Trojaner-Board - Malewarebytes findet: PUP.Optional.StartPage24

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - Malewarebytes findet: PUP.Optional.StartPage24 (https://www.trojaner-board.de/187482-malewarebytes-findet-pup-optional-startpage24.html)

Malewarebytes findet: PUP.Optional.StartPage24

Hey ihr Lieben,

Malewarebytes hat mir vorhin folgenden Fund angezeigt: PUP.Optional.StartPage24

Der Fund befindet sich in einem Mozilla Firefox Profile und kommt vermutlich durch eine Extension....

Vlt. könnt ihr mir ja bei der Entfernung helfen *hoff*
Ich habe den Fund zunächst einmal in die Quarantäne verschoben und dann im Anschluß FRST laufen lassen. Folgende Logs wurden ausgelesen (im nächsten Post, weil zu lang):

Viele Dank und viele liebe Grüße
Idrial

FRST

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-11-2017

durchgeführt von webma (Administrator) auf REJJA-PC (16-11-2017 15:52:15)

Gestartet von C:\Users\webma\Downloads

Geladene Profile: webma &  (Verfügbare Profile: webma)

Platform: Windows 10 Home Version 1703 15063.726 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: Chrome)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe

() C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe

(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\AURA\AsRogAuraService.exe

() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe

(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe

(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe

(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\data\SWARM_CONNECT\SwarmHW_Service.exe

() C:\Program Files (x86)\ASUS\AURA\AsRogAuraGpuDllServer.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe

(Palit Microsystems Ltd.) C:\Program Files (x86)\Thunder Master\THPanel.exe

(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe

(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe

(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe

(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe

(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe

() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe

(ROCCAT) C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe

() C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\detect_start_process.exe

(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe

(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe

(Spotify Ltd) C:\Users\webma\AppData\Roaming\Spotify\SpotifyWebHelper.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe

(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe

(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe

() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17092.13511.0_x64__8wekyb3d8bbwe\Video.UI.exe

() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Calculator.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 

==================== Registry (Nicht auf der Ausnahmeliste) ===========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-09] (Realtek Semiconductor)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17988216 2017-08-18] (Logitech Inc.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-11] (AVAST Software)

HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Avira Safe Shopping] => C:\Program Files (x86)\Avira\Safe Shopping\Avira Safe Shopping.exe [546960 2017-10-30] (Avira Operations Gmbh & Co. KG)

HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [65120 2017-11-07] (Avira Operations GmbH & Co. KG)

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ACHTUNG

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2030440 2017-03-30] (Palit Microsystems Ltd.)

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\Run: [Discord] => C:\Users\webma\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\Run: [Spotify] => C:\Users\webma\AppData\Roaming\Spotify\Spotify.exe [21025392 2017-11-11] (Spotify Ltd)

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\Run: [AdobeBridge] => [X]

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\Run: [Spotify Web Helper] => C:\Users\webma\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-11] (Spotify Ltd)

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2030440 2017-03-30] (Palit Microsystems Ltd.)

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\Run: [Discord] => C:\Users\webma\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\Run: [Spotify] => C:\Users\webma\AppData\Roaming\Spotify\Spotify.exe [21025392 2017-11-11] (Spotify Ltd)

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\Run: [AdobeBridge] => [X]

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\Run: [Spotify Web Helper] => C:\Users\webma\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-11] (Spotify Ltd)

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2030440 2017-03-30] (Palit Microsystems Ltd.)

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\Run: [Discord] => C:\Users\webma\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\Run: [Spotify] => C:\Users\webma\AppData\Roaming\Spotify\Spotify.exe [21025392 2017-11-11] (Spotify Ltd)

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-31] (Valve Corporation)

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\Run: [AdobeBridge] => [X]

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\Run: [Spotify Web Helper] => C:\Users\webma\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-11] (Spotify Ltd)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ROCCAT Swarm.lnk [2017-09-13]

ShortcutTarget: ROCCAT Swarm.lnk -> C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\ROCCAT_Swarm_Monitor.exe (ROCCAT)
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

Tcpip\..\Interfaces\{9e1808a1-db4e-4966-9749-284804235294}: [DhcpNameServer] 192.168.2.1 192.168.2.1
 

Internet Explorer:

==================

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-09-14] (Oracle Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-14] (Oracle Corporation)
 

FireFox:

========

FF ProfilePath: C:\Users\webma\AppData\Roaming\Mozilla\Firefox\Profiles\IRezVTFY.default [2017-11-16]

FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\webma\AppData\Roaming\Mozilla\Firefox\Profiles\IRezVTFY.default\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-10-13] [Legacy]

FF Extension: (Avast Online Security) - C:\Users\webma\AppData\Roaming\Mozilla\Firefox\Profiles\IRezVTFY.default\Extensions\wrc@avast.com.xpi [2017-10-13]

FF Extension: (1-Click YouTube Video Downloader) - C:\Users\webma\AppData\Roaming\Mozilla\Firefox\Profiles\IRezVTFY.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2017-11-15]

FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-14] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-14] (Oracle Corporation)

FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)

FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)

FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)

FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)

FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)

FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-07-05]
 

Chrome: 

=======

CHR DefaultSearchURL: Default -> hxxps://istream.link/search.php?query={searchTerms}&type=web&src=njlppdgedlaobpcbobcllbibebebkgam&frm=ob

CHR DefaultSearchKeyword: Default -> istream.link

CHR DefaultSuggestURL: Default -> hxxps://istream.link/suggest.php?client=chrome&q={searchTerms}

CHR Profile: C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default [2017-11-16]

CHR Extension: (Präsentationen) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]

CHR Extension: (BetterTTV) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2017-09-16]

CHR Extension: (Docs) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]

CHR Extension: (Google Drive) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-13]

CHR Extension: (YouTube) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-13]

CHR Extension: (Avast SafePrice) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-10-18]

CHR Extension: (Tabellen) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]

CHR Extension: (Google Docs Offline) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-13]

CHR Extension: (LottaDeals) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\iigcbafcnfakaokfjaplokfbgmjldpfg [2017-09-14]

CHR Extension: (iStream.link Media Search) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\njlppdgedlaobpcbobcllbibebebkgam [2017-09-14]

CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-13]

CHR Extension: (Google Mail) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-13]

CHR Extension: (Chrome Media Router) - C:\Users\webma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-16]

CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [iigcbafcnfakaokfjaplokfbgmjldpfg] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [njlppdgedlaobpcbobcllbibebebkgam] - hxxps://clients2.google.com/service/update2/crx
 

==================== Dienste (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-10-15] (Avira Operations GmbH & Co. KG)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-10-15] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-10-15] (Avira Operations GmbH & Co. KG)

S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1525240 2017-10-15] (Avira Operations GmbH & Co. KG)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe [933840 2017-02-17] ()

R2 AsRogAuraService; C:\Program Files (x86)\ASUS\AURA\AsRogAuraService.exe [856536 2017-02-17] (ASUSTek Computer Inc.)

R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [Datei ist nicht signiert]

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-11] (AVAST Software s.r.o.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-11] (AVAST Software)

R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [413592 2017-11-02] (Avira Operations GmbH & Co. KG)

R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [332016 2017-10-25] (Avira Operations GmbH & Co. KG)

R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [101792 2017-11-08] (Avira Operations GmbH & Co. KG)

R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3885592 2017-03-03] (devolo AG)

R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-08-18] (Logitech Inc.)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)

R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-10-27] (NVIDIA Corporation)

S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-10-27] (NVIDIA Corporation)

R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-10-27] (NVIDIA Corporation)

R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460920 2017-10-27] (NVIDIA Corporation)

S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123104 2017-11-02] (Electronic Arts)

R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3002728 2017-11-02] (Electronic Arts)

R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [74256 2017-11-07] (Avira Operations GmbH & Co. KG)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)

R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [730304 2016-01-11] (Wacom Technology, Corp.)
 

===================== Treiber (Nicht auf der Ausnahmeliste) ======================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [43400 2017-03-01] (Advanced Micro Devices, Inc)

R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [33120 2017-05-11] (Advanced Micro Devices, Inc)

S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices, Inc. )

R3 AMDPCIDev; C:\WINDOWS\System32\drivers\AMDPCIDev.sys [31112 2017-10-10] (Advanced Micro Devices)

R0 amdpsp; C:\WINDOWS\System32\DRIVERS\amdpsp.sys [243056 2017-06-12] (Advanced Micro Devices, Inc. )

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2016-11-18] ()

S3 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [321032 2017-10-11] (AVAST Software s.r.o.)

S3 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-10-11] (AVAST Software s.r.o.)

S3 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-10-11] (AVAST Software s.r.o.)

S3 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-10-11] (AVAST Software s.r.o.)

S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47008 2017-10-11] (AVAST Software)

R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147776 2017-10-11] (AVAST Software)

S3 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-10-11] (AVAST Software)

R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-10-11] (AVAST Software)

S3 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1029872 2017-10-26] (AVAST Software)

R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [587168 2017-10-11] (AVAST Software)

S3 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [201352 2017-10-11] (AVAST Software)

S3 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [363440 2017-10-11] (AVAST Software)

R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-08-17] (Avira Operations GmbH & Co. KG)

R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [176224 2017-09-18] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-08-17] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-08-17] (Avira Operations GmbH & Co. KG)

R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-08-17] (Avira Operations GmbH & Co. KG)

R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [38048 2017-08-17] (Avira Operations GmbH & Co. KG)

R3 cpuz140; C:\WINDOWS\TEMP\cpuz140\cpuz140_x64.sys [43840 2017-11-16] (CPUID)

R3 e1rexpress; C:\WINDOWS\system32\DRIVERS\e1r65x64.sys [540112 2016-07-29] (Intel Corporation)

R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-01] ()

R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)

R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-08-18] (Logitech Inc.)

R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193464 2017-11-16] (Malwarebytes)

R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-11-16] (Malwarebytes)

R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2017-11-16] (Malwarebytes)

R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2017-11-16] (Malwarebytes)

R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-11-16] (Malwarebytes)

R2 NPF_devolo; C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys [36496 2017-02-20] (Riverbed Technology, Inc.)

R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f936d37e592b25aa\nvlddmkm.sys [16936048 2017-10-28] (NVIDIA Corporation)

S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-10-27] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50808 2017-10-27] (NVIDIA Corporation)

R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-10-27] (NVIDIA Corporation)

S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()

S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)

S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)

S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

U3 aswbdisk; kein ImagePath
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2017-11-16 15:52 - 2017-11-16 15:52 - 000027529 _____ C:\Users\webma\Downloads\FRST.txt

2017-11-16 15:52 - 2017-11-16 15:52 - 000000000 ____D C:\FRST

2017-11-16 15:51 - 2017-11-16 15:51 - 002392576 _____ (Farbar) C:\Users\webma\Downloads\FRST64.exe

2017-11-16 15:44 - 2017-11-16 15:45 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys

2017-11-16 15:44 - 2017-11-16 15:44 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys

2017-11-16 15:44 - 2017-11-16 15:44 - 000193464 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys

2017-11-16 15:44 - 2017-11-16 15:44 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys

2017-11-16 15:44 - 2017-11-16 15:44 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys

2017-11-16 15:44 - 2017-11-16 15:44 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2017-11-16 15:44 - 2017-11-16 15:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2017-11-16 15:44 - 2017-11-16 15:44 - 000000000 ____D C:\ProgramData\Malwarebytes

2017-11-16 15:44 - 2017-11-16 15:44 - 000000000 ____D C:\Program Files\Malwarebytes

2017-11-16 15:44 - 2017-11-01 08:54 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys

2017-11-16 15:43 - 2017-11-16 15:43 - 078346672 _____ (Malwarebytes ) C:\Users\webma\Downloads\mb3-setup-consumer-3.3.1.2183.exe

2017-11-16 14:59 - 2017-11-16 14:59 - 000000000 ____D C:\ProgramData\SWCUTemp

2017-11-16 14:30 - 2017-11-16 14:30 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne270b1e7f75571a7

2017-11-16 14:25 - 2017-11-16 14:25 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignfeb1f9f24f869918

2017-11-16 14:25 - 2017-11-16 14:25 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5e5fd04646439560

2017-11-16 14:25 - 2017-11-16 14:25 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign2dbddcb279cc25a4

2017-11-16 14:25 - 2017-11-16 14:25 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign228df931abe9f043

2017-11-16 09:30 - 2017-11-16 09:30 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignee27ef57d6c9bcc1

2017-11-16 09:29 - 2017-11-16 09:29 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign93360022788965b7

2017-11-16 09:29 - 2017-11-16 09:29 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4c93869a452991b5

2017-11-16 09:29 - 2017-11-16 09:29 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1b33b8aaaf1234b3

2017-11-16 01:26 - 2017-11-16 01:26 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign37313beb7e1bd9ac

2017-11-16 01:21 - 2017-11-16 01:21 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1bf82389ef0a6813

2017-11-16 01:21 - 2017-11-16 01:21 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign00296db11bfb63b2

2017-11-16 01:14 - 2017-11-16 01:14 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna141cb168853d4ef

2017-11-16 00:18 - 2017-11-16 00:18 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign14a24f537d576e3e

2017-11-16 00:15 - 2017-11-16 00:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignba5fdbdcba65406b

2017-11-16 00:15 - 2017-11-16 00:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3f593a025efb19ef

2017-11-16 00:15 - 2017-11-16 00:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign206fdd5391b5f26f

2017-11-15 19:51 - 2017-11-15 19:51 - 000001193 _____ C:\Users\Public\Desktop\Avira.lnk

2017-11-15 08:14 - 2017-11-02 06:21 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2017-11-15 08:14 - 2017-11-02 06:21 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2017-11-15 08:14 - 2017-11-02 06:21 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2017-11-15 08:14 - 2017-11-02 06:21 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2017-11-15 08:14 - 2017-11-02 06:21 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2017-11-15 08:14 - 2017-11-02 06:21 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe

2017-11-15 08:14 - 2017-11-02 06:20 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe

2017-11-15 08:14 - 2017-11-02 06:20 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe

2017-11-15 08:14 - 2017-11-02 06:20 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe

2017-11-15 08:14 - 2017-11-02 06:20 - 000965016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi

2017-11-15 08:14 - 2017-11-02 06:20 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe

2017-11-15 08:14 - 2017-11-02 06:20 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2017-11-15 08:14 - 2017-11-02 06:20 - 000543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe

2017-11-15 08:14 - 2017-11-02 06:20 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll

2017-11-15 08:14 - 2017-11-02 06:20 - 000469568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll

2017-11-15 08:14 - 2017-11-02 06:20 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll

2017-11-15 08:14 - 2017-11-02 06:20 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe

2017-11-15 08:14 - 2017-11-02 06:16 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2017-11-15 08:14 - 2017-11-02 06:16 - 002398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2017-11-15 08:14 - 2017-11-02 06:16 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

2017-11-15 08:14 - 2017-11-02 06:15 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys

2017-11-15 08:14 - 2017-11-02 06:15 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll

2017-11-15 08:14 - 2017-11-02 06:14 - 000667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll

2017-11-15 08:14 - 2017-11-02 06:14 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll

2017-11-15 08:14 - 2017-11-02 06:13 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll

2017-11-15 08:14 - 2017-11-02 06:13 - 002443672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2017-11-15 08:14 - 2017-11-02 06:13 - 001345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll

2017-11-15 08:14 - 2017-11-02 06:13 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys

2017-11-15 08:14 - 2017-11-02 06:13 - 000212888 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2017-11-15 08:14 - 2017-11-02 06:13 - 000095640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys

2017-11-15 08:14 - 2017-11-02 06:12 - 000727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll

2017-11-15 08:14 - 2017-11-02 06:12 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys

2017-11-15 08:14 - 2017-11-02 06:12 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

2017-11-15 08:14 - 2017-11-02 06:12 - 000643192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2017-11-15 08:14 - 2017-11-02 06:12 - 000430848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll

2017-11-15 08:14 - 2017-11-02 06:12 - 000412752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll

2017-11-15 08:14 - 2017-11-02 06:12 - 000319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe

2017-11-15 08:14 - 2017-11-02 06:12 - 000144248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe

2017-11-15 08:14 - 2017-11-02 06:12 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys

2017-11-15 08:14 - 2017-11-02 06:12 - 000026472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2017-11-15 08:14 - 2017-11-02 06:11 - 021353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2017-11-15 08:14 - 2017-11-02 06:10 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2017-11-15 08:14 - 2017-11-02 06:05 - 000871408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll

2017-11-15 08:14 - 2017-11-02 06:05 - 000187800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe

2017-11-15 08:14 - 2017-11-02 06:04 - 001292360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll

2017-11-15 08:14 - 2017-11-02 06:03 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll

2017-11-15 08:14 - 2017-11-02 05:49 - 001838848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2017-11-15 08:14 - 2017-11-02 05:45 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll

2017-11-15 08:14 - 2017-11-02 05:45 - 000613136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll

2017-11-15 08:14 - 2017-11-02 05:45 - 000362144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll

2017-11-15 08:14 - 2017-11-02 05:45 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll

2017-11-15 08:14 - 2017-11-02 05:45 - 000283544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe

2017-11-15 08:14 - 2017-11-02 05:45 - 000172952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe

2017-11-15 08:14 - 2017-11-02 05:45 - 000133896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe

2017-11-15 08:14 - 2017-11-02 05:44 - 023680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2017-11-15 08:14 - 2017-11-02 05:44 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2017-11-15 08:14 - 2017-11-02 05:44 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

2017-11-15 08:14 - 2017-11-02 05:43 - 020372896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2017-11-15 08:14 - 2017-11-02 05:37 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2017-11-15 08:14 - 2017-11-02 05:37 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll

2017-11-15 08:14 - 2017-11-02 05:37 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll

2017-11-15 08:14 - 2017-11-02 05:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE

2017-11-15 08:14 - 2017-11-02 05:37 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe

2017-11-15 08:14 - 2017-11-02 05:36 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll

2017-11-15 08:14 - 2017-11-02 05:36 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll

2017-11-15 08:14 - 2017-11-02 05:35 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll

2017-11-15 08:14 - 2017-11-02 05:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll

2017-11-15 08:14 - 2017-11-02 05:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll

2017-11-15 08:14 - 2017-11-02 05:35 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys

2017-11-15 08:14 - 2017-11-02 05:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll

2017-11-15 08:14 - 2017-11-02 05:34 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2017-11-15 08:14 - 2017-11-02 05:34 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll

2017-11-15 08:14 - 2017-11-02 05:34 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe

2017-11-15 08:14 - 2017-11-02 05:34 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe

2017-11-15 08:14 - 2017-11-02 05:34 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe

2017-11-15 08:14 - 2017-11-02 05:34 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll

2017-11-15 08:14 - 2017-11-02 05:34 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2017-11-15 08:14 - 2017-11-02 05:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2017-11-15 08:14 - 2017-11-02 05:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll

2017-11-15 08:14 - 2017-11-02 05:33 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll

2017-11-15 08:14 - 2017-11-02 05:33 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll

2017-11-15 08:14 - 2017-11-02 05:33 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll

2017-11-15 08:14 - 2017-11-02 05:33 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll

2017-11-15 08:14 - 2017-11-02 05:33 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll

2017-11-15 08:14 - 2017-11-02 05:32 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2017-11-15 08:14 - 2017-11-02 05:32 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll

2017-11-15 08:14 - 2017-11-02 05:32 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll

2017-11-15 08:14 - 2017-11-02 05:31 - 020512256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2017-11-15 08:14 - 2017-11-02 05:31 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll

2017-11-15 08:14 - 2017-11-02 05:31 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll

2017-11-15 08:14 - 2017-11-02 05:31 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll

2017-11-15 08:14 - 2017-11-02 05:30 - 013381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll

2017-11-15 08:14 - 2017-11-02 05:30 - 007339008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll

2017-11-15 08:14 - 2017-11-02 05:30 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys

2017-11-15 08:14 - 2017-11-02 05:30 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll

2017-11-15 08:14 - 2017-11-02 05:30 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll

2017-11-15 08:14 - 2017-11-02 05:30 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll

2017-11-15 08:14 - 2017-11-02 05:30 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll

2017-11-15 08:14 - 2017-11-02 05:30 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2017-11-15 08:14 - 2017-11-02 05:30 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe

2017-11-15 08:14 - 2017-11-02 05:30 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2017-11-15 08:14 - 2017-11-02 05:30 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2017-11-15 08:14 - 2017-11-02 05:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE

2017-11-15 08:14 - 2017-11-02 05:29 - 019338240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2017-11-15 08:14 - 2017-11-02 05:29 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll

2017-11-15 08:14 - 2017-11-02 05:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys

2017-11-15 08:14 - 2017-11-02 05:29 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2017-11-15 08:14 - 2017-11-02 05:29 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2017-11-15 08:14 - 2017-11-02 05:29 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll

2017-11-15 08:14 - 2017-11-02 05:28 - 023684096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2017-11-15 08:14 - 2017-11-02 05:28 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll

2017-11-15 08:14 - 2017-11-02 05:28 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll

2017-11-15 08:14 - 2017-11-02 05:28 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll

2017-11-15 08:14 - 2017-11-02 05:28 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll

2017-11-15 08:14 - 2017-11-02 05:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll

2017-11-15 08:14 - 2017-11-02 05:27 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2017-11-15 08:14 - 2017-11-02 05:27 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll

2017-11-15 08:14 - 2017-11-02 05:27 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll

2017-11-15 08:14 - 2017-11-02 05:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll

2017-11-15 08:14 - 2017-11-02 05:27 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll

2017-11-15 08:14 - 2017-11-02 05:27 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2017-11-15 08:14 - 2017-11-02 05:27 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll

2017-11-15 08:14 - 2017-11-02 05:26 - 008197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2017-11-15 08:14 - 2017-11-02 05:26 - 005963776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll

2017-11-15 08:14 - 2017-11-02 05:26 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2017-11-15 08:14 - 2017-11-02 05:26 - 003060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll

2017-11-15 08:14 - 2017-11-02 05:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2017-11-15 08:14 - 2017-11-02 05:26 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll

2017-11-15 08:14 - 2017-11-02 05:26 - 001937408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll

2017-11-15 08:14 - 2017-11-02 05:26 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2017-11-15 08:14 - 2017-11-02 05:26 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2017-11-15 08:14 - 2017-11-02 05:26 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll

2017-11-15 08:14 - 2017-11-02 05:26 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll

2017-11-15 08:14 - 2017-11-02 05:25 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll

2017-11-15 08:14 - 2017-11-02 05:25 - 011888128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2017-11-15 08:14 - 2017-11-02 05:25 - 004727808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2017-11-15 08:14 - 2017-11-02 05:25 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll

2017-11-15 08:14 - 2017-11-02 05:25 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2017-11-15 08:14 - 2017-11-02 05:25 - 002052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2017-11-15 08:14 - 2017-11-02 05:25 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll

2017-11-15 08:14 - 2017-11-02 05:25 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll

2017-11-15 08:14 - 2017-11-02 05:25 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll

2017-11-15 08:14 - 2017-11-02 05:25 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll

2017-11-15 08:14 - 2017-11-02 05:25 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll

2017-11-15 08:14 - 2017-11-02 05:25 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll

2017-11-15 08:14 - 2017-11-02 05:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll

2017-11-15 08:14 - 2017-11-02 05:25 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2017-11-15 08:14 - 2017-11-02 05:24 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2017-11-15 08:14 - 2017-11-02 05:24 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll

2017-11-15 08:14 - 2017-11-02 05:24 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2017-11-15 08:14 - 2017-11-02 05:24 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll

2017-11-15 08:14 - 2017-11-02 05:24 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll

2017-11-15 08:14 - 2017-11-02 05:24 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll

2017-11-15 08:14 - 2017-11-02 05:23 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll

2017-11-15 08:14 - 2017-11-02 05:23 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2017-11-15 08:14 - 2017-11-02 05:23 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll

2017-11-15 08:14 - 2017-11-02 05:23 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2017-11-15 08:14 - 2017-11-02 05:23 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll

2017-11-15 08:14 - 2017-11-02 05:23 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll

2017-11-15 08:14 - 2017-11-02 05:23 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

2017-11-15 08:14 - 2017-11-02 05:22 - 006254080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2017-11-15 08:14 - 2017-11-02 05:22 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2017-11-15 08:14 - 2017-11-02 05:22 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2017-11-15 08:14 - 2017-11-02 05:22 - 001884160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll

2017-11-15 08:14 - 2017-11-02 05:22 - 001494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll

2017-11-15 08:14 - 2017-11-02 05:21 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll

2017-11-15 08:14 - 2017-11-02 05:21 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2017-11-15 08:14 - 2017-11-02 05:21 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2017-11-15 08:14 - 2017-11-02 05:21 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2017-11-15 08:14 - 2017-11-02 05:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys

2017-11-15 08:14 - 2017-10-25 08:40 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll

2017-11-15 08:14 - 2017-10-15 16:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll

2017-11-15 08:14 - 2017-10-15 16:03 - 006765728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2017-11-15 08:14 - 2017-10-15 16:01 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll

2017-11-15 08:14 - 2017-10-15 15:59 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll

2017-11-15 08:14 - 2017-10-15 15:57 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys

2017-11-15 08:14 - 2017-10-15 15:57 - 000409496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2017-11-15 08:14 - 2017-10-15 15:56 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll

2017-11-15 08:14 - 2017-10-15 15:55 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2017-11-15 08:14 - 2017-10-15 15:53 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll

2017-11-15 08:14 - 2017-10-15 15:53 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll

2017-11-15 08:14 - 2017-10-15 15:51 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll

2017-11-15 08:14 - 2017-10-15 15:49 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll

2017-11-15 08:14 - 2017-10-15 15:49 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll

2017-11-15 08:14 - 2017-10-15 15:45 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll

2017-11-15 08:14 - 2017-10-15 15:45 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll

2017-11-15 08:14 - 2017-10-15 15:44 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll

2017-11-15 08:14 - 2017-10-15 15:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll

2017-11-15 08:14 - 2017-10-15 15:42 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll

2017-11-15 08:14 - 2017-10-15 15:42 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll

2017-11-15 08:14 - 2017-10-15 15:41 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll

2017-11-15 08:14 - 2017-10-15 15:41 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll

2017-11-15 08:14 - 2017-10-15 15:38 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll

2017-11-15 08:14 - 2017-10-15 15:15 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll

2017-11-15 08:14 - 2017-10-15 15:14 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll

2017-11-15 08:14 - 2017-10-15 15:13 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll

2017-11-15 08:14 - 2017-10-15 15:10 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll

2017-11-15 08:14 - 2017-10-15 15:09 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll

2017-11-15 08:14 - 2017-10-15 15:09 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll

2017-11-15 08:14 - 2017-10-15 15:08 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe

2017-11-15 08:14 - 2017-10-15 15:08 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll

2017-11-15 08:14 - 2017-10-15 15:07 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll

2017-11-15 08:14 - 2017-10-15 15:05 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll

2017-11-15 08:14 - 2017-10-15 15:05 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll

2017-11-15 08:14 - 2017-10-15 15:04 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll

2017-11-15 08:14 - 2017-10-15 15:02 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll

2017-11-15 08:14 - 2017-10-15 15:00 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll

2017-11-14 17:10 - 2017-11-14 17:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7b6f3e9bdaed11e2

2017-11-14 17:06 - 2017-11-14 17:06 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign950b9b8e647b1f03

2017-11-14 17:05 - 2017-11-14 17:05 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf2eb2c53f8e533af

2017-11-14 17:05 - 2017-11-14 17:05 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignab81a3b4a0c0ab51

2017-11-14 17:05 - 2017-11-14 17:05 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign621758f4e7f96120

2017-11-14 13:59 - 2017-11-14 13:59 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign015e2309645afec9

2017-11-14 13:45 - 2017-11-14 13:45 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4ce810d7e4ca8f9e

2017-11-14 13:41 - 2017-11-14 13:41 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign845bfe61afc94c97

2017-11-14 13:41 - 2017-11-14 13:41 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign63b1fdf75d40f85e

2017-11-14 13:41 - 2017-11-14 13:41 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1ab2a62162c68306

2017-11-14 11:54 - 2017-11-14 11:54 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7eb9268c44364055

2017-11-13 23:28 - 2017-11-13 23:28 - 000000000 ____D C:\Windows.old

2017-11-13 21:16 - 2017-11-13 21:16 - 003258261 _____ C:\Users\webma\Downloads\AMD-Encoder-for-OBS-Studio.2.2.4.zip

2017-11-13 21:16 - 2017-11-13 21:16 - 000000000 ____D C:\Users\webma\Downloads\AMD-Encoder-for-OBS-Studio.2.2.4

2017-11-13 21:14 - 2017-11-13 21:14 - 001810764 _____ C:\Users\webma\Downloads\AMD-Encoder-for-OBS-Studio.2.2.4.7z

2017-11-13 20:43 - 2017-11-16 09:26 - 000000000 ____D C:\Users\Public\Speedup Sessions

2017-11-13 20:15 - 2017-11-13 20:15 - 004529185 _____ C:\Users\webma\Downloads\Lina - Dreist [720p].mp4

2017-11-13 17:57 - 2017-11-13 17:57 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne38674d189bfde91

2017-11-13 17:43 - 2017-11-13 17:43 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigneb57a3929b08ad63

2017-11-13 16:30 - 2017-11-13 16:30 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne1fb8ee366dbb8ab

2017-11-13 16:29 - 2017-11-13 16:29 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign6414ee50e2820eec

2017-11-13 16:28 - 2017-11-13 16:28 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc833029646288934

2017-11-13 16:26 - 2017-11-13 16:26 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna84d3ebd0fc31f3d

2017-11-13 16:26 - 2017-11-13 16:26 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8b996e5bddd9965e

2017-11-13 16:15 - 2017-11-13 16:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8f05f8077a291609

2017-11-13 16:15 - 2017-11-13 16:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign6bf8ef933aeceb0a

2017-11-13 16:15 - 2017-11-13 16:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign186485e670a18d73

2017-11-13 15:17 - 2017-11-13 15:17 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignbbe7fbb5d024df65

2017-11-13 15:14 - 2017-11-13 15:14 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb26321ecd3b04d0b

2017-11-13 15:13 - 2017-11-13 15:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign69ceef32c42a6c25

2017-11-13 15:13 - 2017-11-13 15:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0322f8b722aae701

2017-11-13 14:03 - 2017-11-13 14:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign383d04b2a80a9dde

2017-11-13 11:33 - 2017-11-13 11:33 - 000000000 ____D

FRST Teil 2

Code:

C:\Users\webma\AppData\Local\Tempzxpsign205139ced67a45b3

2017-11-13 11:17 - 2017-11-13 11:17 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign2ab94e7dd7345497

2017-11-13 11:13 - 2017-11-13 11:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign99107a3ca352a24c

2017-11-13 11:13 - 2017-11-13 11:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign817f5db8622b5a9e

2017-11-13 11:13 - 2017-11-13 11:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign26e4f19a9288de02

2017-11-13 11:10 - 2017-11-13 11:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign2a73e72a6ae7a8b1

2017-11-13 10:55 - 2017-11-13 10:55 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd9f3f9c7453b0d3f

2017-11-13 10:18 - 2017-11-13 10:18 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne6cb9749451b293e

2017-11-13 10:18 - 2017-11-13 10:18 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign6c2c4850789cf79c

2017-11-13 10:04 - 2017-11-13 10:04 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7f6783e3b1102ab3

2017-11-13 08:56 - 2017-11-13 08:56 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7c293c000ac147c5

2017-11-13 08:55 - 2017-11-13 08:55 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne546c2e71181aad3

2017-11-13 08:55 - 2017-11-13 08:55 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb025918d1be2917e

2017-11-13 08:43 - 2017-11-13 09:26 - 2116807362 _____ C:\Users\webma\Downloads\188835416-92213409-7a6ff9da-a33f-42ed-8721-7f5afb4d870a.mp4

2017-11-13 00:44 - 2017-11-13 00:44 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0c195a62de8cf271

2017-11-13 00:41 - 2017-11-13 00:41 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna62d065bccb7ae87

2017-11-13 00:41 - 2017-11-13 00:41 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0b632c6d40b91630

2017-11-12 23:15 - 2017-11-12 23:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna157ecc850ef0026

2017-11-12 13:58 - 2017-11-12 13:58 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1bd59725f266e1aa

2017-11-12 13:34 - 2017-11-12 13:34 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignabac901e719327ea

2017-11-12 13:34 - 2017-11-12 13:34 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5d2eef0acd683b21

2017-11-12 13:34 - 2017-11-12 13:34 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign14dfbea261033029

2017-11-12 11:03 - 2017-11-12 11:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign34f301301ac778ff

2017-11-12 11:00 - 2017-11-12 11:00 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign43b609719df7e2d5

2017-11-12 11:00 - 2017-11-12 11:00 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1f27e365eaacd78a

2017-11-12 02:36 - 2017-11-12 02:36 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf1ee4895cb16280e

2017-11-11 21:06 - 2017-11-11 21:06 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne04a3200f8bb9f45

2017-11-11 21:03 - 2017-11-11 21:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignccc203ae2b588b7a

2017-11-11 21:03 - 2017-11-11 21:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigncc9ccbcc2478ffd7

2017-11-11 14:40 - 2017-11-11 14:40 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7b67ce9c13c90980

2017-11-11 14:32 - 2017-11-11 14:32 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignabdf3330b533689f

2017-11-11 14:32 - 2017-11-11 14:32 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3abd1f7d64cfd8ac

2017-11-11 13:58 - 2017-11-11 13:58 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1c0e22501cc46c19

2017-11-10 18:34 - 2017-11-10 18:34 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb4bb6cdd3da25311

2017-11-10 18:33 - 2017-11-10 18:33 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign6d8a4e6fd3c14161

2017-11-10 18:33 - 2017-11-10 18:33 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign56f9c3ae59c69ce9

2017-11-10 18:03 - 2017-11-10 18:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7b0ec691ee6bb7d9

2017-11-10 17:16 - 2017-11-10 17:16 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4cf82c826c0cd3f7

2017-11-10 17:02 - 2017-11-10 17:02 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne8d9ab4475676178

2017-11-10 17:02 - 2017-11-10 17:02 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8dcf3b8694aed8ae

2017-11-10 17:02 - 2017-11-10 17:02 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3df93fee444cabf2

2017-11-10 16:20 - 2017-11-10 16:20 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign97bbf200fa720afb

2017-11-10 16:18 - 2017-11-10 16:18 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc764bdd505cffbf9

2017-11-10 16:18 - 2017-11-10 16:18 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9596285e18b848cb

2017-11-10 16:18 - 2017-11-10 16:18 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0c67454b59bd9b6d

2017-11-10 15:22 - 2017-11-10 15:22 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd99e5c41b5f791f7

2017-11-10 15:01 - 2017-11-10 15:01 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3eea02a5d5a952fd

2017-11-10 10:25 - 2017-11-10 10:25 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9d66a741cfca14d0

2017-11-10 10:24 - 2017-11-10 10:24 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna0e9bbd704acea6c

2017-11-10 10:24 - 2017-11-10 10:24 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4cb1d41acbae17e4

2017-11-10 09:31 - 2017-11-10 09:31 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign909105333f96f4ba

2017-11-10 09:25 - 2017-11-10 09:25 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna3f7878037e586d3

2017-11-10 09:24 - 2017-11-10 09:24 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc33a6bcca4552b8b

2017-11-10 09:24 - 2017-11-10 09:24 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1b87665b2297f543

2017-11-10 09:12 - 2017-11-10 09:12 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign38460f03d3b99487

2017-11-10 08:30 - 2017-11-10 08:30 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign73e872b098ef1ef9

2017-11-10 08:29 - 2017-11-10 08:29 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf7c922679c2b3ec8

2017-11-10 08:29 - 2017-11-10 08:29 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna7d89078394105f9

2017-11-10 08:29 - 2017-11-10 08:29 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1ba396532840944f

2017-11-10 08:23 - 2017-11-10 08:23 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign32b29b8a7ce9bc7b

2017-11-09 21:23 - 2017-11-09 21:24 - 015858264 _____ C:\Users\webma\Downloads\Velvet Hanging Cloths (1).zip

2017-11-09 21:18 - 2017-11-09 21:18 - 040107750 _____ C:\Users\webma\Downloads\LeahLillith_BoomShockHair_001.package

2017-11-09 21:18 - 2017-11-09 21:18 - 007251203 _____ C:\Users\webma\Downloads\jennisims_NewseaS4HairTellMe(Retexture).zip

2017-11-09 21:06 - 2017-11-09 21:06 - 015858264 _____ C:\Users\webma\Downloads\Velvet Hanging Cloths.zip

2017-11-09 21:05 - 2017-11-09 21:05 - 028990152 _____ C:\Users\webma\Downloads\[novvvas] Velvet Hanging Cloths Recolors.rar

2017-11-09 21:03 - 2017-11-09 21:04 - 025754245 _____ C:\Users\webma\Downloads\simiracle leahlillith clique toddler.package

2017-11-09 21:03 - 2017-11-09 21:03 - 025751414 _____ C:\Users\webma\Downloads\simiracle leahlillith clique kids.package

2017-11-09 21:03 - 2017-11-09 21:03 - 025751414 _____ C:\Users\webma\Downloads\simiracle leahlillith clique kids (1).package

2017-11-09 21:03 - 2017-11-09 21:03 - 011569126 _____ C:\Users\webma\Downloads\1392526.zip

2017-11-09 21:02 - 2017-11-09 21:02 - 024188521 _____ C:\Users\webma\Downloads\LeahLillith_CliqueHair_001.package

2017-11-09 21:01 - 2017-11-09 21:01 - 000650118 _____ C:\Users\webma\Downloads\PS_EyebrowContour_N01.package

2017-11-09 21:00 - 2017-11-09 21:00 - 000892250 _____ C:\Users\webma\Downloads\Bobur Lipstick 33.package

2017-11-09 20:59 - 2017-11-09 20:59 - 023093140 _____ C:\Users\webma\Downloads\Anto_S4Hair_Owl.package

2017-11-09 20:57 - 2017-11-09 20:57 - 000141708 _____ C:\Users\webma\Downloads\Madlen Lombardia Shoes.package

2017-11-09 20:53 - 2017-11-09 20:53 - 005084280 _____ C:\Users\webma\Downloads\Wandtattoo Trinken Rezept.zip

2017-11-09 20:52 - 2017-11-09 20:52 - 000688040 _____ C:\Users\webma\Downloads\Fussmatten_byUrbina.package

2017-11-09 17:09 - 2017-11-09 17:09 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0c96d1c5f733317e

2017-11-09 16:33 - 2017-11-09 16:33 - 000000000 ____D C:\Users\webma\Downloads\PaintingPartyTime_jennisims

2017-11-09 16:33 - 2017-11-09 16:33 - 000000000 ____D C:\Users\webma\Downloads\LittleFlowerWallpapers_Annett85

2017-11-09 16:33 - 2017-11-09 16:33 - 000000000 ____D C:\Users\webma\Downloads\1393878

2017-11-09 16:32 - 2017-11-09 16:33 - 000000000 ____D C:\Users\webma\Downloads\1394328

2017-11-09 15:27 - 2017-11-09 15:27 - 002086229 _____ C:\Users\webma\Downloads\PaintingPartyTime_jennisims.zip

2017-11-09 15:23 - 2017-11-09 15:23 - 025176873 _____ C:\Users\webma\Downloads\LittleFlowerWallpapers_Annett85.zip

2017-11-09 15:12 - 2017-11-09 15:12 - 020047777 _____ C:\Users\webma\Downloads\1393878.zip

2017-11-09 15:10 - 2017-11-09 15:10 - 094089758 _____ C:\Users\webma\Downloads\1394328.zip

2017-11-09 14:45 - 2017-11-09 14:45 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4f2bebf36b90898c

2017-11-09 14:43 - 2017-11-09 14:43 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4a94e52a6ce1ee5e

2017-11-09 14:43 - 2017-11-09 14:43 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign317413e87f59b4e4

2017-11-08 16:40 - 2017-11-08 16:40 - 000035900 _____ C:\Users\webma\AppData\Local\recently-used.xbel

2017-11-08 14:19 - 2017-11-08 14:19 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign994c34cee264a626

2017-11-08 14:13 - 2017-11-08 14:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3e3b39646e5c5675

2017-11-08 14:13 - 2017-11-08 14:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1044903013d36cdc

2017-11-08 11:42 - 2017-11-08 11:42 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign27b4eaf45eacb09f

2017-11-08 11:31 - 2017-11-08 11:31 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf7e38f745fc5129f

2017-11-08 10:34 - 2017-11-08 10:34 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5f11ec76ba53defe

2017-11-08 09:27 - 2017-11-08 09:27 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignfffe3f484db40fdb

2017-11-08 09:10 - 2017-11-08 09:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndd9bb70023bb62fd

2017-11-08 09:10 - 2017-11-08 09:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign18bd45eea6fd7189

2017-11-08 09:10 - 2017-11-08 09:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign17b7d0d24552708e

2017-11-08 08:39 - 2017-11-08 08:39 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3140ad3d0be1d03a

2017-11-08 08:31 - 2017-11-08 08:31 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign115bf2bd6aa1846c

2017-11-08 08:02 - 2017-11-08 08:02 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne277c780b7622df7

2017-11-08 08:02 - 2017-11-08 08:02 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb06c79b8ae19f674

2017-11-08 08:02 - 2017-11-08 08:02 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign19cf59338ec2d9d3

2017-11-08 01:39 - 2017-11-08 01:39 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5d40d2e0dc1738fb

2017-11-08 01:11 - 2017-11-08 01:11 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign50039b15b74fe045

2017-11-08 01:10 - 2017-11-08 01:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign2d4536c4f6ff7601

2017-11-08 01:08 - 2017-11-08 01:08 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc8dc17898507b12b

2017-11-08 01:08 - 2017-11-08 01:08 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign73fa10031e7ee157

2017-11-08 01:07 - 2017-11-08 01:07 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna262fcdc6d1978e6

2017-11-08 01:06 - 2017-11-08 01:06 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb866012976d828c3

2017-11-08 01:06 - 2017-11-08 01:06 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign949f946a6ac43cb2

2017-11-08 01:06 - 2017-11-08 01:06 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign14dca0256cb2261d

2017-11-07 20:39 - 2017-11-07 20:39 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign21329aff6595e781

2017-11-07 20:33 - 2017-11-07 20:33 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5db22534d5f3749f

2017-11-07 19:08 - 2017-11-07 19:08 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign736995dcdc86fe48

2017-11-07 19:08 - 2017-11-07 19:08 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3d0de977c859b63c

2017-11-07 19:07 - 2017-11-07 19:07 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc594eb3e7786b801

2017-11-07 19:07 - 2017-11-07 19:07 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3bd4a7caea6ddd2f

2017-11-07 19:05 - 2017-11-07 19:05 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign53e7cac9b91b8667

2017-11-07 19:01 - 2017-11-07 19:01 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign6f1952802aa9a386

2017-11-07 18:53 - 2017-11-07 18:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna0a1c010d26d5f2a

2017-11-07 18:53 - 2017-11-07 18:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign11bff207867529b7

2017-11-07 14:57 - 2017-11-07 14:57 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign2d5633fda30e0d80

2017-11-07 14:55 - 2017-11-07 14:55 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign44aaac670a503f1b

2017-11-07 14:53 - 2017-11-07 14:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9cfbff8c8c66e1f0

2017-11-07 14:53 - 2017-11-07 14:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign745c7a0eed82aae4

2017-11-07 14:12 - 2017-11-07 14:12 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4762090bef7a8c92

2017-11-07 14:10 - 2017-11-07 14:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignfd6205127c1bb014

2017-11-07 14:10 - 2017-11-07 14:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5d63075dac020e67

2017-11-07 14:09 - 2017-11-07 14:09 - 000000000 ____D C:\Users\webma\Downloads\luna2

2017-11-07 14:09 - 2017-11-07 14:09 - 000000000 ____D C:\Users\webma\Downloads\fineliner_script

2017-11-07 14:09 - 2017-11-07 14:09 - 000000000 ____D C:\Users\webma\Downloads\a_little_pot

2017-11-07 14:08 - 2017-11-07 14:08 - 000000000 ____D C:\Users\webma\Downloads\catcafe

2017-11-07 14:07 - 2017-11-07 14:07 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8fb6a1cce3f9908f

2017-11-07 14:06 - 2017-11-07 14:06 - 000082740 _____ C:\Users\webma\Downloads\catcafe.zip

2017-11-07 14:06 - 2017-11-07 14:06 - 000035490 _____ C:\Users\webma\Downloads\fineliner_script.zip

2017-11-07 14:06 - 2017-11-07 14:06 - 000030814 _____ C:\Users\webma\Downloads\luna2.zip

2017-11-07 14:06 - 2017-11-07 14:06 - 000011395 _____ C:\Users\webma\Downloads\a_little_pot.zip

2017-11-07 14:03 - 2017-11-07 14:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndd8a2372ad077f75

2017-11-07 14:03 - 2017-11-07 14:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign922b0c4261ac346c

2017-11-07 14:03 - 2017-11-07 14:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8b24bc3115ded409

2017-11-07 13:59 - 2017-11-07 13:59 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign32a92d9213f70d8c

2017-11-07 13:54 - 2017-11-07 13:54 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc23882486f2a393f

2017-11-07 13:54 - 2017-11-07 13:54 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3e49f5d3f125a736

2017-11-07 13:54 - 2017-11-07 13:54 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1367a859dc54b020

2017-11-07 13:53 - 2017-11-07 13:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign6fcecd90a8200fed

2017-11-07 13:39 - 2017-11-07 13:39 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign65d0cfe4fd8ab831

2017-11-07 12:47 - 2017-11-07 12:47 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign44c1092324498a40

2017-11-07 07:52 - 2017-11-07 07:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignbd246fcaade580d9

2017-11-07 07:52 - 2017-11-07 07:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8f21dc261db67a6a

2017-11-07 07:52 - 2017-11-07 07:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign49551e1f39eeaf7a

2017-11-07 07:48 - 2017-11-07 07:48 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1d27a5c2431e2c44

2017-11-07 07:47 - 2017-11-07 07:47 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4879d1a6486dd01f

2017-11-07 07:47 - 2017-11-07 07:47 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign20e917b63f940bb3

2017-11-07 01:28 - 2017-11-07 01:28 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne9913aebc2f525d0

2017-11-06 15:55 - 2017-11-06 15:55 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignab3a375b1b9e47d8

2017-11-06 15:55 - 2017-11-06 15:55 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign73637cf594d89533

2017-11-06 15:55 - 2017-11-06 15:55 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign04ac8a1f2dde9566

2017-11-06 14:17 - 2017-11-06 14:17 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna3767f4c50441228

2017-11-06 09:23 - 2017-11-06 09:23 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna1d6c10f36f1f50c

2017-11-06 09:20 - 2017-11-06 09:20 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignce820c54649338dc

2017-11-06 09:20 - 2017-11-06 09:20 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign2c05178b1385c8d5

2017-11-06 08:57 - 2017-11-06 08:57 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4b9c75fb97936043

2017-11-05 23:44 - 2017-11-05 23:44 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign69a144d6254cce97

2017-11-05 23:30 - 2017-11-05 23:30 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign65d07958db40e6b4

2017-11-05 23:26 - 2017-11-05 23:26 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd5c34cde92c72391

2017-11-05 23:26 - 2017-11-05 23:26 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0e0b1c3125f0ff64

2017-11-05 15:40 - 2017-11-05 15:40 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9587248346c33b0c

2017-11-05 15:40 - 2017-11-05 15:40 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8538a0a5b3385c61

2017-11-05 15:40 - 2017-11-05 15:40 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0a08af36b1a049b1

2017-11-05 15:13 - 2017-11-05 15:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign6596b7081fbac768

2017-11-05 13:51 - 2017-11-05 13:51 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignedff1434126718df

2017-11-05 13:13 - 2017-11-05 13:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignab348d58c59326bf

2017-11-05 13:13 - 2017-11-05 13:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8df85a8cc0920de9

2017-11-05 13:06 - 2017-11-05 13:06 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd45ee6c3215ea8d5

2017-11-05 13:03 - 2017-11-05 13:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignae5f2d4923946cc3

2017-11-05 13:03 - 2017-11-05 13:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign6e058567fa91cbb2

2017-11-05 13:02 - 2017-11-05 13:02 - 000000000 ____D C:\Users\webma\Downloads\sofija

2017-11-05 13:01 - 2017-11-05 13:01 - 000000000 ____D C:\Users\webma\Downloads\tumult

2017-11-05 13:01 - 2017-11-05 13:01 - 000000000 ____D C:\Users\webma\Downloads\october_crow

2017-11-05 13:01 - 2017-11-05 13:01 - 000000000 ____D C:\Users\webma\Downloads\dead_font_walking

2017-11-05 13:00 - 2017-11-05 13:00 - 000000000 ____D C:\Users\webma\Downloads\uptown

2017-11-05 13:00 - 2017-11-05 13:00 - 000000000 ____D C:\Users\webma\Downloads\_ank

2017-11-05 12:59 - 2017-11-05 12:59 - 000000000 ____D C:\Users\webma\Downloads\viper_nora

2017-11-05 12:59 - 2017-11-05 12:59 - 000000000 ____D C:\Users\webma\Downloads\scratched_letters

2017-11-05 12:59 - 2017-11-05 12:59 - 000000000 ____D C:\Users\webma\Downloads\metro_grunge

2017-11-05 12:56 - 2017-11-05 12:56 - 000369352 _____ C:\Users\webma\Downloads\tumult.zip

2017-11-05 12:56 - 2017-11-05 12:56 - 000017370 _____ C:\Users\webma\Downloads\dead_font_walking.zip

2017-11-05 12:55 - 2017-11-05 12:55 - 000111436 _____ C:\Users\webma\Downloads\october_crow.zip

2017-11-05 12:55 - 2017-11-05 12:55 - 000092040 _____ C:\Users\webma\Downloads\_ank.zip

2017-11-05 12:55 - 2017-11-05 12:55 - 000038912 _____ C:\Users\webma\Downloads\uptown.zip

2017-11-05 12:54 - 2017-11-05 12:54 - 000404968 _____ C:\Users\webma\Downloads\viper_nora.zip

2017-11-05 12:54 - 2017-11-05 12:54 - 000378547 _____ C:\Users\webma\Downloads\metro_grunge.zip

2017-11-05 12:54 - 2017-11-05 12:54 - 000231980 _____ C:\Users\webma\Downloads\scratched_letters.zip

2017-11-05 12:54 - 2017-11-05 12:54 - 000033287 _____ C:\Users\webma\Downloads\sofija.zip

2017-11-05 12:33 - 2017-11-05 12:33 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf12609c6dd6cd9d0

2017-11-05 12:20 - 2017-11-05 12:20 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb94a775fab0423f6

2017-11-05 12:20 - 2017-11-05 12:20 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna024220817065493

2017-11-05 12:19 - 2017-11-05 12:19 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd537cee57b8632eb

2017-11-05 12:19 - 2017-11-05 12:19 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign46317ecab310c777

2017-11-05 11:45 - 2017-11-05 11:45 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4b1e58fe0d06dbd7

2017-11-05 10:40 - 2017-11-05 10:40 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf494f3161216545c

2017-11-05 10:40 - 2017-11-05 10:40 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigned87ae0331f9e729

2017-11-05 10:40 - 2017-11-05 10:40 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb9266e43ba81e86a

2017-11-04 20:48 - 2017-11-05 10:40 - 000000000 ____D C:\Users\webma\AppData\Local\NVIDIA

2017-11-04 20:47 - 2017-11-04 20:47 - 000001489 _____ C:\Users\Public\Desktop\GeForce Experience.lnk

2017-11-04 20:45 - 2017-11-04 20:45 - 000000000 ____D C:\Program Files (x86)\VulkanRT

2017-11-04 20:45 - 2017-10-27 17:06 - 000136312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe

2017-11-04 20:45 - 2017-09-14 00:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll

2017-11-04 20:45 - 2017-09-14 00:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe

2017-11-04 20:45 - 2017-09-14 00:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll

2017-11-04 20:45 - 2017-09-14 00:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe

2017-11-04 20:44 - 2017-10-27 18:50 - 040237688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 036239480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 035156928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 029270976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 023262280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 019037416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 013864048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 013254520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 011779328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 010882720 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 004201592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 003614328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 001989056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438813.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 001673848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438813.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 001331200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 001321448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 001135464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 001099712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 001044848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 001038680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 001031104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 000981112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 000932288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 000794392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 000739448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 000634224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 000618928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 000615544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 000598464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 000505976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 000045496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll

2017-11-04 20:44 - 2017-10-27 18:50 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json

2017-11-04 20:44 - 2017-10-27 18:50 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json

2017-11-04 20:40 - 2017-11-04 20:42 - 460431568 _____ (NVIDIA Corporation) C:\Users\webma\Downloads\388.13-desktop-win10-64bit-international-whql.exe

2017-11-04 20:39 - 2017-11-04 20:39 - 000001279 _____ C:\Users\Public\Desktop\OBS Studio.lnk

2017-11-04 20:38 - 2017-11-04 20:38 - 102817808 _____ (obsproject.com) C:\Users\webma\Downloads\OBS-Studio-20.1.1-Full-Installer.exe

2017-11-04 14:32 - 2017-11-04 14:32 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign61cb94ba0abb4e4f

2017-11-04 14:11 - 2017-11-04 14:11 - 077167394 _____ C:\Users\webma\Downloads\187561793-92213409-26816464-215d-4bdc-9a75-47911e04fb26.mp4

2017-11-03 01:53 - 2017-11-03 01:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign86a4eac31d111f09

2017-11-03 01:51 - 2017-11-03 01:51 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd27e67963fca4f75

2017-11-03 01:50 - 2017-11-03 01:50 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne46916a3e99a3b67

2017-11-03 01:50 - 2017-11-03 01:50 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign06ced60616c1abcb

2017-11-02 18:52 - 2017-11-02 18:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign30f4cb95369bffe5

2017-11-02 18:25 - 2017-11-02 18:25 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna5471ace31f3989b

2017-11-02 18:20 - 2017-11-02 18:20 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3240a7bac607407f

2017-11-02 18:19 - 2017-11-02 18:19 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9c53683dd640da0c

2017-11-02 18:19 - 2017-11-02 18:19 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9b31083cab3b8e9c

2017-11-02 17:58 - 2017-11-02 17:58 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0ed9c1c1e4813352

2017-11-02 17:56 - 2017-11-02 17:56 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3be6b4e09f5eba60

2017-11-02 17:53 - 2017-11-02 17:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd2f2940d312dad2c

2017-11-02 17:53 - 2017-11-02 17:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9869bf6d27329413

2017-11-02 17:53 - 2017-11-02 17:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign287f172604f7c7ad

2017-11-01 13:43 - 2017-11-01 13:43 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7c2ccc841523c9a8

2017-11-01 13:42 - 2017-11-01 13:42 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndc51da94e04dc864

2017-11-01 13:42 - 2017-11-01 13:42 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd6b6a3d7a9457214

2017-11-01 13:31 - 2017-11-01 13:31 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5a3280539522e2aa

2017-10-31 22:15 - 2017-10-31 22:15 - 000000000 ____D C:\Users\webma\AppData\LocalLow\DefaultCompany

2017-10-31 19:08 - 2017-10-31 19:08 - 000000222 _____ C:\Users\webma\Desktop\Through the Woods.url

2017-10-31 19:08 - 2017-10-31 19:08 - 000000222 _____ C:\Users\webma\Desktop\The Survey.url

2017-10-31 19:08 - 2017-10-31 19:08 - 000000222 _____ C:\Users\webma\Desktop\Dead End Road.url

2017-10-31 16:11 - 2017-10-31 16:11 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign762906e878359bb9

2017-10-31 16:09 - 2017-10-31 16:09 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign438954bd61d92dbc

2017-10-31 16:09 - 2017-10-31 16:09 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign07bdb6acaaf34013

2017-10-31 13:06 - 2017-10-31 13:06 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3fa4ee140cfed01e

2017-10-31 12:52 - 2017-10-31 12:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd295280b3dfdd2c4

2017-10-31 12:52 - 2017-10-31 12:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign62ba84488d841746

2017-10-31 11:17 - 2017-10-31 11:17 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignab879e75addb84d2

2017-10-31 11:17 - 2017-10-31 11:17 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign197dbe2e7cbe601f

2017-10-31 11:16 - 2017-10-31 11:16 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf62ee0464435a566

2017-10-31 11:14 - 2017-10-31 11:14 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4fb3f4fcc36714d5

2017-10-31 11:14 - 2017-10-31 11:14 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign12e163646a7f4ed9

2017-10-31 10:58 - 2017-10-31 10:58 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign09bdaec4f7b35a72

2017-10-31 10:50 - 2017-10-31 10:50 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndd4bc1d74861b93e

2017-10-31 10:49 - 2017-10-31 10:49 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna66a1f6fc7c01576

2017-10-31 10:49 - 2017-10-31 10:49 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4ae2b9a3e3c14665

2017-10-31 01:39 - 2017-10-31 01:39 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign03601af9246b27d6

2017-10-30 14:06 - 2017-10-30 14:06 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign33bd095ae93ced7f

2017-10-30 14:04 - 2017-10-30 14:04 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne5f4bf1def95d140

2017-10-30 14:04 - 2017-10-30 14:04 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna61f696fbc8c61d3

2017-10-30 14:04 - 2017-10-30 14:04 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign357fc9e2dfe04958

2017-10-30 11:22 - 2017-10-30 11:22 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf42566128a84d967

2017-10-30 11:21 - 2017-10-30 11:21 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign75116c8af664e490

2017-10-30 11:16 - 2017-10-30 11:16 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign91feaa8d9e397b10

2017-10-30 11:16 - 2017-10-30 11:16 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4d45ffb8f6a51581

2017-10-30 00:28 - 2017-10-30 00:28 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4f9a58bdb562bb18

2017-10-29 22:42 - 2017-10-29 22:42 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd37eadf69b53fb5b

2017-10-29 22:41 - 2017-10-29 22:41 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb8952d802c6b343c

2017-10-29 22:41 - 2017-10-29 22:41 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign509af73748c68371

2017-10-29 15:14 - 2017-10-29 15:14 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf2ec29746c5041d2

2017-10-29 15:14 - 2017-10-29 15:14 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8dcee0ded748ec4c

2017-10-29 15:14 - 2017-10-29 15:14 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign480fb137c874e181

2017-10-29 14:35 - 2017-10-29 14:35 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne7fe92cbdc731abd

2017-10-29 11:43 - 2017-10-29 11:43 - 000201339 _____ C:\Users\webma\Downloads\Ponybogen_3873.pdf

2017-10-29 10:48 - 2017-10-29 10:48 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf348cb2c78ea8c62

2017-10-29 10:48 - 2017-10-29 10:48 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndd348679c68c6081

2017-10-29 10:48 - 2017-10-29 10:48 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb9e330bdcc20b5d3

2017-10-29 10:42 - 2017-10-29 10:42 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9170453ad6d895c1

2017-10-28 09:43 - 2017-10-28 09:43 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign03e8174b96430bd7

2017-10-28 09:35 - 2017-10-28 09:35 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign6ee9191fe11f7455

2017-10-28 09:35 - 2017-10-28 09:35 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5dfbc268893d4760

2017-10-28 09:35 - 2017-10-28 09:35 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign2ea92e61aa8d195b

2017-10-28 09:31 - 2017-10-28 09:31 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndec5c1e009748fd8

2017-10-28 01:15 - 2017-10-28 01:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0f2f3ddc17ae4784

2017-10-28 00:52 - 2017-10-28 00:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc1d522f8a7d0f28c

2017-10-28 00:52 - 2017-10-28 00:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna51d1c2d47e24b75

2017-10-28 00:52 - 2017-10-28 00:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign93b97b80854c3159

2017-10-27 13:17 - 2017-10-27 13:17 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5f4ceed1fa68a98d

2017-10-27 13:16 - 2017-10-27 13:16 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigneb31a295aafe5ad2

2017-10-27 13:16 - 2017-10-27 13:16 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignbcf5d04b32bd1898

2017-10-27 12:52 - 2017-10-27 12:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignbdc98129b6057266

2017-10-27 12:26 - 2017-10-27 12:26 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign444c87980869dd7e

2017-10-26 23:53 - 2017-10-26 23:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7989568e3e7c94fb

2017-10-26 23:50 - 2017-10-26 23:50 - 000000000 ____D C:\Users\webma\Downloads\TombRaiderTAoD_GerPatchV2

2017-10-26 23:38 - 2017-10-26 23:38 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb4369362df2efe0f

2017-10-26 23:38 - 2017-10-26 23:38 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0fd00d1549ae6ab8

2017-10-26 23:24 - 2017-10-26 23:29 - 1324722000 _____ C:\Users\webma\Downloads\TombRaiderTAoD_GerPatchV2.zip

2017-10-26 23:16 - 2017-10-26 23:16 - 000000000 ____D C:\Users\webma\Desktop\sicherung2

2017-10-26 15:18 - 2017-10-26 15:18 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3b3d36e585faff0e

2017-10-26 15:04 - 2017-10-26 15:04 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignabb26181fb1a2e5a

2017-10-26 15:04 - 2017-10-26 15:04 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign6060d0e60441271d

2017-10-26 15:04 - 2017-10-26 15:04 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5ea7c5c3a80295f8

2017-10-26 15:04 - 2017-10-26 15:04 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0ca5df1cab6fb6e8

2017-10-25 22:53 - 2017-10-25 22:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigncdede9aad955925f

2017-10-25 22:53 - 2017-10-25 22:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8e693def4798479c

2017-10-25 22:48 - 2017-10-25 22:48 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignacf0da55d0402906

2017-10-25 22:48 - 2017-10-25 22:48 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9793796e5b82b052

2017-10-25 22:48 - 2017-10-25 22:48 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign25fb1510886ab615

2017-10-25 13:17 - 2017-10-25 13:17 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign93f6673d92b7654e

2017-10-25 13:15 - 2017-10-25 13:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb5b14a2ea741012f

2017-10-25 13:15 - 2017-10-25 13:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1e0680bd9e9094ff

2017-10-25 12:15 - 2017-10-25 12:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign970dfa0b3b1cd2d8

2017-10-25 09:20 - 2017-10-25 09:20 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5a1a7e0a2cf0e8e9

2017-10-25 09:19 - 2017-10-25 09:19 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne7d0baa0e41b5831

2017-10-25 09:19 - 2017-10-25 09:19 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7d7148925e367dff

2017-10-25 09:19 - 2017-10-25 09:19 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0554a693964cda30

2017-10-25 00:18 - 2017-10-25 00:18 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne019fdb61a5168fd

2017-10-24 22:36 - 2017-10-24 22:36 - 006926164 _____ C:\Users\webma\Downloads\notepad-plus-plus-7.5.1.zip

2017-10-24 22:33 - 2017-10-24 22:33 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign2a29f3464e892475

2017-10-24 22:32 - 2017-10-24 22:32 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8aa4122e322f627d

2017-10-24 22:31 - 2017-10-24 22:31 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne4c87b2f237b5c74

2017-10-24 22:31 - 2017-10-24 22:31 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndbbf5f5e1635f433

2017-10-24 22:31 - 2017-10-24 22:31 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign16d047c4f82bae68

2017-10-24 18:28 - 2017-10-24 18:28 - 000000222 _____ C:\Users\webma\Desktop\The Walking Dead.url

2017-10-24 16:42 - 2017-10-24 16:42 - 000000000 ____D C:\Program Files\HP

2017-10-24 16:42 - 2013-04-15 10:50 - 000654336 _____ C:\WINDOWS\system32\HP1006SM.EXE

2017-10-24 16:42 - 2013-04-15 10:50 - 000198144 _____ C:\WINDOWS\system32\HP1006LM.DLL

2017-10-24 16:28 - 2017-10-24 16:28 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd19ce1bb3233c779

2017-10-24 16:28 - 2017-10-24 16:28 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb5d2dd5bb88b3485

2017-10-24 16:28 - 2017-10-24 16:28 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign070c2b13afbf10ed

2017-10-24 15:23 - 2017-10-24 15:23 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign204576d245c45d15

2017-10-24 13:51 - 2017-10-24 13:51 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna6b16812ebeedb80

2017-10-24 13:51 - 2017-10-24 13:51 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign6151b889c6dc0288

2017-10-24 13:51 - 2017-10-24 13:51 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign03bb794f35906930

2017-10-24 13:18 - 2017-10-26 23:15 - 000000000 ____D C:\Users\webma\Desktop\sicherung1

2017-10-24 11:51 - 2017-10-24 12:13 - 078178742 _____ C:\Users\webma\Downloads\Nicht bestätigt 980403.crdownload

2017-10-24 11:48 - 2017-10-24 11:48 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9cb5f038a1515ee4

2017-10-24 11:47 - 2017-10-24 11:47 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne51d640c866993e8

2017-10-24 11:47 - 2017-10-24 11:47 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5ac81d411e8d3ef6

2017-10-24 11:47 - 2017-10-24 11:47 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0405b7fb7e9fa95f

2017-10-24 11:32 - 2017-10-24 11:32 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignda259dff3130726d

2017-10-24 10:35 - 2017-10-24 10:35 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign2eea0cc3a1392924

2017-10-23 23:35 - 2017-10-23 23:35 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf62ca8a74e51f703

2017-10-23 23:35 - 2017-10-23 23:35 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignee0409d3a24a2b62

2017-10-23 23:35 - 2017-10-23 23:35 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8a72416fee57e255

2017-10-22 23:36 - 2017-10-22 23:36 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign39b3b1c675ca9732

2017-10-22 23:33 - 2017-10-22 23:33 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignda1845c612f2f022

2017-10-22 23:33 - 2017-10-22 23:33 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign440a44583c25fe36

2017-10-22 21:12 - 2017-10-22 21:12 - 000000222 _____ C:\Users\webma\Desktop\Tomb Raider (VI) The Angel of Darkness.url

2017-10-22 20:57 - 2017-10-22 20:57 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignab8c42c5e1484290

2017-10-22 20:52 - 2017-10-22 20:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9280df3eb1d3b184

2017-10-22 20:52 - 2017-10-22 20:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign20a366254a3b5306

2017-10-22 20:52 - 2017-10-22 20:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1059a1a3f53e7531

2017-10-22 20:40 - 2017-10-22 20:40 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignda09974cbcebda18

2017-10-22 20:40 - 2017-10-22 20:40 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5d7126ed7ef13a24

2017-10-22 20:39 - 2017-10-22 20:39 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign30e0d1af83669b75

2017-10-22 20:38 - 2017-10-22 20:38 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne416abb48a9820a6

2017-10-22 20:38 - 2017-10-22 20:38 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna1dc1ef9a8764675

2017-10-22 20:16 - 2017-10-22 20:16 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignbadc7959d92e592b

2017-10-22 20:12 - 2017-10-22 20:12 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna314759b105c7439

2017-10-22 20:12 - 2017-10-22 20:12 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign711ca929e624305d

2017-10-22 20:12 - 2017-10-22 20:12 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign66d4a785ce727f62

2017-10-22 20:11 - 2017-10-22 20:11 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5523f1bfb04c6f3d

2017-10-22 19:58 - 2017-10-22 19:58 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign8dd3dde7a8b74432

2017-10-22 19:57 - 2017-10-22 19:57 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign0b519257923e155e

2017-10-22 19:54 - 2017-10-22 19:54 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne79c792f0773bbe1

2017-10-22 19:53 - 2017-10-22 19:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign518a78bfbd6ff97b

2017-10-22 19:52 - 2017-10-22 19:52 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign07c2d91d511f61d8

2017-10-22 19:50 - 2017-10-22 19:50 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb82f9530ae971857

2017-10-22 19:50 - 2017-10-22 19:50 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb76d7d43ae2f78f8

2017-10-22 19:50 - 2017-10-22 19:50 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna12632029f69f537

2017-10-22 13:36 - 2017-10-22 13:36 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd6febd129066ee82

2017-10-22 13:36 - 2017-10-22 13:36 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9d597af2c723cb20

2017-10-22 13:36 - 2017-10-22 13:36 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign64773000fee3bd05

2017-10-22 11:59 - 2017-10-22 11:59 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigncc39561d635061af

2017-10-22 11:42 - 2017-10-22 11:42 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign98b7049799cf6438

2017-10-21 15:10 - 2017-10-21 15:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna3c4a13a4a444aa4

2017-10-21 15:09 - 2017-10-21 15:09 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign86c2291ceec4c2f7

2017-10-21 15:09 - 2017-10-21 15:09 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign1ffc3db67975a4a9

2017-10-21 14:51 - 2017-10-21 14:51 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne6c805a44da0db8c

2017-10-21 14:50 - 2017-10-21 14:50 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne8939a346b3cf9d8

2017-10-21 14:50 - 2017-10-21 14:50 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne41a110094bed74b

2017-10-21 14:50 - 2017-10-21 14:50 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign57856fda5fbd9483

2017-10-21 14:50 - 2017-10-21 14:50 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign33b32d9086607c0e

2017-10-21 14:07 - 2017-10-21 14:07 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign96e13a17f56b73dc

2017-10-21 11:46 - 2017-10-21 11:46 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign76ac88d567310590

2017-10-21 11:45 - 2017-10-21 11:45 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignf26b69f30a2c99cf

2017-10-21 11:45 - 2017-10-21 11:45 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndffcec9543f2fa33

2017-10-21 09:58 - 2017-10-21 09:58 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign33cc590018a4b7ff

2017-10-20 14:39 - 2017-10-20 14:39 - 002423628 _____ C:\Users\webma\Downloads\Bee-Do [360p].mp4

2017-10-20 13:41 - 2017-10-20 13:41 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne1d9f2fa0f94f0c1

2017-10-20 13:41 - 2017-10-20 13:41 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignab776f1f2009af4b

2017-10-20 13:41 - 2017-10-20 13:41 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign028307b96fbfadda

2017-10-20 13:36 - 2017-10-20 13:36 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7ce7d0c9b255a643

2017-10-20 09:12 - 2017-10-20 09:12 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5f6f45f671bf3e30

2017-10-20 09:11 - 2017-10-20 09:11 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna47f05fdb6862257

2017-10-20 08:49 - 2017-10-20 08:49 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign94a2a881baba7743

2017-10-20 08:49 - 2017-10-20 08:49 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign67b3cc78838f8774

2017-10-20 07:36 - 2017-10-20 07:36 - 000560073 _____ C:\Users\webma\Downloads\Sherlock _ Welcome to London [360p].mp4

2017-10-20 07:07 - 2017-10-20 07:07 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign5709b80b6505a76c

2017-10-20 07:03 - 2017-10-20 07:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb4485af790f373bb

2017-10-20 07:03 - 2017-10-20 07:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9d64d814f20d4433

2017-10-20 07:03 - 2017-10-20 07:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign387d4fa1e179f1b5

2017-10-19 16:53 - 2017-10-19 16:53 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignbaea64213be89541

2017-10-19 16:47 - 2017-10-19 16:47 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigncd09d5575eea0635

2017-10-19 16:47 - 2017-10-19 16:47 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign480dd6881f149fb5

2017-10-19 13:54 - 2017-10-19 13:54 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign64be6eec8a6cdfec

2017-10-19 13:28 - 2017-10-19 13:28 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc763435c50147441

2017-10-19 13:28 - 2017-10-19 13:28 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign601dd53e0fb05381

2017-10-19 08:27 - 2017-10-19 08:27 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign9580e80b2322ab49

2017-10-19 08:26 - 2017-10-19 08:26 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndaeb09e2dbc950d9

2017-10-19 08:26 - 2017-10-19 08:26 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign86e8812a2ee8e6b4

2017-10-19 08:26 - 2017-10-19 08:26 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign547feb74dabdf97d

2017-10-18 22:28 - 2017-10-18 22:28 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndc3f21831d908d86

2017-10-18 15:15 - 2017-10-18 15:15 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7be2506da3062693

2017-10-18 13:18 - 2017-10-18 13:18 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc9101732b2aeaa66

2017-10-18 13:13 - 2017-10-18 13:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigneafa5c68e81933c5

2017-10-18 13:13 - 2017-10-18 13:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc19829f4a0873bb7

2017-10-18 13:13 - 2017-10-18 13:13 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigna8f69d8dcf69b69f

2017-10-18 11:25 - 2017-11-05 12:58 - 000082308 _____ C:\Users\webma\Downloads\Sofija.ttf

2017-10-18 07:36 - 2017-10-18 07:36 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign98fa74194ab65561

2017-10-18 07:36 - 2017-10-18 07:36 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign07015df7e8d36263

2017-10-18 07:30 - 2017-10-18 07:30 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign69632c58d8c34523

2017-10-18 07:27 - 2017-10-18 07:27 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne56d421a56118647

2017-10-18 07:27 - 2017-10-18 07:27 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign21eba6f109491a1d

2017-10-18 07:17 - 2017-10-18 07:17 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign7edd8e2df71d6fdd

2017-10-18 07:06 - 2017-10-18 07:06 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign4b1a5ed137402325

2017-10-17 19:35 - 2017-10-17 19:35 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc830915eb5647c68

2017-10-17 19:30 - 2017-10-17 19:30 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigne2ae601b14cbd0ff

2017-10-17 19:30 - 2017-10-17 19:30 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignb32aa982df500d6b

2017-10-17 19:30 - 2017-10-17 19:30 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign3e9f83d0febc9525

2017-10-17 19:27 - 2017-10-17 19:27 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndc9bc1983cda7513

2017-10-17 19:10 - 2017-10-17 19:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignec6b2381aaa57b3b

2017-10-17 19:10 - 2017-10-17 19:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignd8c3b13fc0f44da6

2017-10-17 19:10 - 2017-10-17 19:10 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignafc3e873ce6764f4

2017-10-17 18:49 - 2017-10-17 18:49 - 009194541 _____ C:\Users\webma\Downloads\Guild Wars 2 - Halloween Trailer [720p].mp4

2017-10-17 18:37 - 2017-10-17 18:38 - 038973247 _____ C:\Users\webma\Downloads\HD 1080p _ Tim Burton's The Nightmare Before Christmas Intro - This is Halloween [720p].mp4

2017-10-17 18:28 - 2017-10-17 18:29 - 014504096 _____ C:\Users\webma\Downloads\Guild Wars 2 - Halloween Trailer! [720p].mp4

2017-10-17 18:24 - 2017-10-17 18:25 - 033021130 _____ C:\Users\webma\Downloads\Halloween 2012 - Complete OST - Guild Wars 2 [360p].mp4

2017-10-17 18:24 - 2017-10-17 18:24 - 006033104 _____ C:\Users\webma\Downloads\Guild Wars 2 Halloween 2012 - Halloween Theme [360p].mp4

2017-10-17 18:11 - 2017-10-17 18:11 - 007898165 _____ C:\Users\webma\Downloads\Guild Wars 2_ Halloween 2013 Trailer DE [720p].mp4

2017-10-17 18:03 - 2017-10-17 18:03 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignc399d04269690298

2017-10-17 13:28 - 2017-10-17 13:28 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign2e346822e9b85027

2017-10-17 13:27 - 2017-10-17 13:27 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsigndfb4fb0170d28ce9

2017-10-17 13:27 - 2017-10-17 13:27 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsignbfe0b6a1e3f615f3

2017-10-17 13:12 - 2017-10-17 13:12 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign29d682d68d5607d5

2017-10-17 07:41 - 2017-10-17 07:41 - 000000000 ____D C:\Users\webma\AppData\Local\Tempzxpsign65240db856e5cfec
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2017-11-16 15:44 - 2017-09-13 20:58 - 000000000 ____D C:\Users\webma\AppData\LocalLow\Mozilla

2017-11-16 15:43 - 2017-09-13 16:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

2017-11-16 15:01 - 2017-09-30 16:00 - 000000000 ____D C:\$WINDOWS.~BT

2017-11-16 14:30 - 2017-09-14 01:04 - 000000000 ____D C:\Users\webma\AppData\Roaming\obs-studio

2017-11-16 14:19 - 2017-09-13 21:57 - 000000000 ____D C:\Users\webma\AppData\Local\Spotify

2017-11-16 12:25 - 2017-09-13 16:04 - 000000000 ____D C:\ProgramData\NVIDIA

2017-11-16 09:32 - 2017-09-13 22:11 - 000000000 ____D C:\Users\webma\AppData\Local\CrashDumps

2017-11-16 09:26 - 2017-09-13 16:04 - 000000000 ____D C:\Users\webma

2017-11-16 09:25 - 2017-09-13 21:57 - 000000000 ____D C:\Users\webma\AppData\Roaming\Spotify

2017-11-16 09:23 - 2017-09-13 14:59 - 000000000 __RHD C:\Users\Public\AccountPictures

2017-11-16 09:23 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness

2017-11-16 09:13 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF

2017-11-16 09:10 - 2017-09-13 16:10 - 004150110 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2017-11-16 09:10 - 2017-03-20 05:35 - 002038106 _____ C:\WINDOWS\system32\perfh007.dat

2017-11-16 09:10 - 2017-03-20 05:35 - 000518046 _____ C:\WINDOWS\system32\perfc007.dat

2017-11-16 09:03 - 2017-09-13 16:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

2017-11-16 09:03 - 2017-09-13 16:03 - 000269344 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2017-11-16 08:49 - 2017-03-18 12:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI

2017-11-16 08:48 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\appraiser

2017-11-16 08:48 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences

2017-11-16 08:48 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning

2017-11-16 08:48 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer

2017-11-16 08:48 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2017-11-16 05:22 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps

2017-11-16 02:00 - 2017-09-14 08:59 - 000000000 ____D C:\Users\webma\AppData\Local\Adobe

2017-11-16 01:31 - 2017-09-14 16:02 - 000000000 ____D C:\Users\webma\AppData\Roaming\vlc

2017-11-15 23:25 - 2017-09-13 16:17 - 000002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2017-11-15 19:51 - 2017-09-13 16:18 - 000000000 ____D C:\ProgramData\Package Cache

2017-11-15 19:51 - 2017-09-13 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2017-11-15 18:33 - 2017-09-13 22:46 - 000000000 ____D C:\Users\webma\AppData\Roaming\Origin

2017-11-15 18:33 - 2017-09-13 22:44 - 000000000 ____D C:\ProgramData\Origin

2017-11-15 08:16 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp

2017-11-14 18:20 - 2017-09-13 16:14 - 000003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2017-11-14 18:20 - 2017-09-13 16:14 - 000003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2017-11-14 14:28 - 2017-09-14 14:31 - 000000000 ____D C:\Users\webma\AppData\Roaming\audacity

2017-11-14 08:53 - 2017-09-13 15:35 - 000000000 ___DC C:\WINDOWS\Panther

2017-11-14 08:47 - 2017-09-13 16:07 - 000041913 _____ C:\WINDOWS\diagwrn.xml

2017-11-14 08:47 - 2017-09-13 16:07 - 000041913 _____ C:\WINDOWS\diagerr.xml

2017-11-14 08:31 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Registration

2017-11-14 00:57 - 2017-09-13 22:48 - 000000000 ____D C:\Program Files (x86)\Steam

2017-11-13 20:43 - 2017-09-13 16:20 - 000003768 _____ C:\WINDOWS\System32\Tasks\AviraSystemSpeedupUpdate

2017-11-13 20:43 - 2017-09-13 16:18 - 000000000 ____D C:\Program Files (x86)\Avira

2017-11-13 13:39 - 2017-09-16 08:24 - 000001271 _____ C:\Users\webma\Desktop\nativelog.txt

2017-11-13 12:36 - 2017-09-13 22:40 - 000000000 ____D C:\Users\webma\AppData\Roaming\.minecraft

2017-11-12 14:22 - 2017-03-18 12:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM

2017-11-12 12:54 - 2017-09-14 07:42 - 000000000 ____D C:\Users\webma\AppData\Roaming\TS3Client

2017-11-12 08:10 - 2017-09-13 15:01 - 000000000 ____D C:\Users\webma\AppData\Local\Comms

2017-11-10 09:35 - 2017-09-13 14:59 - 000000000 ____D C:\Users\webma\AppData\Roaming\Adobe

2017-11-10 08:45 - 2017-09-14 07:42 - 000001423 _____ C:\Users\Public\Desktop\Die Sims 4.lnk

2017-11-09 22:10 - 2017-09-14 00:08 - 000000000 ____D C:\Users\webma\.gimp-2.8

2017-11-08 23:35 - 2017-09-13 15:01 - 000000000 ___RD C:\Users\webma\OneDrive

2017-11-08 16:40 - 2017-10-07 00:28 - 000000000 ____D C:\Users\webma\AppData\Local\gtk-2.0

2017-11-08 03:30 - 2017-09-13 16:07 - 000003364 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1005499408-1899380149-1193096314-1001

2017-11-08 03:30 - 2017-09-13 15:01 - 000002425 _____ C:\Users\webma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2017-11-08 01:20 - 2017-09-13 22:39 - 000153600 ___SH C:\Users\webma\Downloads\Thumbs.db

2017-11-05 11:34 - 2017-09-14 13:48 - 000000000 ____D C:\Videobearbeitung

2017-11-05 02:40 - 2017-03-18 22:06 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2017-11-05 02:40 - 2017-03-18 22:06 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2017-11-04 20:48 - 2017-09-13 22:04 - 000000000 ____D C:\Users\webma\AppData\Local\NVIDIA Corporation

2017-11-04 20:48 - 2017-09-13 16:04 - 000000000 ____D C:\ProgramData\NVIDIA Corporation

2017-11-04 20:46 - 2017-09-13 21:30 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-11-04 20:46 - 2017-09-13 21:30 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-11-04 20:46 - 2017-09-13 21:30 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-11-04 20:46 - 2017-09-13 21:30 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-11-04 20:46 - 2017-09-13 21:30 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-11-04 20:46 - 2017-09-13 21:30 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-11-04 20:46 - 2017-09-13 21:30 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-11-04 20:46 - 2017-09-13 21:30 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2017-11-04 20:46 - 2017-09-13 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2017-11-04 20:46 - 2017-09-13 16:03 - 000000000 ____D C:\Program Files\NVIDIA Corporation

2017-11-04 20:46 - 2017-09-13 16:03 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation

2017-11-04 20:45 - 2017-09-14 07:13 - 000000000 ____D C:\Users\webma\AppData\Roaming\NVIDIA

2017-11-04 19:41 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\NDF

2017-11-03 18:37 - 2017-09-13 22:46 - 000000000 ____D C:\Program Files (x86)\Origin

2017-11-02 21:22 - 2017-09-13 16:22 - 000003662 _____ C:\WINDOWS\System32\Tasks\Avira Safe Shopping Updater

2017-10-29 12:09 - 2017-09-13 22:39 - 000000000 ____D C:\Program Files (x86)\Minecraft

2017-10-27 18:50 - 2017-09-13 21:30 - 001796216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll

2017-10-27 18:50 - 2017-09-13 21:30 - 001578104 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll

2017-10-27 18:50 - 2017-09-13 21:30 - 000919160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll

2017-10-27 18:50 - 2017-09-13 21:30 - 000186488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll

2017-10-27 18:50 - 2017-09-13 21:30 - 000152696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll

2017-10-27 18:50 - 2017-09-13 21:30 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat

2017-10-27 18:50 - 2017-09-13 21:28 - 000057976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys

2017-10-27 18:50 - 2017-09-13 21:28 - 000050808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys

2017-10-27 18:50 - 2017-09-13 16:04 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat

2017-10-27 18:50 - 2017-05-19 17:03 - 001615472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll

2017-10-27 18:50 - 2017-05-19 17:03 - 000225208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys

2017-10-27 18:50 - 2017-05-19 16:47 - 004485048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll

2017-10-27 18:50 - 2017-05-19 16:47 - 003817584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

2017-10-27 18:50 - 2017-05-19 13:22 - 000048442 _____ C:\WINDOWS\system32\nvinfo.pb

2017-10-27 17:12 - 2017-09-13 16:04 - 005960824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll

2017-10-27 17:12 - 2017-09-13 16:04 - 002587768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll

2017-10-27 17:12 - 2017-09-13 16:04 - 001766520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll

2017-10-27 17:12 - 2017-09-13 16:04 - 000607168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll

2017-10-27 17:12 - 2017-09-13 16:04 - 000449656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll

2017-10-27 17:12 - 2017-09-13 16:04 - 000123000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

2017-10-27 17:12 - 2017-09-13 16:04 - 000081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

2017-10-27 09:16 - 2017-09-13 20:58 - 000000000 ____D C:\Program Files\Mozilla Firefox

2017-10-27 09:16 - 2017-09-13 20:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2017-10-26 21:15 - 2017-09-14 14:28 - 001029872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys

2017-10-25 18:31 - 2017-10-07 00:52 - 000001010 _____ C:\Users\webma\Desktop\Gw2-64 - Verknüpfung.lnk

2017-10-25 11:33 - 2017-09-13 16:04 - 007802921 _____ C:\WINDOWS\system32\nvcoproc.bin

2017-10-25 09:42 - 2017-09-14 13:32 - 000000000 ____D C:\Users\webma\Documents\Guild Wars 2

2017-10-23 23:45 - 2017-10-09 23:15 - 000000306 _____ C:\Users\webma\Documents\ClownfishVoiceChanger.ini

2017-10-19 09:54 - 2017-10-04 14:52 - 000000000 ____D C:\GUILD WARS 2
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2017-11-08 16:40 - 2017-11-08 16:40 - 000035900 _____ () C:\Users\webma\AppData\Local\recently-used.xbel

2017-09-16 17:31 - 2017-09-16 17:31 - 000007642 _____ () C:\Users\webma\AppData\Local\Resmon.ResmonCfg

2017-09-13 16:45 - 2017-09-13 16:45 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
 

Einige Dateien in TEMP:

====================

2017-11-11 13:11 - 2017-11-11 13:11 - 000019968 ____N (Red Hat®, Inc.) C:\Users\webma\AppData\Local\Temp\jansi-64-1464395258913036234.dll

2017-11-13 11:58 - 2017-11-13 11:58 - 000019968 ____N (Red Hat®, Inc.) C:\Users\webma\AppData\Local\Temp\jansi-64-5968533294059277289.dll

2017-11-13 12:37 - 2017-11-13 12:37 - 000019968 ____N (Red Hat®, Inc.) C:\Users\webma\AppData\Local\Temp\jansi-64-8944479149242186012.dll

2017-11-11 13:22 - 2017-11-11 13:22 - 000019968 ____N (Red Hat®, Inc.) C:\Users\webma\AppData\Local\Temp\jansi-64-94356977098488206.dll
 

==================== Bamital & volsnap ======================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert

C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert

C:\WINDOWS\explorer.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert

C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert

C:\WINDOWS\system32\services.exe => Datei ist digital signiert

C:\WINDOWS\system32\User32.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert

C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert

C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert

C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 

LastRegBack: 2017-11-14 17:35
 

==================== Ende von FRST.txt ============================

Addition

Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-11-2017

durchgeführt von webma (16-11-2017 15:52:45)

Gestartet von C:\Users\webma\Downloads

Windows 10 Home Version 1703 15063.726 (X64) (2017-09-13 15:10:14)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-1005499408-1899380149-1193096314-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-1005499408-1899380149-1193096314-503 - Limited - Disabled)

Gast (S-1-5-21-1005499408-1899380149-1193096314-501 - Limited - Enabled)

HomeGroupUser$ (S-1-5-21-1005499408-1899380149-1193096314-1003 - Limited - Enabled)

webma (S-1-5-21-1005499408-1899380149-1193096314-1001 - Administrator - Enabled) => C:\Users\webma
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}

AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_2_1) (Version: 14.2.1 - Adobe Systems Incorporated)

Adobe Bridge CC 2017 (HKLM-x32\...\KBRG_7_0) (Version: 7.0 - Adobe Systems Incorporated)

Adobe Character Animator CC (Beta) (HKLM-x32\...\ANMLBETA_1_0_6) (Version: 1.0.6 - Adobe Systems Incorporated)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)

Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_1_2) (Version: 11.1.2 - Adobe Systems Incorporated)

Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)

Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_1_2) (Version: 11.1.2 - Adobe Systems Incorporated)

AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)

Apple Application Support (32-Bit) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)

Apple Application Support (64-Bit) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)

Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.38.1 - Asmedia Technology)

AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.04.29 - ASUSTeK Computer Inc.)

Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.7.2314 - AVAST Software)

Avira (HKLM-x32\...\{37C2DE81-46FA-4EB3-83A5-F0D8F5B08F6E}) (Version: 1.2.99.31392 - Avira Operations GmbH & Co. KG) Hidden

Avira (HKLM-x32\...\{5a024a65-9f29-41b1-b178-946c9f826e72}) (Version: 1.2.99.31392 - Avira Operations GmbH & Co. KG)

Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.32.12 - Avira Operations GmbH & Co. KG)

Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.11.3.29834 - Avira Operations GmbH & Co. KG)

Avira Safe Shopping (HKLM-x32\...\{32484ED7-3133-4E50-9882-F3DBB1ACDD25}) (Version: 1.0.37.1668 - Avira Operations Gmbh & Co. KG)

Avira Software Updater (HKLM-x32\...\{306B9B30-7E66-40E3-81DF-872EE6EC58DE}) (Version: 2.0.4.724 - Avira Operations GmbH & Co. KG)

Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 4.3.0.6659 - Avira Operations GmbH & Co. KG)

Balanced (HKLM-x32\...\{EFD0705E-598B-46D4-8D5B-4539431764B8}) (Version: 2.02.0000 - Ihr Firmenname) Hidden

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

Clownfish Voice Changer (HKLM\...\ClownfishVoiceChanger) (Version:  - )

devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.3.0 - devolo AG)

Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.36.102.1020 - Electronic Arts Inc.)

Discord (HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\Discord) (Version: 0.0.298 - Discord Inc.)

Discord (HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\Discord) (Version: 0.0.298 - Discord Inc.)

Discord (HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\Discord) (Version: 0.0.298 - Discord Inc.)

FileZilla Client 3.27.1 (HKLM-x32\...\FileZilla Client) (Version: 3.27.1 - Tim Kosse)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden

GUILD WARS (HKLM-x32\...\Guild Wars) (Version:  - )

Guild Wars 2 (HKLM\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)

Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)

Intel(R) Network Connections 21.1.30.0 (HKLM\...\PROSetDX) (Version: 21.1.30.0 - Intel)

iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)

Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)

Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.81 - Logitech Inc.)

Malwarebytes Version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)

Microsoft OneDrive (HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)

Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)

Mozilla Firefox 56.0.2 (x64 de) (HKLM\...\Mozilla Firefox 56.0.2 (x64 de)) (Version: 56.0.2 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.2.6506 - Mozilla)

Mozilla Thunderbird 52.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 52.4.0 (x86 de)) (Version: 52.4.0 - Mozilla)

NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)

NVIDIA 3D Vision Treiber 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)

NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)

NVIDIA Grafiktreiber 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)

OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.1.1 - OBS Project)

OEM Application Profile (HKLM-x32\...\{7F5DCD33-1039-C3B2-9538-B645B65BBA63}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden

OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)

Origin (HKLM-x32\...\Origin) (Version: 10.5.5.6040 - Electronic Arts, Inc.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8010 - Realtek Semiconductor Corp.)

ROCCAT Swarm (HKLM-x32\...\{32C24F2E-923F-49C1-8E60-2B3DC5482255}) (Version: 1.92.00 - ROCCAT GmbH) Hidden

ROCCAT Swarm (HKLM-x32\...\InstallShield_{32C24F2E-923F-49C1-8E60-2B3DC5482255}) (Version: 1.92.00 - ROCCAT GmbH)

Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics)

Spotify (HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\Spotify) (Version: 1.0.67.582.g19436fa3 - Spotify AB)

Spotify (HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\Spotify) (Version: 1.0.67.582.g19436fa3 - Spotify AB)

Spotify (HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\Spotify) (Version: 1.0.67.582.g19436fa3 - Spotify AB)

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)

VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)

Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden

Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.15-3 - Wacom Technology Corp.)

WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)

WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)

Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)

x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version:  - )
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

CustomCLSID: HKU\S-1-5-21-1005499408-1899380149-1193096314-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-E269F71349AD}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-1005499408-1899380149-1193096314-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()

ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()

ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-11] (AVAST Software)

ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()

ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-11] (AVAST Software)

ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-10-15] (Avira Operations GmbH & Co. KG)

ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {ef263503-8f0e-3e6a-ae2e-fe0b4b441d52} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)

ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-11] (AVAST Software)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)

ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {3d52b24d-33bb-3895-99ea-a0156f24a3f9} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)

ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {cefaf456-bc17-3f4b-b7d9-75070925911b} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)

ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-08-14] ()

ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-10-11] (AVAST Software)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)

ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-10-15] (Avira Operations GmbH & Co. KG)
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {1A3C650A-AAE2-44A9-A84B-5DF9689ABF8A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-27] (NVIDIA Corporation)

Task: {262D4C8C-25CF-489B-B2C8-B364C016EF9C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-27] (NVIDIA Corporation)

Task: {3C9391F9-6BDE-428A-8277-F7BB380EA85C} - System32\Tasks\ROCCAT_Swarm_HWMonitor => C:/Program [Argument = Files (x86)/ROCCAT/ROCCAT Swarm/data/SWARM_CONNECT/SwarmHW_Service.exe]

Task: {3EB8A09D-C227-4E34-8846-2A49C8E3B381} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-27] (NVIDIA Corporation)

Task: {42B94797-833B-49E4-AB25-837CAF028E16} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-webmaster@ennorath.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)

Task: {58928441-65EE-4F29-A747-A55252C2BA39} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-13] (Google Inc.)

Task: {712158E8-9327-4387-9780-8E1FFA9B5169} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2017-05-19] (Samsung Electronics Co. Ltd.)

Task: {76A6C10F-235D-419A-A159-6D9458201C23} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [2017-11-07] (Avira Operations GmbH & Co. KG)

Task: {7CBEC02A-1107-4881-BDBE-D0186D65AB86} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2017-10-15] (Avira Operations GmbH & Co. KG)

Task: {850B496F-D2C6-4350-9D54-B28765FEC56A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-27] (NVIDIA Corporation)

Task: {92E9AF8A-0668-4A73-A25B-552DFB16015F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-27] (NVIDIA Corporation)

Task: {9D7A5D02-4769-43AE-A342-A85F630A701A} - System32\Tasks\Avira\System Speedup\SpeedupSysTray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2017-11-07] (Avira Operations GmbH & Co. KG)

Task: {9DA0D94D-C4E6-4B67-BE37-A120ED5612B7} - System32\Tasks\ASUS\AsRogAuraGpuDllServer => C:\Program Files (x86)\ASUS\AURA\AsRogAuraGpuDllServer.exe [2017-02-17] ()

Task: {A6B29667-4B0C-4277-A562-D644E44602C3} - System32\Tasks\Avira Safe Shopping Updater => C:\Program Files (x86)\Avira\Safe Shopping\\Updater\Updater.exe [2017-10-30] (Avira Operations Gmbh & Co. KG)

Task: {AB860543-E7E6-49B6-8F61-D86F5C0C1BC7} - System32\Tasks\Avira SystrayStartTrigger => Avira.SystrayStartTrigger.exe

Task: {B4509BA5-F7B5-461C-BD75-16C77C106E72} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [2017-11-13] (Avira Operations GmbH & Co. KG )

Task: {C2D99225-AAAF-4D12-8F99-B170F3932DBA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-27] (NVIDIA Corporation)

Task: {C4E991A2-8F61-49E0-80E1-298CFB5E84D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-13] (Google Inc.)

Task: {E458A340-1827-4294-BC28-38F99E3A88D3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-27] (NVIDIA Corporation)

Task: {E49C1D22-E6B3-4530-B495-4D6367D5040A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-27] (NVIDIA Corporation)

Task: {EEA6898C-A365-4E53-910D-434D69649157} - System32\Tasks\ThunderMaster => C:\Program Files (x86)\Thunder Master\THPanel.exe [2017-03-30] (Palit Microsystems Ltd.)

Task: {F293F4F1-1B8F-40D3-80B2-8FEFE8EA9CAF} - System32\Tasks\S-1-5-21-1005499408-1899380149-1193096314-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-11-02] (Microsoft Corporation)

Task: {F4994079-D0EA-4387-B6DC-6DE52C73EDD9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-10-11] (AVAST Software)

Task: {F6EC8D8B-4937-427E-983C-51C26E6EA161} - System32\Tasks\LaunchChromeTask111 => C:\Program Files\FileZilla FTP Client\FileZilla.exe [2017-08-14] (FileZilla Project)

Task: {F810E871-7ABA-422F-A08C-9C7E8BD78109} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\RadeonInstaller.exe [2017-08-09] (Advanced Micro Devices, Inc.)
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 
 

==================== Verknüpfungen & WMI ========================
 

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2017-10-24 16:42 - 2013-04-15 10:50 - 000198144 _____ () C:\WINDOWS\System32\HP1006LM.DLL

2017-10-24 16:42 - 2013-04-15 10:50 - 000065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1006PP.dll

2017-07-13 19:50 - 2017-07-13 19:50 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2017-07-13 19:50 - 2017-07-13 19:50 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2017-09-13 16:49 - 2017-02-17 10:50 - 000933840 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe

2017-09-13 16:41 - 2014-04-24 07:29 - 001360016 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe

2017-09-13 21:30 - 2017-10-27 18:50 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll

2017-09-13 16:04 - 2017-10-27 17:12 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll

2017-09-13 16:49 - 2017-02-17 18:07 - 000247256 _____ () C:\Program Files (x86)\ASUS\AURA\AsRogAuraGpuDllServer.exe

2017-10-11 21:15 - 2017-10-11 21:15 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll

2017-10-24 16:42 - 2013-04-15 10:49 - 004003328 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\HP1006SU.DLL

2017-10-24 16:42 - 2013-04-15 10:49 - 001236992 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\HP1006GC.dll

2017-08-14 02:48 - 2017-08-14 02:48 - 000491600 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll

2017-08-14 17:05 - 2017-08-14 17:05 - 000076456 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll

2017-09-13 22:36 - 2016-01-11 18:30 - 001349824 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll

2017-03-18 21:59 - 2017-03-20 05:36 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2017-11-12 08:10 - 2017-11-12 08:10 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe

2017-11-12 08:10 - 2017-11-12 08:10 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll

2017-11-12 08:10 - 2017-11-12 08:10 - 025461760 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkyWrap.dll

2017-11-07 06:58 - 2017-11-07 06:58 - 002552832 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\skypert.dll

2017-11-12 08:10 - 2017-11-12 08:10 - 000685056 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll

2015-03-07 01:07 - 2015-03-07 01:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll

2017-08-18 10:01 - 2017-08-18 10:01 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll

2015-03-07 01:07 - 2015-03-07 01:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll

2017-08-18 10:01 - 2017-08-18 10:01 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll

2017-09-13 22:32 - 2017-08-28 09:23 - 000224688 _____ () C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\detect_start_process.exe

2017-09-14 18:03 - 2017-09-14 18:03 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll

2017-11-14 07:51 - 2017-11-14 07:52 - 000022016 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

2017-11-14 07:51 - 2017-11-14 07:52 - 055109120 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll

2017-09-30 10:24 - 2017-09-30 10:24 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll

2017-11-14 07:51 - 2017-11-14 07:52 - 000164864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\VideoPlugin.dll

2017-09-30 10:24 - 2017-09-30 10:24 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll

2017-11-14 07:51 - 2017-11-14 07:52 - 003740160 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll

2017-11-14 07:51 - 2017-11-14 07:52 - 002051584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll

2017-11-14 07:51 - 2017-11-14 07:52 - 020759040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll

2017-11-14 07:51 - 2017-11-14 07:52 - 003607040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\MediaEngine.dll

2017-11-14 07:51 - 2017-11-14 07:52 - 003150848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll

2017-09-13 21:14 - 2017-09-13 21:14 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll

2017-11-14 07:51 - 2017-11-14 07:52 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll

2017-11-14 07:51 - 2017-11-14 07:52 - 002493440 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.People.AutoSuggest.dll

2017-11-14 07:51 - 2017-11-14 07:52 - 000919040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.People.PeoplePicker.dll

2017-11-14 07:51 - 2017-11-14 07:52 - 001363968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll

2017-11-14 07:51 - 2017-11-14 07:52 - 000084480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\MediaEngineVideoDataProvider.UWP.dll

2017-10-18 07:10 - 2017-10-18 07:10 - 025741312 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17092.13511.0_x64__8wekyb3d8bbwe\Video.UI.exe

2017-10-18 07:10 - 2017-10-18 07:10 - 009257984 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17092.13511.0_x64__8wekyb3d8bbwe\EntCommon.dll

2017-09-26 06:56 - 2017-09-26 06:56 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17092.13511.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll

2017-10-10 06:35 - 2017-10-10 06:35 - 004252672 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Calculator.exe

2017-09-26 06:56 - 2017-09-26 06:56 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1709.2703.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll

2017-11-16 15:44 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll

2017-11-16 15:44 - 2017-11-01 08:54 - 002358736 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll

2017-11-15 23:25 - 2017-11-10 10:57 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll

2017-11-15 23:25 - 2017-11-10 10:57 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll

2017-09-13 16:49 - 2017-11-16 09:03 - 000036136 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.03\PEbiosinterface32.dll

2017-09-13 16:49 - 2017-02-17 10:50 - 000104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.03\ATKEX.dll

2017-09-13 16:49 - 2017-02-17 16:50 - 001746432 _____ () C:\Program Files (x86)\ASUS\AURA\Vender.dll

2017-09-13 16:49 - 2017-02-17 16:50 - 000519680 _____ () C:\Program Files (x86)\ASUS\AURA\ClaymoreProtocol.dll

2017-09-13 16:49 - 2017-02-17 16:50 - 000519680 _____ () C:\Program Files (x86)\ASUS\AURA\RogNewmouseProtocol.dll

2017-09-13 21:30 - 2017-10-27 18:50 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

2014-10-23 17:27 - 2014-10-23 11:27 - 000119822 _____ () C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\libgcc_s_dw2-1.dll

2015-12-29 05:25 - 2015-12-28 23:25 - 001540622 _____ () C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\libstdc++-6.dll

2017-09-13 22:32 - 2017-08-28 09:05 - 000245760 _____ () C:\Program Files (x86)\ROCCAT\ROCCAT Swarm\aimo.dll

2017-09-06 17:11 - 2017-09-06 17:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node

2017-09-06 17:11 - 2017-09-06 17:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node

2017-09-06 17:11 - 2017-09-06 17:11 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node

2017-09-06 17:11 - 2017-09-06 17:11 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node

2017-09-20 02:04 - 2017-09-20 02:04 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll

2017-09-06 17:11 - 2017-09-06 17:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node

2017-09-12 19:11 - 2017-09-12 19:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node

2017-09-12 19:10 - 2017-09-12 19:10 - 000117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node

2017-09-12 19:11 - 2017-09-12 19:11 - 000125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node

2017-09-12 19:11 - 2017-09-12 19:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node

2017-09-20 01:59 - 2017-09-20 01:59 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll

2017-09-12 19:11 - 2017-09-12 19:11 - 000098816 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node

2017-09-12 19:11 - 2017-09-12 19:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 
 

==================== Hosts Inhalt: ===============================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504687\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154505823\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg

HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504800\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg

HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154505922\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\webma\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\509099.jpg

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\Control Panel\Desktop\\Wallpaper -> C:\Users\webma\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\509099.jpg

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\Control Panel\Desktop\\Wallpaper -> C:\Users\webma\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\509099.jpg

DNS Servers: 192.168.2.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 

HKLM\...\StartupApproved\Run: => "SecurityHealth"

HKLM\...\StartupApproved\Run: => "AvastUI.exe"

HKLM\...\StartupApproved\Run: => "iTunesHelper"

HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"

HKLM\...\StartupApproved\Run32: => "Avira Safe Shopping"

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\StartupApproved\Run: => "Discord"

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\StartupApproved\Run: => "OneDrive"

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\StartupApproved\Run: => "Spotify"

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\StartupApproved\Run: => "Spotify Web Helper"

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001\...\StartupApproved\Run: => "Steam"

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\StartupApproved\Run: => "Discord"

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\StartupApproved\Run: => "OneDrive"

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\StartupApproved\Run: => "Spotify"

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\StartupApproved\Run: => "Spotify Web Helper"

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154504900\...\StartupApproved\Run: => "Steam"

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\StartupApproved\Run: => "Discord"

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\StartupApproved\Run: => "OneDrive"

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\StartupApproved\Run: => "Spotify"

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\StartupApproved\Run: => "Spotify Web Helper"

HKU\S-1-5-21-1005499408-1899380149-1193096314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11162017154506031\...\StartupApproved\Run: => "Steam"
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [{722F89F1-7EE4-4591-8A46-7D5F6BE4774E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [{C84A104D-9286-4EA2-A7EC-B408B719C7CA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe

FirewallRules: [{CE80AD8B-93F0-4842-9337-C254221D9C43}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{42DA5475-E5EA-4900-9A6B-CF74C512DFFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{DB3DF4FD-3F53-47F9-8BCE-EA4816F1D1C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{0B18D8EE-1D1E-4771-A535-8A392D4FA268}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [TCP Query User{0C8235F0-F265-4B34-B948-377131EE2DD4}C:\users\webma\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\webma\appdata\roaming\spotify\spotify.exe

FirewallRules: [UDP Query User{73C40E90-B925-4EB6-93F4-107ADF72F4E8}C:\users\webma\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\webma\appdata\roaming\spotify\spotify.exe

FirewallRules: [TCP Query User{2DD5648A-7254-40FD-A2A5-3FE3259467BB}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe

FirewallRules: [UDP Query User{8BBC3ADE-3758-41D9-8BAB-E679A17AB824}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe

FirewallRules: [TCP Query User{B77F6937-B6B2-43B3-B2FC-4BC9CD22E76F}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe

FirewallRules: [UDP Query User{4FD06500-1979-4915-B832-3300E83CA468}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe

FirewallRules: [{61A902DD-8C2A-417B-BCE8-30EC861EC1CD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{35365809-85CF-4B1E-A4A1-E76EB759B913}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{2A546678-AD4B-41D7-8F50-B9C537527B23}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{91FDAFE8-1EFC-494F-91C5-CEF6828A8722}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{86A8D8FA-2207-4DBA-9C40-B6BC38BAFB6F}] => (Allow) C:\Program Files\iTunes\iTunes.exe

FirewallRules: [{2016B322-084C-4BB6-A837-AAF6C9D9EE08}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{23778048-B984-4945-8F55-0C6D815B0140}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{A1974F04-E843-4946-8F6D-569E2FAD5DF4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

FirewallRules: [{0D1F657C-FC87-4F65-8A97-2DE1618BE9F0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

FirewallRules: [{233F9EC9-0477-470C-9547-E1BBB74E2A7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe

FirewallRules: [{FF1491AA-37D1-4160-9A3D-5FA17F8FCAF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe

FirewallRules: [{31D21F58-799D-49F6-812A-DEBE854F608D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe

FirewallRules: [{E6C8B68F-8B2B-4B14-B8DB-B7E7A0B29D15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead by Daylight\DeadByDaylight.exe

FirewallRules: [TCP Query User{25321554-51C3-4572-98F2-254C866BF43B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe

FirewallRules: [UDP Query User{84180716-4FFD-408E-92D9-0C73D7C91C41}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe

FirewallRules: [TCP Query User{625643A7-E6CC-465C-B230-A745F3F8305D}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe

FirewallRules: [UDP Query User{0A315149-943A-43CE-9736-2163913A512F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe

FirewallRules: [TCP Query User{DE398F28-709A-4743-810C-99A3C7B9F01D}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe

FirewallRules: [UDP Query User{A2CBC700-8650-4597-ADD5-CEC46011D6DA}C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe] => (Allow) C:\program files (x86)\roccat\roccat swarm\roccat_swarm_monitor.exe

FirewallRules: [{965D9435-7808-4955-9FCE-B2DD905076B6}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

FirewallRules: [{6D9BF0A0-8425-4BAA-8EA7-073CED410188}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

FirewallRules: [{4315F131-FC46-43DA-A815-6E4D58826035}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Quiplash\Quiplash.exe

FirewallRules: [{A1F85D46-641E-4192-B04B-7716A66D6E20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Quiplash\Quiplash.exe

FirewallRules: [{6945DFE4-F515-44EB-A8FF-21EA0FC1F96B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Drawful 2\Drawful 2.exe

FirewallRules: [{7F92C305-22E0-4D5B-8D76-9F1F5A7E2E35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Drawful 2\Drawful 2.exe

FirewallRules: [{8C47E201-713E-4CED-89DF-D646B629A19A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead Season Two\TheWalkingDead2.exe

FirewallRules: [{88D5A389-51BA-4CD4-BF4D-F8E0F057F665}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead Season Two\TheWalkingDead2.exe

FirewallRules: [{25BB742A-37B9-4A2C-B399-A67616F392AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (VI) The Angel of Darkness\Launcher.exe

FirewallRules: [{DAFEC5AD-B512-489D-9D05-366FD561174E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider (VI) The Angel of Darkness\Launcher.exe

FirewallRules: [{044D5D8B-09A2-4E91-9F83-8F9FCD86C802}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe

FirewallRules: [{0B1589A8-51CC-4BEC-8BB8-E02CDE8C396C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe

FirewallRules: [{1776EC58-4D78-42D0-A93E-DBB96FED6EF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Through the Woods\Through the Woods.exe

FirewallRules: [{87D81ABB-C756-439C-A49C-33126CEB1B8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Through the Woods\Through the Woods.exe

FirewallRules: [{61D72F8E-20A0-4932-AB57-87D3AA51C1C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Survey\Visibility03.exe

FirewallRules: [{B19D4104-214A-4223-BC00-713C77D6B506}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Survey\Visibility03.exe

FirewallRules: [{5E28DF5D-5457-41CA-BCE6-4E4FFB6BCA7D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead End Road\Dead End Road.exe

FirewallRules: [{35423790-D39F-49B4-878A-C8C19A3A04D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead End Road\Dead End Road.exe

FirewallRules: [{CE3DD633-A2A5-4DFF-8176-3424789F24DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{84A0649D-1DA9-4CCF-BE17-1215B45242B6}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe

FirewallRules: [{9BF8DC9C-7044-47E4-9190-620732C4FB8C}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe

FirewallRules: [{8EF93C71-735E-4F07-B77B-B966DD5BEE74}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe

FirewallRules: [{91248B7F-650B-446E-9149-91CC6231814B}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe

FirewallRules: [{1445E780-2C93-46EF-B77A-C258D2A08E1B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 

==================== Wiederherstellungspunkte =========================
 

12-11-2017 14:57:55 Windows Update
 

==================== Fehlerhafte Geräte im Gerätemanager =============
 
 

==================== Fehlereinträge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (11/16/2017 09:51:57 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
 

Error: (11/16/2017 09:51:57 AM) (Source: PerfNet) (EventID: 2004) (User: )

Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.
 

Error: (11/16/2017 09:51:57 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: Die Open-Prozedur für den Dienst "MSDTC" in der DLL "C:\WINDOWS\system32\msdtcuiu.DLL" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
 

Error: (11/16/2017 09:51:57 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: Die Open-Prozedur für den Dienst "Lsa" in der DLL "C:\Windows\System32\Secur32.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
 

Error: (11/16/2017 09:51:57 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: Die Open-Prozedur für den Dienst "ESENT" in der DLL "C:\WINDOWS\system32\esentprf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
 

Error: (11/16/2017 09:51:57 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
 

Error: (11/16/2017 09:51:56 AM) (Source: PerfNet) (EventID: 2004) (User: )

Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.
 

Error: (11/16/2017 09:51:56 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: Die Open-Prozedur für den Dienst "MSDTC" in der DLL "C:\WINDOWS\system32\msdtcuiu.DLL" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
 

Error: (11/16/2017 09:51:56 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: Die Open-Prozedur für den Dienst "Lsa" in der DLL "C:\Windows\System32\Secur32.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
 

Error: (11/16/2017 09:51:56 AM) (Source: Perflib) (EventID: 1008) (User: )

Description: Die Open-Prozedur für den Dienst "ESENT" in der DLL "C:\WINDOWS\system32\esentprf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
 
 

Systemfehler:

=============

Error: (11/16/2017 09:03:35 AM) (Source: Service Control Manager) (EventID: 7024) (User: )

Description: Der Dienst "HomeGroupListener" wurde mit dem folgenden dienstspezifischen Fehler beendet: 

%%2147944153 = In der Endpunktzuordnung sind keine weiteren Endpunkte verfügbar.
 

Error: (11/16/2017 09:03:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 

Die Anforderung wird nicht unterstützt.
 

Error: (11/15/2017 07:50:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 

Die Anforderung wird nicht unterstützt.
 

Error: (11/14/2017 07:54:13 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)

Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024200d fehlgeschlagen: Funktionsupdate für Windows 10, Version 1709
 

Error: (11/14/2017 07:44:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 

Die Anforderung wird nicht unterstützt.
 

Error: (11/13/2017 11:22:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Windows Update" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (11/13/2017 11:22:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "Update Orchestrator Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (11/13/2017 09:21:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 

Die Anforderung wird nicht unterstützt.
 

Error: (11/13/2017 09:04:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 

Die Anforderung wird nicht unterstützt.
 

Error: (11/13/2017 08:37:59 PM) (Source: Service Control Manager) (EventID: 7024) (User: )

Description: Der Dienst "HomeGroupListener" wurde mit dem folgenden dienstspezifischen Fehler beendet: 

%%2147944153 = In der Endpunktzuordnung sind keine weiteren Endpunkte verfügbar.
 
 

CodeIntegrity:

===================================

  Date: 2017-11-16 15:44:20.715

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 

  Date: 2017-11-16 09:03:39.733

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-11-16 09:03:39.732

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-11-15 07:50:58.293

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-11-15 07:50:58.292

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-11-15 07:50:45.869

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-11-15 07:50:45.866

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-11-13 20:38:04.035

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-11-13 20:38:04.035

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-11-11 10:42:38.933

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: AMD Ryzen 7 1700X Eight-Core Processor 

Prozentuale Nutzung des RAM: 15%

Installierter physikalischer RAM: 32695.89 MB

Verfügbarer physikalischer RAM: 27472.83 MB

Summe virtueller Speicher: 37559.89 MB

Verfügbarer virtueller Speicher: 31974.71 MB
 

==================== Laufwerke ================================
 

Drive c: () (Fixed) (Total:475.54 GB) (Free:107.97 GB) NTFS

Drive d: (Volume) (Fixed) (Total:3725.9 GB) (Free:2566.01 GB) NTFS
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 3726 GB) (Disk ID: 00000000)
 

Partition: GPT.
 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 476.9 GB) (Disk ID: 00000000)
 

Partition: GPT.
 

==================== Ende von Addition.txt ============================