017-11-09 21:00 - 2017-11-09 21:00 - 000892250 _____ C:\Users\webma\Downloads\Bobur Lipstick 33.package
2017-11-09 20:59 - 2017-11-09 20:59 - 023093140 _____ C:\Users\webma\Downloads\Anto_S4Hair_Owl.package
2017-11-09 20:57 - 2017-11-09 20:57 - 000141708 _____ C:\Users\webma\Downloads\Madlen Lombardia Shoes.package
2017-11-09 20:53 - 2017-11-09 20:53 - 005084280 _____ C:\Users\webma\Downloads\Wandtattoo Trinken Rezept.zip
2017-11-09 20:52 - 2017-11-09 20:52 - 000688040 _____ C:\Users\webma\Downloads\Fussmatten_byUrbina.package
2017-11-09 17:09 - 2017-11-09 17:09 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0c96d1c5f733317e
2017-11-09 16:33 - 2017-11-09 16:33 - 000000000 ____D C:\Users\webma\Downloads\PaintingPartyTime_jennisims
2017-11-09 16:33 - 2017-11-09 16:33 - 000000000 ____D C:\Users\webma\Downloads\LittleFlowerWallpapers_Annett85
2017-11-09 16:33 - 2017-11-09 16:33 - 000000000 ____D C:\Users\webma\Downloads\1393878
2017-11-09 16:32 - 2017-11-09 16:33 - 000000000 ____D C:\Users\webma\Downloads\1394328
2017-11-09 15:27 - 2017-11-09 15:27 - 002086229 _____ C:\Users\webma\Downloads\PaintingPartyTime_jennisims.zip
2017-11-09 15:23 - 2017-11-09 15:23 - 025176873 _____ C:\Users\webma\Downloads\LittleFlowerWallpapers_Annett85.zip
2017-11-09 15:12 - 2017-11-09 15:12 - 020047777 _____ C:\Users\webma\Downloads\1393878.zip
2017-11-09 15:10 - 2017-11-09 15:10 - 094089758 _____ C:\Users\webma\Downloads\1394328.zip
2017-11-09 14:45 - 2017-11-09 14:45 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4f2bebf36b90898c
2017-11-09 14:43 - 2017-11-09 14:43 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4a94e52a6ce1ee5e
2017-11-09 14:43 - 2017-11-09 14:43 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign317413e87f59b4e4
2017-11-08 16:40 - 2017-11-08 16:40 - 000035900 _____ C:\Users\webma\AppData\Local\recently-used.xbel
2017-11-08 14:19 - 2017-11-08 14:19 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign994c34cee264a626
2017-11-08 14:13 - 2017-11-08 14:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3e3b39646e5c5675
2017-11-08 14:13 - 2017-11-08 14:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1044903013d36cdc
2017-11-08 11:42 - 2017-11-08 11:42 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign27b4eaf45eacb09f
2017-11-08 11:31 - 2017-11-08 11:31 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf7e38f745fc5129f
2017-11-08 10:34 - 2017-11-08 10:34 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5f11ec76ba53defe
2017-11-08 09:27 - 2017-11-08 09:27 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignfffe3f484db40fdb
2017-11-08 09:10 - 2017-11-08 09:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndd9bb70023bb62fd
2017-11-08 09:10 - 2017-11-08 09:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign18bd45eea6fd7189
2017-11-08 09:10 - 2017-11-08 09:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign17b7d0d24552708e
2017-11-08 08:39 - 2017-11-08 08:39 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3140ad3d0be1d03a
2017-11-08 08:31 - 2017-11-08 08:31 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign115bf2bd6aa1846c
2017-11-08 08:02 - 2017-11-08 08:02 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne277c780b7622df7
2017-11-08 08:02 - 2017-11-08 08:02 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb06c79b8ae19f674
2017-11-08 08:02 - 2017-11-08 08:02 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign19cf59338ec2d9d3
2017-11-08 01:39 - 2017-11-08 01:39 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5d40d2e0dc1738fb
2017-11-08 01:11 - 2017-11-08 01:11 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign50039b15b74fe045
2017-11-08 01:10 - 2017-11-08 01:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign2d4536c4f6ff7601
2017-11-08 01:08 - 2017-11-08 01:08 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc8dc17898507b12b
2017-11-08 01:08 - 2017-11-08 01:08 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign73fa10031e7ee157
2017-11-08 01:07 - 2017-11-08 01:07 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna262fcdc6d1978e6
2017-11-08 01:06 - 2017-11-08 01:06 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb866012976d828c3
2017-11-08 01:06 - 2017-11-08 01:06 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign949f946a6ac43cb2
2017-11-08 01:06 - 2017-11-08 01:06 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign14dca0256cb2261d
2017-11-07 20:39 - 2017-11-07 20:39 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign21329aff6595e781
2017-11-07 20:33 - 2017-11-07 20:33 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5db22534d5f3749f
2017-11-07 19:08 - 2017-11-07 19:08 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign736995dcdc86fe48
2017-11-07 19:08 - 2017-11-07 19:08 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3d0de977c859b63c
2017-11-07 19:07 - 2017-11-07 19:07 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc594eb3e7786b801
2017-11-07 19:07 - 2017-11-07 19:07 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3bd4a7caea6ddd2f
2017-11-07 19:05 - 2017-11-07 19:05 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign53e7cac9b91b8667
2017-11-07 19:01 - 2017-11-07 19:01 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign6f1952802aa9a386
2017-11-07 18:53 - 2017-11-07 18:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna0a1c010d26d5f2a
2017-11-07 18:53 - 2017-11-07 18:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign11bff207867529b7
2017-11-07 14:57 - 2017-11-07 14:57 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign2d5633fda30e0d80
2017-11-07 14:55 - 2017-11-07 14:55 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign44aaac670a503f1b
2017-11-07 14:53 - 2017-11-07 14:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9cfbff8c8c66e1f0
2017-11-07 14:53 - 2017-11-07 14:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign745c7a0eed82aae4
2017-11-07 14:12 - 2017-11-07 14:12 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4762090bef7a8c92
2017-11-07 14:10 - 2017-11-07 14:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignfd6205127c1bb014
2017-11-07 14:10 - 2017-11-07 14:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5d63075dac020e67
2017-11-07 14:09 - 2017-11-07 14:09 - 000000000 ____D C:\Users\webma\Downloads\luna2
2017-11-07 14:09 - 2017-11-07 14:09 - 000000000 ____D C:\Users\webma\Downloads\fineliner_script
2017-11-07 14:09 - 2017-11-07 14:09 - 000000000 ____D C:\Users\webma\Downloads\a_little_pot
2017-11-07 14:08 - 2017-11-07 14:08 - 000000000 ____D C:\Users\webma\Downloads\catcafe
2017-11-07 14:07 - 2017-11-07 14:07 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8fb6a1cce3f9908f
2017-11-07 14:06 - 2017-11-07 14:06 - 000082740 _____ C:\Users\webma\Downloads\catcafe.zip
2017-11-07 14:06 - 2017-11-07 14:06 - 000035490 _____ C:\Users\webma\Downloads\fineliner_script.zip
2017-11-07 14:06 - 2017-11-07 14:06 - 000030814 _____ C:\Users\webma\Downloads\luna2.zip
2017-11-07 14:06 - 2017-11-07 14:06 - 000011395 _____ C:\Users\webma\Downloads\a_little_pot.zip
2017-11-07 14:03 - 2017-11-07 14:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndd8a2372ad077f75
2017-11-07 14:03 - 2017-11-07 14:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign922b0c4261ac346c
2017-11-07 14:03 - 2017-11-07 14:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8b24bc3115ded409
2017-11-07 13:59 - 2017-11-07 13:59 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign32a92d9213f70d8c
2017-11-07 13:54 - 2017-11-07 13:54 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc23882486f2a393f
2017-11-07 13:54 - 2017-11-07 13:54 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3e49f5d3f125a736
2017-11-07 13:54 - 2017-11-07 13:54 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1367a859dc54b020
2017-11-07 13:53 - 2017-11-07 13:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign6fcecd90a8200fed
2017-11-07 13:39 - 2017-11-07 13:39 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign65d0cfe4fd8ab831
2017-11-07 12:47 - 2017-11-07 12:47 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign44c1092324498a40
2017-11-07 07:52 - 2017-11-07 07:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignbd246fcaade580d9
2017-11-07 07:52 - 2017-11-07 07:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8f21dc261db67a6a
2017-11-07 07:52 - 2017-11-07 07:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign49551e1f39eeaf7a
2017-11-07 07:48 - 2017-11-07 07:48 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1d27a5c2431e2c44
2017-11-07 07:47 - 2017-11-07 07:47 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4879d1a6486dd01f
2017-11-07 07:47 - 2017-11-07 07:47 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign20e917b63f940bb3
2017-11-07 01:28 - 2017-11-07 01:28 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne9913aebc2f525d0
2017-11-06 15:55 - 2017-11-06 15:55 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignab3a375b1b9e47d8
2017-11-06 15:55 - 2017-11-06 15:55 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign73637cf594d89533
2017-11-06 15:55 - 2017-11-06 15:55 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign04ac8a1f2dde9566
2017-11-06 14:17 - 2017-11-06 14:17 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna3767f4c50441228
2017-11-06 09:23 - 2017-11-06 09:23 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna1d6c10f36f1f50c
2017-11-06 09:20 - 2017-11-06 09:20 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignce820c54649338dc
2017-11-06 09:20 - 2017-11-06 09:20 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign2c05178b1385c8d5
2017-11-06 08:57 - 2017-11-06 08:57 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4b9c75fb97936043
2017-11-05 23:44 - 2017-11-05 23:44 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign69a144d6254cce97
2017-11-05 23:30 - 2017-11-05 23:30 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign65d07958db40e6b4
2017-11-05 23:26 - 2017-11-05 23:26 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd5c34cde92c72391
2017-11-05 23:26 - 2017-11-05 23:26 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0e0b1c3125f0ff64
2017-11-05 15:40 - 2017-11-05 15:40 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9587248346c33b0c
2017-11-05 15:40 - 2017-11-05 15:40 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8538a0a5b3385c61
2017-11-05 15:40 - 2017-11-05 15:40 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0a08af36b1a049b1
2017-11-05 15:13 - 2017-11-05 15:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign6596b7081fbac768
2017-11-05 13:51 - 2017-11-05 13:51 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignedff1434126718df
2017-11-05 13:13 - 2017-11-05 13:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignab348d58c59326bf
2017-11-05 13:13 - 2017-11-05 13:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8df85a8cc0920de9
2017-11-05 13:06 - 2017-11-05 13:06 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd45ee6c3215ea8d5
2017-11-05 13:03 - 2017-11-05 13:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignae5f2d4923946cc3
2017-11-05 13:03 - 2017-11-05 13:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign6e058567fa91cbb2
2017-11-05 13:02 - 2017-11-05 13:02 - 000000000 ____D C:\Users\webma\Downloads\sofija
2017-11-05 13:01 - 2017-11-05 13:01 - 000000000 ____D C:\Users\webma\Downloads\tumult
2017-11-05 13:01 - 2017-11-05 13:01 - 000000000 ____D C:\Users\webma\Downloads\october_crow
2017-11-05 13:01 - 2017-11-05 13:01 - 000000000 ____D C:\Users\webma\Downloads\dead_font_walking
2017-11-05 13:00 - 2017-11-05 13:00 - 000000000 ____D C:\Users\webma\Downloads\uptown
2017-11-05 13:00 - 2017-11-05 13:00 - 000000000 ____D C:\Users\webma\Downloads\_ank
2017-11-05 12:59 - 2017-11-05 12:59 - 000000000 ____D C:\Users\webma\Downloads\viper_nora
2017-11-05 12:59 - 2017-11-05 12:59 - 000000000 ____D C:\Users\webma\Downloads\scratched_letters
2017-11-05 12:59 - 2017-11-05 12:59 - 000000000 ____D C:\Users\webma\Downloads\metro_grunge
2017-11-05 12:56 - 2017-11-05 12:56 - 000369352 _____ C:\Users\webma\Downloads\tumult.zip
2017-11-05 12:56 - 2017-11-05 12:56 - 000017370 _____ C:\Users\webma\Downloads\dead_font_walking.zip
2017-11-05 12:55 - 2017-11-05 12:55 - 000111436 _____ C:\Users\webma\Downloads\october_crow.zip
2017-11-05 12:55 - 2017-11-05 12:55 - 000092040 _____ C:\Users\webma\Downloads\_ank.zip
2017-11-05 12:55 - 2017-11-05 12:55 - 000038912 _____ C:\Users\webma\Downloads\uptown.zip
2017-11-05 12:54 - 2017-11-05 12:54 - 000404968 _____ C:\Users\webma\Downloads\viper_nora.zip
2017-11-05 12:54 - 2017-11-05 12:54 - 000378547 _____ C:\Users\webma\Downloads\metro_grunge.zip
2017-11-05 12:54 - 2017-11-05 12:54 - 000231980 _____ C:\Users\webma\Downloads\scratched_letters.zip
2017-11-05 12:54 - 2017-11-05 12:54 - 000033287 _____ C:\Users\webma\Downloads\sofija.zip
2017-11-05 12:33 - 2017-11-05 12:33 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf12609c6dd6cd9d0
2017-11-05 12:20 - 2017-11-05 12:20 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb94a775fab0423f6
2017-11-05 12:20 - 2017-11-05 12:20 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna024220817065493
2017-11-05 12:19 - 2017-11-05 12:19 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd537cee57b8632eb
2017-11-05 12:19 - 2017-11-05 12:19 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign46317ecab310c777
2017-11-05 11:45 - 2017-11-05 11:45 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4b1e58fe0d06dbd7
2017-11-05 10:40 - 2017-11-05 10:40 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf494f3161216545c
2017-11-05 10:40 - 2017-11-05 10:40 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigned87ae0331f9e729
2017-11-05 10:40 - 2017-11-05 10:40 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb9266e43ba81e86a
2017-11-04 20:48 - 2017-11-05 10:40 - 000000000 ____D C:\Users\webma\AppData\Local\NVIDIA
2017-11-04 20:47 - 2017-11-04 20:47 - 000001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-11-04 20:45 - 2017-11-04 20:45 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-11-04 20:45 - 2017-10-27 17:06 - 000136312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-11-04 20:45 - 2017-09-14 00:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-11-04 20:45 - 2017-09-14 00:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-11-04 20:45 - 2017-09-14 00:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-11-04 20:45 - 2017-09-14 00:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-11-04 20:44 - 2017-10-27 18:50 - 040237688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 036239480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 035156928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 029270976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 023262280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 019037416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 013864048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 013254520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 011779328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 010882720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 004201592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 003614328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 001989056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438813.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 001673848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438813.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 001331200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 001321448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 001135464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 001099712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 001044848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 001038680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 001031104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 000981112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 000932288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 000794392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 000739448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 000634224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 000618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 000615544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 000598464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 000505976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 000045496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2017-11-04 20:44 - 2017-10-27 18:50 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-11-04 20:44 - 2017-10-27 18:50 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-11-04 20:40 - 2017-11-04 20:42 - 460431568 _____ (NVIDIA Corporation) C:\Users\webma\Downloads\388.13-desktop-win10-64bit-international-whql.exe
2017-11-04 20:39 - 2017-11-04 20:39 - 000001279 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2017-11-04 20:38 - 2017-11-04 20:38 - 102817808 _____ (obsproject.com) C:\Users\webma\Downloads\OBS-Studio-20.1.1-Full-Installer.exe
2017-11-04 14:32 - 2017-11-04 14:32 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign61cb94ba0abb4e4f
2017-11-04 14:11 - 2017-11-04 14:11 - 077167394 _____ C:\Users\webma\Downloads\187561793-92213409-26816464-215d-4bdc-9a75-47911e04fb26.mp4
2017-11-03 01:53 - 2017-11-03 01:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign86a4eac31d111f09
2017-11-03 01:51 - 2017-11-03 01:51 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd27e67963fca4f75
2017-11-03 01:50 - 2017-11-03 01:50 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne46916a3e99a3b67
2017-11-03 01:50 - 2017-11-03 01:50 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign06ced60616c1abcb
2017-11-02 18:52 - 2017-11-02 18:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign30f4cb95369bffe5
2017-11-02 18:25 - 2017-11-02 18:25 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna5471ace31f3989b
2017-11-02 18:20 - 2017-11-02 18:20 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3240a7bac607407f
2017-11-02 18:19 - 2017-11-02 18:19 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9c53683dd640da0c
2017-11-02 18:19 - 2017-11-02 18:19 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9b31083cab3b8e9c
2017-11-02 17:58 - 2017-11-02 17:58 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0ed9c1c1e4813352
2017-11-02 17:56 - 2017-11-02 17:56 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3be6b4e09f5eba60
2017-11-02 17:53 - 2017-11-02 17:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd2f2940d312dad2c
2017-11-02 17:53 - 2017-11-02 17:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9869bf6d27329413
2017-11-02 17:53 - 2017-11-02 17:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign287f172604f7c7ad
2017-11-01 13:43 - 2017-11-01 13:43 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7c2ccc841523c9a8
2017-11-01 13:42 - 2017-11-01 13:42 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndc51da94e04dc864
2017-11-01 13:42 - 2017-11-01 13:42 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd6b6a3d7a9457214
2017-11-01 13:31 - 2017-11-01 13:31 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5a3280539522e2aa
2017-10-31 22:15 - 2017-10-31 22:15 - 000000000 ____D C:\Users\webma\AppData\LocalLow\DefaultCompany
2017-10-31 19:08 - 2017-10-31 19:08 - 000000222 _____ C:\Users\webma\Desktop\Through the Woods.url
2017-10-31 19:08 - 2017-10-31 19:08 - 000000222 _____ C:\Users\webma\Desktop\The Survey.url
2017-10-31 19:08 - 2017-10-31 19:08 - 000000222 _____ C:\Users\webma\Desktop\Dead End Road.url
2017-10-31 16:11 - 2017-10-31 16:11 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign762906e878359bb9
2017-10-31 16:09 - 2017-10-31 16:09 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign438954bd61d92dbc
2017-10-31 16:09 - 2017-10-31 16:09 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign07bdb6acaaf34013
2017-10-31 13:06 - 2017-10-31 13:06 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3fa4ee140cfed01e
2017-10-31 12:52 - 2017-10-31 12:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd295280b3dfdd2c4
2017-10-31 12:52 - 2017-10-31 12:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign62ba84488d841746
2017-10-31 11:17 - 2017-10-31 11:17 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignab879e75addb84d2
2017-10-31 11:17 - 2017-10-31 11:17 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign197dbe2e7cbe601f
2017-10-31 11:16 - 2017-10-31 11:16 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf62ee0464435a566
2017-10-31 11:14 - 2017-10-31 11:14 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4fb3f4fcc36714d5
2017-10-31 11:14 - 2017-10-31 11:14 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign12e163646a7f4ed9
2017-10-31 10:58 - 2017-10-31 10:58 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign09bdaec4f7b35a72
2017-10-31 10:50 - 2017-10-31 10:50 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndd4bc1d74861b93e
2017-10-31 10:49 - 2017-10-31 10:49 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna66a1f6fc7c01576
2017-10-31 10:49 - 2017-10-31 10:49 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4ae2b9a3e3c14665
2017-10-31 01:39 - 2017-10-31 01:39 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign03601af9246b27d6
2017-10-30 14:06 - 2017-10-30 14:06 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign33bd095ae93ced7f
2017-10-30 14:04 - 2017-10-30 14:04 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne5f4bf1def95d140
2017-10-30 14:04 - 2017-10-30 14:04 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna61f696fbc8c61d3
2017-10-30 14:04 - 2017-10-30 14:04 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign357fc9e2dfe04958
2017-10-30 11:22 - 2017-10-30 11:22 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf42566128a84d967
2017-10-30 11:21 - 2017-10-30 11:21 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign75116c8af664e490
2017-10-30 11:16 - 2017-10-30 11:16 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign91feaa8d9e397b10
2017-10-30 11:16 - 2017-10-30 11:16 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4d45ffb8f6a51581
2017-10-30 00:28 - 2017-10-30 00:28 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4f9a58bdb562bb18
2017-10-29 22:42 - 2017-10-29 22:42 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd37eadf69b53fb5b
2017-10-29 22:41 - 2017-10-29 22:41 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb8952d802c6b343c
2017-10-29 22:41 - 2017-10-29 22:41 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign509af73748c68371
2017-10-29 15:14 - 2017-10-29 15:14 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf2ec29746c5041d2
2017-10-29 15:14 - 2017-10-29 15:14 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8dcee0ded748ec4c
2017-10-29 15:14 - 2017-10-29 15:14 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign480fb137c874e181
2017-10-29 14:35 - 2017-10-29 14:35 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne7fe92cbdc731abd
2017-10-29 11:43 - 2017-10-29 11:43 - 000201339 _____ C:\Users\webma\Downloads\Ponybogen_3873.pdf
2017-10-29 10:48 - 2017-10-29 10:48 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf348cb2c78ea8c62
2017-10-29 10:48 - 2017-10-29 10:48 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndd348679c68c6081
2017-10-29 10:48 - 2017-10-29 10:48 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb9e330bdcc20b5d3
2017-10-29 10:42 - 2017-10-29 10:42 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9170453ad6d895c1
2017-10-28 09:43 - 2017-10-28 09:43 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign03e8174b96430bd7
2017-10-28 09:35 - 2017-10-28 09:35 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign6ee9191fe11f7455
2017-10-28 09:35 - 2017-10-28 09:35 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5dfbc268893d4760
2017-10-28 09:35 - 2017-10-28 09:35 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign2ea92e61aa8d195b
2017-10-28 09:31 - 2017-10-28 09:31 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndec5c1e009748fd8
2017-10-28 01:15 - 2017-10-28 01:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0f2f3ddc17ae4784
2017-10-28 00:52 - 2017-10-28 00:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc1d522f8a7d0f28c
2017-10-28 00:52 - 2017-10-28 00:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna51d1c2d47e24b75
2017-10-28 00:52 - 2017-10-28 00:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign93b97b80854c3159
2017-10-27 13:17 - 2017-10-27 13:17 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5f4ceed1fa68a98d
2017-10-27 13:16 - 2017-10-27 13:16 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigneb31a295aafe5ad2
2017-10-27 13:16 - 2017-10-27 13:16 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignbcf5d04b32bd1898
2017-10-27 12:52 - 2017-10-27 12:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignbdc98129b6057266
2017-10-27 12:26 - 2017-10-27 12:26 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign444c87980869dd7e
2017-10-26 23:53 - 2017-10-26 23:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7989568e3e7c94fb
2017-10-26 23:50 - 2017-10-26 23:50 - 000000000 ____D C:\Users\webma\Downloads\TombRaiderTAoD_GerPatchV2
2017-10-26 23:38 - 2017-10-26 23:38 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb4369362df2efe0f
2017-10-26 23:38 - 2017-10-26 23:38 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0fd00d1549ae6ab8
2017-10-26 23:24 - 2017-10-26 23:29 - 1324722000 _____ C:\Users\webma\Downloads\TombRaiderTAoD_GerPatchV2.zip
2017-10-26 23:16 - 2017-10-26 23:16 - 000000000 ____D C:\Users\webma\Desktop\sicherung2
2017-10-26 15:18 - 2017-10-26 15:18 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3b3d36e585faff0e
2017-10-26 15:04 - 2017-10-26 15:04 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignabb26181fb1a2e5a
2017-10-26 15:04 - 2017-10-26 15:04 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign6060d0e60441271d
2017-10-26 15:04 - 2017-10-26 15:04 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5ea7c5c3a80295f8
2017-10-26 15:04 - 2017-10-26 15:04 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0ca5df1cab6fb6e8
2017-10-25 22:53 - 2017-10-25 22:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigncdede9aad955925f
2017-10-25 22:53 - 2017-10-25 22:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8e693def4798479c
2017-10-25 22:48 - 2017-10-25 22:48 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignacf0da55d0402906
2017-10-25 22:48 - 2017-10-25 22:48 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9793796e5b82b052
2017-10-25 22:48 - 2017-10-25 22:48 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign25fb1510886ab615
2017-10-25 13:17 - 2017-10-25 13:17 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign93f6673d92b7654e
2017-10-25 13:15 - 2017-10-25 13:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb5b14a2ea741012f
2017-10-25 13:15 - 2017-10-25 13:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1e0680bd9e9094ff
2017-10-25 12:15 - 2017-10-25 12:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign970dfa0b3b1cd2d8
2017-10-25 09:20 - 2017-10-25 09:20 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5a1a7e0a2cf0e8e9
2017-10-25 09:19 - 2017-10-25 09:19 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne7d0baa0e41b5831
2017-10-25 09:19 - 2017-10-25 09:19 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7d7148925e367dff
2017-10-25 09:19 - 2017-10-25 09:19 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0554a693964cda30
2017-10-25 00:18 - 2017-10-25 00:18 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne019fdb61a5168fd
2017-10-24 22:36 - 2017-10-24 22:36 - 006926164 _____ C:\Users\webma\Downloads\notepad-plus-plus-7.5.1.zip
2017-10-24 22:33 - 2017-10-24 22:33 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign2a29f3464e892475
2017-10-24 22:32 - 2017-10-24 22:32 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8aa4122e322f627d
2017-10-24 22:31 - 2017-10-24 22:31 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne4c87b2f237b5c74
2017-10-24 22:31 - 2017-10-24 22:31 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndbbf5f5e1635f433
2017-10-24 22:31 - 2017-10-24 22:31 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign16d047c4f82bae68
2017-10-24 18:28 - 2017-10-24 18:28 - 000000222 _____ C:\Users\webma\Desktop\The Walking Dead.url
2017-10-24 16:42 - 2017-10-24 16:42 - 000000000 ____D C:\Program Files\HP
2017-10-24 16:42 - 2013-04-15 10:50 - 000654336 _____ C:\WINDOWS\system32\HP1006SM.EXE
2017-10-24 16:42 - 2013-04-15 10:50 - 000198144 _____ C:\WINDOWS\system32\HP1006LM.DLL
2017-10-24 16:28 - 2017-10-24 16:28 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd19ce1bb3233c779
2017-10-24 16:28 - 2017-10-24 16:28 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb5d2dd5bb88b3485
2017-10-24 16:28 - 2017-10-24 16:28 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign070c2b13afbf10ed
2017-10-24 15:23 - 2017-10-24 15:23 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign204576d245c45d15
2017-10-24 13:51 - 2017-10-24 13:51 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna6b16812ebeedb80
2017-10-24 13:51 - 2017-10-24 13:51 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign6151b889c6dc0288
2017-10-24 13:51 - 2017-10-24 13:51 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign03bb794f35906930
2017-10-24 13:18 - 2017-10-26 23:15 - 000000000 ____D C:\Users\webma\Desktop\sicherung1
2017-10-24 11:51 - 2017-10-24 12:13 - 078178742 _____ C:\Users\webma\Downloads\Nicht bestätigt 980403.crdownload
2017-10-24 11:48 - 2017-10-24 11:48 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9cb5f038a1515ee4
2017-10-24 11:47 - 2017-10-24 11:47 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne51d640c866993e8
2017-10-24 11:47 - 2017-10-24 11:47 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5ac81d411e8d3ef6
2017-10-24 11:47 - 2017-10-24 11:47 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0405b7fb7e9fa95f
2017-10-24 11:32 - 2017-10-24 11:32 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignda259dff3130726d
2017-10-24 10:35 - 2017-10-24 10:35 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign2eea0cc3a1392924
2017-10-23 23:35 - 2017-10-23 23:35 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf62ca8a74e51f703
2017-10-23 23:35 - 2017-10-23 23:35 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignee0409d3a24a2b62
2017-10-23 23:35 - 2017-10-23 23:35 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8a72416fee57e255
2017-10-22 23:36 - 2017-10-22 23:36 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign39b3b1c675ca9732
2017-10-22 23:33 - 2017-10-22 23:33 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignda1845c612f2f022
2017-10-22 23:33 - 2017-10-22 23:33 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign440a44583c25fe36
2017-10-22 21:12 - 2017-10-22 21:12 - 000000222 _____ C:\Users\webma\Desktop\Tomb Raider (VI) The Angel of Darkness.url
2017-10-22 20:57 - 2017-10-22 20:57 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignab8c42c5e1484290
2017-10-22 20:52 - 2017-10-22 20:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9280df3eb1d3b184
2017-10-22 20:52 - 2017-10-22 20:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign20a366254a3b5306
2017-10-22 20:52 - 2017-10-22 20:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1059a1a3f53e7531
2017-10-22 20:40 - 2017-10-22 20:40 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignda09974cbcebda18
2017-10-22 20:40 - 2017-10-22 20:40 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5d7126ed7ef13a24
2017-10-22 20:39 - 2017-10-22 20:39 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign30e0d1af83669b75
2017-10-22 20:38 - 2017-10-22 20:38 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne416abb48a9820a6
2017-10-22 20:38 - 2017-10-22 20:38 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna1dc1ef9a8764675
2017-10-22 20:16 - 2017-10-22 20:16 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignbadc7959d92e592b
2017-10-22 20:12 - 2017-10-22 20:12 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna314759b105c7439
2017-10-22 20:12 - 2017-10-22 20:12 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign711ca929e624305d
2017-10-22 20:12 - 2017-10-22 20:12 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign66d4a785ce727f62
2017-10-22 20:11 - 2017-10-22 20:11 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5523f1bfb04c6f3d
2017-10-22 19:58 - 2017-10-22 19:58 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8dd3dde7a8b74432
2017-10-22 19:57 - 2017-10-22 19:57 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0b519257923e155e
2017-10-22 19:54 - 2017-10-22 19:54 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne79c792f0773bbe1
2017-10-22 19:53 - 2017-10-22 19:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign518a78bfbd6ff97b
2017-10-22 19:52 - 2017-10-22 19:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign07c2d91d511f61d8
2017-10-22 19:50 - 2017-10-22 19:50 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb82f9530ae971857
2017-10-22 19:50 - 2017-10-22 19:50 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb76d7d43ae2f78f8
2017-10-22 19:50 - 2017-10-22 19:50 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna12632029f69f537
2017-10-22 13:36 - 2017-10-22 13:36 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd6febd129066ee82
2017-10-22 13:36 - 2017-10-22 13:36 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9d597af2c723cb20
2017-10-22 13:36 - 2017-10-22 13:36 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign64773000fee3bd05
2017-10-22 11:59 - 2017-10-22 11:59 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigncc39561d635061af
2017-10-22 11:42 - 2017-10-22 11:42 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign98b7049799cf6438
2017-10-21 15:10 - 2017-10-21 15:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna3c4a13a4a444aa4
2017-10-21 15:09 - 2017-10-21 15:09 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign86c2291ceec4c2f7
2017-10-21 15:09 - 2017-10-21 15:09 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1ffc3db67975a4a9
2017-10-21 14:51 - 2017-10-21 14:51 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne6c805a44da0db8c
2017-10-21 14:50 - 2017-10-21 14:50 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne8939a346b3cf9d8
2017-10-21 14:50 - 2017-10-21 14:50 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne41a110094bed74b
2017-10-21 14:50 - 2017-10-21 14:50 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign57856fda5fbd9483
2017-10-21 14:50 - 2017-10-21 14:50 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign33b32d9086607c0e
2017-10-21 14:07 - 2017-10-21 14:07 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign96e13a17f56b73dc
2017-10-21 11:46 - 2017-10-21 11:46 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign76ac88d567310590
2017-10-21 11:45 - 2017-10-21 11:45 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf26b69f30a2c99cf
2017-10-21 11:45 - 2017-10-21 11:45 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndffcec9543f2fa33
2017-10-21 09:58 - 2017-10-21 09:58 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign33cc590018a4b7ff
2017-10-20 14:39 - 2017-10-20 14:39 - 002423628 _____ C:\Users\webma\Downloads\Bee-Do [360p].mp4
2017-10-20 13:41 - 2017-10-20 13:41 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne1d9f2fa0f94f0c1
2017-10-20 13:41 - 2017-10-20 13:41 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignab776f1f2009af4b
2017-10-20 13:41 - 2017-10-20 13:41 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign028307b96fbfadda
2017-10-20 13:36 - 2017-10-20 13:36 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7ce7d0c9b255a643
2017-10-20 09:12 - 2017-10-20 09:12 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5f6f45f671bf3e30
2017-10-20 09:11 - 2017-10-20 09:11 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna47f05fdb6862257
2017-10-20 08:49 - 2017-10-20 08:49 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign94a2a881baba7743
2017-10-20 08:49 - 2017-10-20 08:49 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign67b3cc78838f8774
2017-10-20 07:36 - 2017-10-20 07:36 - 000560073 _____ C:\Users\webma\Downloads\Sherlock _ Welcome to London [360p].mp4
2017-10-20 07:07 - 2017-10-20 07:07 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5709b80b6505a76c
2017-10-20 07:03 - 2017-10-20 07:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb4485af790f373bb
2017-10-20 07:03 - 2017-10-20 07:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9d64d814f20d4433
2017-10-20 07:03 - 2017-10-20 07:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign387d4fa1e179f1b5
2017-10-19 16:53 - 2017-10-19 16:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignbaea64213be89541
2017-10-19 16:47 - 2017-10-19 16:47 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigncd09d5575eea0635
2017-10-19 16:47 - 2017-10-19 16:47 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign480dd6881f149fb5
2017-10-19 13:54 - 2017-10-19 13:54 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign64be6eec8a6cdfec
2017-10-19 13:28 - 2017-10-19 13:28 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc763435c50147441
2017-10-19 13:28 - 2017-10-19 13:28 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign601dd53e0fb05381
2017-10-19 08:27 - 2017-10-19 08:27 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9580e80b2322ab49
2017-10-19 08:26 - 2017-10-19 08:26 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndaeb09e2dbc950d9
2017-10-19 08:26 - 2017-10-19 08:26 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign86e8812a2ee8e6b4
2017-10-19 08:26 - 2017-10-19 08:26 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign547feb74dabdf97d
2017-10-18 22:28 - 2017-10-18 22:28 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndc3f21831d908d86
2017-10-18 15:15 - 2017-10-18 15:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7be2506da3062693
2017-10-18 13:18 - 2017-10-18 13:18 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc9101732b2aeaa66
2017-10-18 13:13 - 2017-10-18 13:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigneafa5c68e81933c5
2017-10-18 13:13 - 2017-10-18 13:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc19829f4a0873bb7
2017-10-18 13:13 - 2017-10-18 13:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna8f69d8dcf69b69f
2017-10-18 11:25 - 2017-11-05 12:58 - 000082308 _____ C:\Users\webma\Downloads\Sofija.ttf
2017-10-18 07:36 - 2017-10-18 07:36 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign98fa74194ab65561
2017-10-18 07:36 - 2017-10-18 07:36 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign07015df7e8d36263
2017-10-18 07:30 - 2017-10-18 07:30 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign69632c58d8c34523
2017-10-18 07:27 - 2017-10-18 07:27 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne56d421a56118647
2017-10-18 07:27 - 2017-10-18 07:27 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign21eba6f109491a1d
2017-10-18 07:17 - 2017-10-18 07:17 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7edd8e2df71d6fdd
2017-10-18 07:06 - 2017-10-18 07:06 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4b1a5ed137402325
2017-10-17 19:35 - 2017-10-17 19:35 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc830915eb5647c68
2017-10-17 19:30 - 2017-10-17 19:30 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne2ae601b14cbd0ff
2017-10-17 19:30 - 2017-10-17 19:30 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb32aa982df500d6b
2017-10-17 19:30 - 2017-10-17 19:30 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3e9f83d0febc9525
2017-10-17 19:27 - 2017-10-17 19:27 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndc9bc1983cda7513
2017-10-17 19:10 - 2017-10-17 19:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignec6b2381aaa57b3b
2017-10-17 19:10 - 2017-10-17 19:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd8c3b13fc0f44da6
2017-10-17 19:10 - 2017-10-17 19:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignafc3e873ce6764f4
2017-10-17 18:49 - 2017-10-17 18:49 - 009194541 _____ C:\Users\webma\Downloads\Guild Wars 2 - Halloween Trailer [720p].mp4
2017-10-17 18:37 - 2017-10-17 18:38 - 038973247 _____ C:\Users\webma\Downloads\HD 1080p _ Tim Burton's The Nightmare Before Christmas Intro - This is Halloween [720p].mp4
2017-10-17 18:28 - 2017-10-17 18:29 - 014504096 _____ C:\Users\webma\Downloads\Guild Wars 2 - Halloween Trailer! [720p].mp4
2017-10-17 18:24 - 2017-10-17 18:25 - 033021130 _____ C:\Users\webma\Downloads\Halloween 2012 - Complete OST - Guild Wars 2 [360p].mp4
2017-10-17 18:24 - 2017-10-17 18:24 - 006033104 _____ C:\Users\webma\Downloads\Guild Wars 2 Halloween 2012 - Halloween Theme [360p].mp4
2017-10-17 18:11 - 2017-10-17 18:11 - 007898165 _____ C:\Users\webma\Downloads\Guild Wars 2_ Halloween 2013 Trailer DE [720p].mp4
2017-10-17 18:03 - 2017-10-17 18:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc399d04269690298
2017-10-17 13:28 - 2017-10-17 13:28 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign2e346822e9b85027
2017-10-17 13:27 - 2017-10-17 13:27 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndfb4fb0170d28ce9
2017-10-17 13:27 - 2017-10-17 13:27 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignbfe0b6a1e3f615f3
2017-10-17 13:12 - 2017-10-17 13:12 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign29d682d68d5607d5
2017-10-17 07:41 - 2017-10-17 07:41 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign65240db856e5cfec
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-11-16 15:44 - 2017-09-13 20:58 - 000000000 ____D C:\Users\webma\AppData\LocalLow\Mozilla
2017-11-16 15:43 - 2017-09-13 16:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-16 15:01 - 2017-09-30 16:00 - 000000000 ____D C:\$WINDOWS.~BT
2017-11-16 14:30 - 2017-09-14 01:04 - 000000000 ____D C:\Users\webma\AppData\Roaming\obs-studio
2017-11-16 14:19 - 2017-09-13 21:57 - 000000000 ____D C:\Users\webma\AppData\Local\Spotify
2017-11-16 12:25 - 2017-09-13 16:04 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-16 09:32 - 2017-09-13 22:11 - 000000000 ____D C:\Users\webma\AppData\Local\CrashDumps
2017-11-16 09:26 - 2017-09-13 16:04 - 000000000 ____D C:\Users\webma
2017-11-16 09:25 - 2017-09-13 21:57 - 000000000 ____D C:\Users\webma\AppData\Roaming\Spotify
2017-11-16 09:23 - 2017-09-13 14:59 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-11-16 09:23 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-16 09:13 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-11-16 09:10 - 2017-09-13 16:10 - 004150110 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-16 09:10 - 2017-03-20 05:35 - 002038106 _____ C:\WINDOWS\system32\perfh007.dat
2017-11-16 09:10 - 2017-03-20 05:35 - 000518046 _____ C:\WINDOWS\system32\perfc007.dat
2017-11-16 09:03 - 2017-09-13 16:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-16 09:03 - 2017-09-13 16:03 - 000269344 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-16 08:49 - 2017-03-18 12:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-11-16 08:48 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-16 08:48 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-11-16 08:48 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-11-16 08:48 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-11-16 08:48 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-11-16 05:22 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-16 02:00 - 2017-09-14 08:59 - 000000000 ____D C:\Users\webma\AppData\Local\Adobe
2017-11-16 01:31 - 2017-09-14 16:02 - 000000000 ____D C:\Users\webma\AppData\Roaming\vlc
2017-11-15 23:25 - 2017-09-13 16:17 - 000002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-15 19:51 - 2017-09-13 16:18 - 000000000 ____D C:\ProgramData\Package Cache
2017-11-15 19:51 - 2017-09-13 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-11-15 18:33 - 2017-09-13 22:46 - 000000000 ____D C:\Users\webma\AppData\Roaming\Origin
2017-11-15 18:33 - 2017-09-13 22:44 - 000000000 ____D C:\ProgramData\Origin
2017-11-15 08:16 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-14 18:20 - 2017-09-13 16:14 - 000003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-14 18:20 - 2017-09-13 16:14 - 000003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-14 14:28 - 2017-09-14 14:31 - 000000000 ____D C:\Users\webma\AppData\Roaming\audacity
2017-11-14 08:53 - 2017-09-13 15:35 - 000000000 ___DC C:\WINDOWS\Panther
2017-11-14 08:47 - 2017-09-13 16:07 - 000041913 _____ C:\WINDOWS\diagwrn.xml
2017-11-14 08:47 - 2017-09-13 16:07 - 000041913 _____ C:\WINDOWS\diagerr.xml
2017-11-14 08:31 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Registration
2017-11-14 00:57 - 2017-09-13 22:48 - 000000000 ____D C:\Program Files (x86)\Steam
2017-11-13 20:43 - 2017-09-13 16:20 - 000003768 _____ C:\WINDOWS\System32\Tasks\AviraSystemSpeedupUpdate
2017-11-13 20:43 - 2017-09-13 16:18 - 000000000 ____D C:\Program Files (x86)\Avira
2017-11-13 13:39 - 2017-09-16 08:24 - 000001271 _____ C:\Users\webma\Desktop\nativelog.txt
2017-11-13 12:36 - 2017-09-13 22:40 - 000000000 ____D C:\Users\webma\AppData\Roaming\.minecraft
2017-11-12 14:22 - 2017-03-18 12:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-11-12 12:54 - 2017-09-14 07:42 - 000000000 ____D C:\Users\webma\AppData\Roaming\TS3Client
2017-11-12 08:10 - 2017-09-13 15:01 - 000000000 ____D C:\Users\webma\AppData\Local\Comms
2017-11-10 09:35 - 2017-09-13 14:59 - 000000000 ____D C:\Users\webma\AppData\Roaming\Adobe
2017-11-10 08:45 - 2017-09-14 07:42 - 000001423 _____ C:\Users\Public\Desktop\Die Sims 4.lnk
2017-11-09 22:10 - 2017-09-14 00:08 - 000000000 ____D C:\Users\webma\.gimp-2.8
2017-11-08 23:35 - 2017-09-13 15:01 - 000000000 ___RD C:\Users\webma\OneDrive
2017-11-08 16:40 - 2017-10-07 00:28 - 000000000 ____D C:\Users\webma\AppData\Local\gtk-2.0
2017-11-08 03:30 - 2017-09-13 16:07 - 000003364 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1005499408-1899380149-1193096314-1001
2017-11-08 03:30 - 2017-09-13 15:01 - 000002425 _____ C:\Users\webma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-08 01:20 - 2017-09-13 22:39 - 000153600 ___SH C:\Users\webma\Downloads\Thumbs.db
2017-11-05 11:34 - 2017-09-14 13:48 - 000000000 ____D C:\Videobearbeitung
2017-11-05 02:40 - 2017-03-18 22:06 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-05 02:40 - 2017-03-18 22:06 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-04 20:48 - 2017-09-13 22:04 - 000000000 ____D C:\Users\webma\AppData\Local\NVIDIA Corporation
2017-11-04 20:48 - 2017-09-13 16:04 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-11-04 20:46 - 2017-09-13 21:30 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-04 20:46 - 2017-09-13 21:30 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-04 20:46 - 2017-09-13 21:30 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-04 20:46 - 2017-09-13 21:30 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-04 20:46 - 2017-09-13 21:30 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-04 20:46 - 2017-09-13 21:30 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-04 20:46 - 2017-09-13 21:30 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-04 20:46 - 2017-09-13 21:30 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-11-04 20:46 - 2017-09-13 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-11-04 20:46 - 2017-09-13 16:03 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-11-04 20:46 - 2017-09-13 16:03 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-11-04 20:45 - 2017-09-14 07:13 - 000000000 ____D C:\Users\webma\AppData\Roaming\NVIDIA
2017-11-04 19:41 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-11-03 18:37 - 2017-09-13 22:46 - 000000000 ____D C:\Program Files (x86)\Origin
2017-11-02 21:22 - 2017-09-13 16:22 - 000003662 _____ C:\WINDOWS\System32\Tasks\Avira Safe Shopping Updater
2017-10-29 12:09 - 2017-09-13 22:39 - 000000000 ____D C:\Program Files (x86)\Minecraft
2017-10-27 18:50 - 2017-09-13 21:30 - 001796216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-10-27 18:50 - 2017-09-13 21:30 - 001578104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-10-27 18:50 - 2017-09-13 21:30 - 000919160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-10-27 18:50 - 2017-09-13 21:30 - 000186488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-10-27 18:50 - 2017-09-13 21:30 - 000152696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-10-27 18:50 - 2017-09-13 21:30 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-10-27 18:50 - 2017-09-13 21:28 - 000057976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-10-27 18:50 - 2017-09-13 21:28 - 000050808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-10-27 18:50 - 2017-09-13 16:04 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-10-27 18:50 - 2017-05-19 17:03 - 001615472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2017-10-27 18:50 - 2017-05-19 17:03 - 000225208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2017-10-27 18:50 - 2017-05-19 16:47 - 004485048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-10-27 18:50 - 2017-05-19 16:47 - 003817584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-10-27 18:50 - 2017-05-19 13:22 - 000048442 _____ C:\WINDOWS\system32\nvinfo.pb
2017-10-27 17:12 - 2017-09-13 16:04 - 005960824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-10-27 17:12 - 2017-09-13 16:04 - 002587768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-10-27 17:12 - 2017-09-13 16:04 - 001766520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-10-27 17:12 - 2017-09-13 16:04 - 000607168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-10-27 17:12 - 2017-09-13 16:04 - 000449656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-10-27 17:12 - 2017-09-13 16:04 - 000123000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-10-27 17:12 - 2017-09-13 16:04 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-10-27 09:16 - 2017-09-13 20:58 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-10-27 09:16 - 2017-09-13 20:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-26 21:15 - 2017-09-14 14:28 - 001029872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2017-10-25 18:31 - 2017-10-07 00:52 - 000001010 _____ C:\Users\webma\Desktop\Gw2-64 - Verknüpfung.lnk
2017-10-25 11:33 - 2017-09-13 16:04 - 007802921 _____ C:\WINDOWS\system32\nvcoproc.bin
2017-10-25 09:42 - 2017-09-14 13:32 - 000000000 ____D C:\Users\webma\Documents\Guild Wars 2
2017-10-23 23:45 - 2017-10-09 23:15 - 000000306 _____ C:\Users\webma\Documents\ClownfishVoiceChanger.ini
2017-10-19 09:54 - 2017-10-04 14:52 - 000000000 ____D C:\GUILD WARS 2
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-11-08 16:40 - 2017-11-08 16:40 - 000035900 _____ () C:\Users\webma\AppData\Local\recently-used.xbel
2017-09-16 17:31 - 2017-09-16 17:31 - 000007642 _____ () C:\Users\webma\AppData\Local\Resmon.ResmonCfg
2017-09-13 16:45 - 2017-09-13 16:45 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
2017-11-11 13:11 - 2017-11-11 13:11 - 000019968 ____N (Red Hat®, Inc.) C:\Users\webma\AppData\Local\Temp\jansi-64-1464395258913036234.dll
2017-11-13 11:58 - 2017-11-13 11:58 - 000019968 ____N (Red Hat®, Inc.) C:\Users\webma\AppData\Local\Temp\jansi-64-5968533294059277289.dll
2017-11-13 12:37 - 2017-11-13 12:37 - 000019968 ____N (Red Hat®, Inc.) C:\Users\webma\AppData\Local\Temp\jansi-64-8944479149242186012.dll
2017-11-11 13:22 - 2017-11-11 13:22 - 000019968 ____N (Red Hat®, Inc.) C:\Users\webma\AppData\Local\Temp\jansi-64-94356977098488206.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-11-14 17:35
==================== Ende von FRST.txt ============================
|
|
16.11.2017, 16:25
| #3 |
| | Malewarebytes findet: PUP.Optional.StartPage24 Addition
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-11-2017
durchgeführt von webma (16-11-2017 15:52:45)
Gestartet von C:\Users\webma\Downloads
Windows 10 Home Version 1703 15063.726 (X64) (2017-09-13 15:10:14)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1005499408-1899380149-1193096314-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1005499408-1899380149-1193096314-503 - Limited - Disabled)
Gast (S-1-5-21-1005499408-1899380149-1193096314-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1005499408-1899380149-1193096314-1003 - Limited - Enabled)
webma (S-1-5-21-1005499408-1899380149-1193096314-1001 - Administrator - Enabled) => C:\Users\webma
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_2_1) (Version: 14.2.1 - Adobe Systems Incorporated)
Adobe Bridge CC 2017 (HKLM-x32\...\KBRG_7_0) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Character Animator CC (Beta) (HKLM-x32\...\ANMLBETA_1_0_6) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_1_2) (Version: 11.1.2 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_1_2) (Version: 11.1.2 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.38.1 - Asmedia Technology)
AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.04.29 - ASUSTeK Computer Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.7.2314 - AVAST Software)
Avira (HKLM-x32\...\{37C2DE81-46FA-4EB3-83A5-F0D8F5B08F6E}) (Version: 1.2.99.31392 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{5a024a65-9f29-41b1-b178-946c9f826e72}) (Version: 1.2.99.31392 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.32.12 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.11.3.29834 - Avira Operations GmbH & Co. KG)
Avira Safe Shopping (HKLM-x32\...\{32484ED7-3133-4E50-9882-F3DBB1ACDD25}) (Version: 1.0.37.1668 - Avira Operations Gmbh & Co. KG)
Avira Software Updater (HKLM-x32\...\{306B9B30-7E66-40E3-81DF-872EE6EC58DE}) (Version: 2.0.4.724 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 4.3.0.6659 - Avira Operations GmbH & Co. KG)
Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Ihr Firmenname) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Clownfish Voice Changer (HKLM\...\ClownfishVoiceChanger) (Version: - )
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.3.0 - devolo AG)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.36.102.1020 - Electronic Arts Inc.)
Discord (HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\Discord) (Version: 0.0.298 - Discord Inc.)
Discord (HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\Discord) (Version: 0.0.298 - Discord Inc.)
Discord (HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\Discord) (Version: 0.0.298 - Discord Inc.)
FileZilla Client 3.27.1 (HKLM-x32\...\FileZilla Client) (Version: 3.27.1 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
GUILD WARS (HKLM-x32\...\Guild Wars) (Version: - )
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Network Connections 21.1.30.0 (HKLM\...\PROSetDX) (Version: 21.1.30.0 - Intel)
iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.81 - Logitech Inc.)
Malwarebytes Version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 56.0.2 (x64 de) (HKLM\...\Mozilla Firefox 56.0.2 (x64 de)) (Version: 56.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.2.6506 - Mozilla)
Mozilla Thunderbird 52.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 52.4.0 (x86 de)) (Version: 52.4.0 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Grafiktreiber 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.1.1 - OBS Project)
OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.5.6040 - Electronic Arts, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8010 - Realtek Semiconductor Corp.)
ROCCAT Swarm (HKLM-x32\...\{32C24F2E-923F-49C1-8E60-2B3DC5482255}) (Version: 1.92.00 - ROCCAT GmbH) Hidden
ROCCAT Swarm (HKLM-x32\...\InstallShield_{32C24F2E-923F-49C1-8E60-2B3DC5482255}) (Version: 1.92.00 - ROCCAT GmbH)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics)
Spotify (HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\Spotify) (Version: 1.0.67.582.g19436fa3 - Spotify AB)
Spotify (HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\Spotify) (Version: 1.0.67.582.g19436fa3 - Spotify AB)
Spotify (HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\Spotify) (Version: 1.0.67.582.g19436fa3 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.15-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1005499408-1899380149-1193096314-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-E269F71349AD}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1005499408-1899380149-1193096314-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-11] (AVAST Software)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-11] (AVAST Software)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-10-15] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {ef263503-8f0e-3e6a-ae2e-fe0b4b441d52} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-11] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {3d52b24d-33bb-3895-99ea-a0156f24a3f9} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {cefaf456-bc17-3f4b-b7d9-75070925911b} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-11] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-10-15] (Avira Operations GmbH & Co. KG)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1A3C650A-AAE2-44A9-A84B-5DF9689ABF8A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-27] (NVIDIA Corporation)
Task: {262D4C8C-25CF-489B-B2C8-B364C016EF9C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-27] (NVIDIA Corporation)
Task: {3C9391F9-6BDE-428A-8277-F7BB380EA85C} - System32\Tasks\ROCCAT_Swarm_HWMonitor => C:/Program [Argument = Files (x86)/ROCCAT/ROCCAT Swarm/data/SWARM_CONNECT/SwarmHW_Service.exe]
Task: {3EB8A09D-C227-4E34-8846-2A49C8E3B381} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-27] (NVIDIA Corporation)
Task: {42B94797-833B-49E4-AB25-837CAF028E16} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-webmaster@ennorath.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {58928441-65EE-4F29-A747-A55252C2BA39} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-13] (Google Inc.)
Task: {712158E8-9327-4387-9780-8E1FFA9B5169} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2017-05-19] (Samsung Electronics Co. Ltd.)
Task: {76A6C10F-235D-419A-A159-6D9458201C23} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [2017-11-07] (Avira Operations GmbH & Co. KG)
Task: {7CBEC02A-1107-4881-BDBE-D0186D65AB86} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2017-10-15] (Avira Operations GmbH & Co. KG)
Task: {850B496F-D2C6-4350-9D54-B28765FEC56A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-27] (NVIDIA Corporation)
Task: {92E9AF8A-0668-4A73-A25B-552DFB16015F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-27] (NVIDIA Corporation)
Task: {9D7A5D02-4769-43AE-A342-A85F630A701A} - System32\Tasks\Avira\System Speedup\SpeedupSysTray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2017-11-07] (Avira Operations GmbH & Co. KG)
Task: {9DA0D94D-C4E6-4B67-BE37-A120ED5612B7} - System32\Tasks\ASUS\AsRogAuraGpuDllServer => C:\Program Files (x86)\ASUS\AURA\AsRogAuraGpuDllServer.exe [2017-02-17] ()
Task: {A6B29667-4B0C-4277-A562-D644E44602C3} - System32\Tasks\Avira Safe Shopping Updater => C:\Program Files (x86)\Avira\Safe Shopping\\Updater\Updater.exe [2017-10-30] (Avira Operations Gmbh & Co. KG)
Task: {AB860543-E7E6-49B6-8F61-D86F5C0C1BC7} - System32\Tasks\Avira SystrayStartTrigger => Avira.SystrayStartTrigger.exe
Task: {B4509BA5-F7B5-461C-BD75-16C77C106E72} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [2017-11-13] (Avira Operations GmbH & Co. KG )
Task: {C2D99225-AAAF-4D12-8F99-B170F3932DBA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-27] (NVIDIA Corporation)
Task: {C4E991A2-8F61-49E0-80E1-298CFB5E84D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-13] (Google Inc.)
Task: {E458A340-1827-4294-BC28-38F99E3A88D3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-27] (NVIDIA Corporation)
Task: {E49C1D22-E6B3-4530-B495-4D6367D5040A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-27] (NVIDIA Corporation)
Task: {EEA6898C-A365-4E53-910D-434D69649157} - System32\Tasks\ThunderMaster => C:\Program Files (x86)\Thunder Master\THPanel.exe [2017-03-30] (Palit Microsystems Ltd.)
Task: {F293F4F1-1B8F-40D3-80B2-8FEFE8EA9CAF} - System32\Tasks\S-1-5-21-1005499408-1899380149-1193096314-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-11-02] (Microsoft Corporation)
Task: {F4994079-D0EA-4387-B6DC-6DE52C73EDD9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-10-11] (AVAST Software)
Task: {F6EC8D8B-4937-427E-983C-51C26E6EA161} - System32\Tasks\LaunchChromeTask111 => C:\Program Files\FileZilla FTP Client\FileZilla.exe [2017-08-14] (FileZilla Project)
Task: {F810E871-7ABA-422F-A08C-9C7E8BD78109} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\RadeonInstaller.exe [2017-08-09] (Advanced Micro Devices, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-10-24 16:42 - 2013-04-15 10:50 - 000198144 _____ () C:\WINDOWS\System32\HP1006LM.DLL
2017-10-24 16:42 - 2013-04-15 10:50 - 000065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1006PP.dll
2017-07-13 19:50 - 2017-07-13 19:50 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-07-13 19:50 - 2017-07-13 19:50 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-09-13 16:49 - 2017-02-17 10:50 - 000933840 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe
2017-09-13 16:41 - 2014-04-24 07:29 - 001360016 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2017-09-13 21:30 - 2017-10-27 18:50 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-09-13 16:04 - 2017-10-27 17:12 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-09-13 16:49 - 2017-02-17 18:07 - 000247256 _____ () C:\Program Files (x86)\ASUS\AURA\AsRogAuraGpuDllServer.exe
2017-10-11 21:15 - 2017-10-11 21:15 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
2017-10-24 16:42 - 2013-04-15 10:49 - 004003328 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\HP1006SU.DLL
2017-10-24 16:42 - 2013-04-15 10:49 - 001236992 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\HP1006GC.dll
2017-08-14 02:48 - 2017-08-14 02:48 - 000491600 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll
2017-08-14 17:05 - 2017-08-14 17:05 - 000076456 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2017-09-13 22:36 - 2016-01-11 18:30 - 001349824 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2017-03-18 21:59 - 2017-03-20 05:36 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-12 08:10 - 2017-11-12 08:10 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-11-12 08:10 - 2017-11-12 08:10 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-11-12 08:10 - 2017-11-12 08:10 - 025461760 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-11-07 06:58 - 2017-11-07 06:58 - 002552832 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\skypert.dll
2017-11-12 08:10 - 2017-11-12 08:10 - 000685056 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2017-08-18 10:01 - 2017-08-18 10:01 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2017-08-18 10:01 - 2017-08-18 10:01 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2017-09-13 22:32 - 2017-08-28 09:23 - 000224688 _____ () C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\detect_start_process.exe
2017-09-14 18:03 - 2017-09-14 18:03 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-14 07:51 - 2017-11-14 07:52 - 000022016 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-11-14 07:51 - 2017-11-14 07:52 - 055109120 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-09-30 10:24 - 2017-09-30 10:24 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2017-11-14 07:51 - 2017-11-14 07:52 - 000164864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\VideoPlugin.dll
2017-09-30 10:24 - 2017-09-30 10:24 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll
2017-11-14 07:51 - 2017-11-14 07:52 - 003740160 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-11-14 07:51 - 2017-11-14 07:52 - 002051584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2017-11-14 07:51 - 2017-11-14 07:52 - 020759040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-11-14 07:51 - 2017-11-14 07:52 - 003607040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-11-14 07:51 - 2017-11-14 07:52 - 003150848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-09-13 21:14 - 2017-09-13 21:14 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-14 07:51 - 2017-11-14 07:52 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-11-14 07:51 - 2017-11-14 07:52 - 002493440 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.People.AutoSuggest.dll
2017-11-14 07:51 - 2017-11-14 07:52 - 000919040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.People.PeoplePicker.dll
2017-11-14 07:51 - 2017-11-14 07:52 - 001363968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-11-14 07:51 - 2017-11-14 07:52 - 000084480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\MediaEngineVideoDataProvider.UWP.dll
2017-10-18 07:10 - 2017-10-18 07:10 - 025741312 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17092.13511.0_x64__8wekyb3d8bbwe\Video.UI.exe
2017-10-18 07:10 - 2017-10-18 07:10 - 009257984 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17092.13511.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 06:56 - 2017-09-26 06:56 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17092.13511.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-10-10 06:35 - 2017-10-10 06:35 - 004252672 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-09-26 06:56 - 2017-09-26 06:56 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-16 15:44 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-11-16 15:44 - 2017-11-01 08:54 - 002358736 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-11-15 23:25 - 2017-11-10 10:57 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll
2017-11-15 23:25 - 2017-11-10 10:57 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll
2017-09-13 16:49 - 2017-11-16 09:03 - 000036136 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.03\PEbiosinterface32.dll
2017-09-13 16:49 - 2017-02-17 10:50 - 000104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.03\ATKEX.dll
2017-09-13 16:49 - 2017-02-17 16:50 - 001746432 _____ () C:\Program Files (x86)\ASUS\AURA\Vender.dll
2017-09-13 16:49 - 2017-02-17 16:50 - 000519680 _____ () C:\Program Files (x86)\ASUS\AURA\ClaymoreProtocol.dll
2017-09-13 16:49 - 2017-02-17 16:50 - 000519680 _____ () C:\Program Files (x86)\ASUS\AURA\RogNewmouseProtocol.dll
2017-09-13 21:30 - 2017-10-27 18:50 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2014-10-23 17:27 - 2014-10-23 11:27 - 000119822 _____ () C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\libgcc_s_dw2-1.dll
2015-12-29 05:25 - 2015-12-28 23:25 - 001540622 _____ () C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\libstdc++-6.dll
2017-09-13 22:32 - 2017-08-28 09:05 - 000245760 _____ () C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\aimo.dll
2017-09-06 17:11 - 2017-09-06 17:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-20 02:04 - 2017-09-20 02:04 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-06 17:11 - 2017-09-06 17:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-09-12 19:11 - 2017-09-12 19:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-12 19:10 - 2017-09-12 19:10 - 000117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2017-09-12 19:11 - 2017-09-12 19:11 - 000125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-12 19:11 - 2017-09-12 19:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-20 01:59 - 2017-09-20 01:59 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-12 19:11 - 2017-09-12 19:11 - 000098816 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2017-09-12 19:11 - 2017-09-12 19:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504687\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154505823\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504800\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154505922\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\webma\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\509099.jpg
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\Control Panel\Desktop\\Wallpaper -> C:\Users\webma\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\509099.jpg
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\Control Panel\Desktop\\Wallpaper -> C:\Users\webma\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\509099.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AvastUI.exe"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Avira Safe Shopping"
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\StartupApproved\Run: => "Steam"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{722F89F1-7EE4-4591-8A46-7D5F6BE4774E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C84A104D-9286-4EA2-A7EC-B408B719C7CA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{CE80AD8B-93F0-4842-9337-C254221D9C43}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{42DA5475-E5EA-4900-9A6B-CF74C512DFFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DB3DF4FD-3F53-47F9-8BCE-EA4816F1D1C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0B18D8EE-1D1E-4771-A535-8A392D4FA268}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{0C8235F0-F265-4B34-B948-377131EE2DD4}C:\users\webma\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\webma\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{73C40E90-B925-4EB6-93F4-107ADF72F4E8}C:\users\webma\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\webma\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{2DD5648A-7254-40FD-A2A5-3FE3259467BB}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{8BBC3ADE-3758-41D9-8BAB-E679A17AB824}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{B77F6937-B6B2-43B3-B2FC-4BC9CD22E76F}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe
FirewallRules: [UDP Query User{4FD06500-1979-4915-B832-3300E83CA468}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe
FirewallRules: [{61A902DD-8C2A-417B-BCE8-30EC861EC1CD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{35365809-85CF-4B1E-A4A1-E76EB759B913}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2A546678-AD4B-41D7-8F50-B9C537527B23}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{91FDAFE8-1EFC-494F-91C5-CEF6828A8722}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{86A8D8FA-2207-4DBA-9C40-B6BC38BAFB6F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{2016B322-084C-4BB6-A837-AAF6C9D9EE08}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{23778048-B984-4945-8F55-0C6D815B0140}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A1974F04-E843-4946-8F6D-569E2FAD5DF4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{0D1F657C-FC87-4F65-8A97-2DE1618BE9F0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{233F9EC9-0477-470C-9547-E1BBB74E2A7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{FF1491AA-37D1-4160-9A3D-5FA17F8FCAF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{31D21F58-799D-49F6-812A-DEBE854F608D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [{E6C8B68F-8B2B-4B14-B8DB-B7E7A0B29D15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe
FirewallRules: [TCP Query User{25321554-51C3-4572-98F2-254C866BF43B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{84180716-4FFD-408E-92D9-0C73D7C91C41}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{625643A7-E6CC-465C-B230-A745F3F8305D}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{0A315149-943A-43CE-9736-2163913A512F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{DE398F28-709A-4743-810C-99A3C7B9F01D}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe
FirewallRules: [UDP Query User{A2CBC700-8650-4597-ADD5-CEC46011D6DA}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe
FirewallRules: [{965D9435-7808-4955-9FCE-B2DD905076B6}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{6D9BF0A0-8425-4BAA-8EA7-073CED410188}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{4315F131-FC46-43DA-A815-6E4D58826035}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Quiplash\Quiplash.exe
FirewallRules: [{A1F85D46-641E-4192-B04B-7716A66D6E20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Quiplash\Quiplash.exe
FirewallRules: [{6945DFE4-F515-44EB-A8FF-21EA0FC1F96B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Drawful 2\Drawful 2.exe
FirewallRules: [{7F92C305-22E0-4D5B-8D76-9F1F5A7E2E35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Drawful 2\Drawful 2.exe
FirewallRules: [{8C47E201-713E-4CED-89DF-D646B629A19A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{88D5A389-51BA-4CD4-BF4D-F8E0F057F665}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{25BB742A-37B9-4A2C-B399-A67616F392AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (VI) The Angel of Darkness\Launcher.exe
FirewallRules: [{DAFEC5AD-B512-489D-9D05-366FD561174E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (VI) The Angel of Darkness\Launcher.exe
FirewallRules: [{044D5D8B-09A2-4E91-9F83-8F9FCD86C802}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{0B1589A8-51CC-4BEC-8BB8-E02CDE8C396C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{1776EC58-4D78-42D0-A93E-DBB96FED6EF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Through the Woods\Through the Woods.exe
FirewallRules: [{87D81ABB-C756-439C-A49C-33126CEB1B8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Through the Woods\Through the Woods.exe
FirewallRules: [{61D72F8E-20A0-4932-AB57-87D3AA51C1C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Survey\Visibility03.exe
FirewallRules: [{B19D4104-214A-4223-BC00-713C77D6B506}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Survey\Visibility03.exe
FirewallRules: [{5E28DF5D-5457-41CA-BCE6-4E4FFB6BCA7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead End Road\Dead End Road.exe
FirewallRules: [{35423790-D39F-49B4-878A-C8C19A3A04D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead End Road\Dead End Road.exe
FirewallRules: [{CE3DD633-A2A5-4DFF-8176-3424789F24DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{84A0649D-1DA9-4CCF-BE17-1215B45242B6}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{9BF8DC9C-7044-47E4-9190-620732C4FB8C}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{8EF93C71-735E-4F07-B77B-B966DD5BEE74}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{91248B7F-650B-446E-9149-91CC6231814B}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{1445E780-2C93-46EF-B77A-C258D2A08E1B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
12-11-2017 14:57:55 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/16/2017 09:51:57 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (11/16/2017 09:51:57 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.
Error: (11/16/2017 09:51:57 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "MSDTC" in der DLL "C:\WINDOWS\system32\msdtcuiu.DLL" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (11/16/2017 09:51:57 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "Lsa" in der DLL "C:\Windows\System32\Secur32.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (11/16/2017 09:51:57 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "ESENT" in der DLL "C:\WINDOWS\system32\esentprf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (11/16/2017 09:51:57 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (11/16/2017 09:51:56 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.
Error: (11/16/2017 09:51:56 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "MSDTC" in der DLL "C:\WINDOWS\system32\msdtcuiu.DLL" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (11/16/2017 09:51:56 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "Lsa" in der DLL "C:\Windows\System32\Secur32.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (11/16/2017 09:51:56 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "ESENT" in der DLL "C:\WINDOWS\system32\esentprf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Systemfehler:
=============
Error: (11/16/2017 09:03:35 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "HomeGroupListener" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%2147944153 = In der Endpunktzuordnung sind keine weiteren Endpunkte verfügbar.
Error: (11/16/2017 09:03:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (11/15/2017 07:50:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (11/14/2017 07:54:13 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024200d fehlgeschlagen: Funktionsupdate für Windows 10, Version 1709
Error: (11/14/2017 07:44:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (11/13/2017 11:22:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Update" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/13/2017 11:22:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Update Orchestrator Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/13/2017 09:21:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (11/13/2017 09:04:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (11/13/2017 08:37:59 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "HomeGroupListener" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%2147944153 = In der Endpunktzuordnung sind keine weiteren Endpunkte verfügbar.
CodeIntegrity:
===================================
Date: 2017-11-16 15:44:20.715
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-16 09:03:39.733
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-16 09:03:39.732
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-15 07:50:58.293
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-15 07:50:58.292
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-15 07:50:45.869
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-15 07:50:45.866
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-13 20:38:04.035
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-13 20:38:04.035
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-11 10:42:38.933
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD Ryzen 7 1700X Eight-Core Processor
Prozentuale Nutzung des RAM: 15%
Installierter physikalischer RAM: 32695.89 MB
Verfügbarer physikalischer RAM: 27472.83 MB
Summe virtueller Speicher: 37559.89 MB
Verfügbarer virtueller Speicher: 31974.71 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:475.54 GB) (Free:107.97 GB) NTFS
Drive d: (Volume) (Fixed) (Total:3725.9 GB) (Free:2566.01 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 3726 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 476.9 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
| Themen zu Malewarebytes findet: PUP.Optional.StartPage24 |
| angezeigt, avdevprot, avdevprot.sys, befindet, entfernung, firefox, folge, folgende, folgenden, fund, laufe, laufen, liebe, lieben, malewarebytes, mozilla, mozilla firefox, msascuil.exe, node.js, profile, pup.optional.startpage, pup.optional.startpage24, quara, quarantäne, schluß, vermutlich, verschoben, windowsapps, zu lang, zunächst |
Linear-Darstellung
