| |
| |||||||
Log-Analyse und Auswertung: PC führt Programme zT wahllos aus/nicht ausWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
28.05.2016, 10:51
| #1 |
 |  PC führt Programme zT wahllos aus/nicht aus Moin! Ich bin neu auf diesem Forum, deswegen bitte ich um Entschuldigung, sollte ich viel nachfragen (kenne mich mit der Materie schlecht aus). Seit gestern führt mein PC Programme nicht oder stark verzögert aus. Einige Beispiele: - Microsoft Security Essentials starten/aktivieren sich sehr langsam (15mins nach PC Start) Das Internetsymbol in der Taskleiste hat hierbei lange einen Kreis auf sich, dann kurz das gelbe Symbol und dann ist es normal, das Internet ist die ganze Zeit über nicht beeinträchtigt. - Firefox funzt ohne Probleme - Das Startmenü wird zeitweilig nicht anklickbar bzw. permanent unbedienbar - CS:GO startet gar nicht, LoL z.B. schon (beides Spiele) - jegliche Downloads (Anti-Malware Tools o.ä.) lassen sich nicht installieren - abgesicherter Modus arbeitet reibungsfrei Nach einer gewissen Zeit scheint nach dem Start alles plötzlich wieder zu laufen (die befohlenen Programmaufrufe etc. werden ausgeführt, Virenprogramm von Microsoft startet usw.). Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016
durchgeführt von Thomas (Administrator) auf THOMAS-PC (11-05-2016 12:47:59)
Gestartet von C:\Users\Thomas\Downloads
Geladene Profile: Thomas (Verfügbare Profile: Thomas)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Safe Mode (with Networking)
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [5009096 2016-04-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SPEEDLINK KUDOS] => C:\Program Files (x86)\SPEEDLINK\SPEEDLINK PRIME Gaming Mouse\Gaming Mouse.exe [1470464 2012-03-08] ()
HKLM-x32\...\Run: [Skiller PRO] => C:\Program Files (x86)\Skiller PRO\Monitor.exe [475136 2015-07-17] (Sharkoon Technologies)
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Run: [Spotify Web Helper] => C:\Users\Thomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-04-06] (Spotify Ltd)
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Run: [f.lux] => C:\Users\Thomas\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
BootExecute: autocheck autochk /r \??\C:autocheck autochk *
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{7F44B7C4-C23C-4E67-B9AC-3F19997CD50C}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-04-29] (Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-04-29] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-04-29] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-04-29] (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-04-29] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-04-29] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
FireFox:
========
FF ProfilePath: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default
FF Homepage: hxxps://www.youtube.com/watch?v=EiRC80FJbHU
FF NetworkProxy: "autoconfig_url", "hxxp://www.bib.h-bonn-rhein-sieg.de/bibmedia/Downloads/bibliothek/proxy-p-7010.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-04-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-04-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Extension: Reddit Enhancement Suite - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2016-04-06]
FF Extension: Adblock Plus - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-01]
Chrome:
=======
CHR HomePage: Default -> hxxps://www.twitch.tv/directory/following
CHR StartupUrls: Default -> "hxxps://www.twitch.tv/directory/following"
CHR Profile: C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-17]
CHR Extension: (Google Docs) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-17]
CHR Extension: (Google Drive) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-17]
CHR Extension: (YouTube) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-17]
CHR Extension: (Google Tabellen) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-17]
CHR Extension: (Google Docs Offline) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17]
CHR Extension: (Google Mail) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-17]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-04-15] (Advanced Micro Devices) [Datei ist nicht signiert]
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-01-08] ()
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2911464 2016-04-29] (Microsoft Corporation)
S2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-29] (Digital Wave Ltd.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [202288 2016-04-28] (Microsoft Corporation) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [296648 2016-04-15] (Advanced Micro Devices)
S2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [59624 2014-01-08] (Advanced Micro Devices)
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2016-04-15] (Advanced Micro Devices) [Datei ist nicht signiert]
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2014-10-31] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [305664 2014-10-31] (VIA Technologies, Inc.)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-11 12:47 - 2016-05-11 12:48 - 00012241 _____ C:\Users\Thomas\Downloads\FRST.txt
2016-05-11 12:47 - 2016-05-11 12:47 - 02381312 _____ (Farbar) C:\Users\Thomas\Downloads\FRST64.exe
2016-05-11 12:47 - 2016-05-11 12:47 - 00000000 ____D C:\FRST
2016-05-11 12:18 - 2016-05-11 12:45 - 00001536 _____ C:\Users\Thomas\Desktop\JRT.txt
2016-05-11 12:16 - 2016-05-11 12:44 - 00000000 ____D C:\AdwCleaner
2016-05-11 11:59 - 2016-05-11 11:59 - 01610816 _____ (Malwarebytes) C:\Users\Thomas\Downloads\JRT.exe
2016-05-11 11:58 - 2016-05-11 11:59 - 03640384 _____ C:\Users\Thomas\Downloads\AdwCleaner_5.116.exe
2016-05-11 11:53 - 2016-05-11 11:53 - 22851472 _____ (Malwarebytes ) C:\Users\Thomas\Downloads\mbam-setup-computerbild.8000-2.2.1.1043.exe
2016-05-11 11:03 - 2016-05-11 11:03 - 00000000 ____D C:\Program Files (x86)\ESET
2016-05-11 10:51 - 2016-05-11 10:51 - 00003544 ____N C:\bootsqm.dat
2016-05-10 23:37 - 2016-05-11 11:27 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-05-10 23:37 - 2016-05-11 11:02 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-10 23:37 - 2016-05-10 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-05-10 23:37 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-05-10 23:37 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-05-10 23:37 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-05-10 23:06 - 2016-05-11 12:16 - 00707550 _____ C:\Windows\ntbtlog.txt
2016-05-08 12:49 - 2016-05-08 12:49 - 00000000 ___HD C:\ProgramData\CanonIJETV
2016-05-08 12:49 - 2016-05-08 12:49 - 00000000 ____D C:\Program Files (x86)\Canon
2016-05-08 12:14 - 2016-05-08 12:14 - 00000000 ____H C:\Users\Thomas\Documents\Default.rdp
2016-05-07 13:23 - 2016-05-07 13:23 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\WinRAR
2016-05-07 12:51 - 2016-05-11 11:04 - 00000000 ___RD C:\Users\Thomas\Documents\Scanned Documents
2016-05-07 12:51 - 2016-05-07 12:51 - 00000000 ____D C:\Users\Thomas\Documents\Fax
2016-05-06 16:11 - 2016-05-07 11:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-01 15:50 - 2016-05-01 19:05 - 00000000 ____D C:\Users\Thomas\Desktop\Rea
2016-04-25 22:10 - 2016-04-25 22:10 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2016-04-25 22:09 - 2016-02-16 01:27 - 00125720 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-04-25 22:09 - 2016-02-16 01:26 - 00126232 _____ C:\Windows\system32\vulkan-1.dll
2016-04-25 22:09 - 2016-02-16 01:25 - 00045848 _____ C:\Windows\system32\vulkaninfo.exe
2016-04-25 22:09 - 2016-02-16 01:25 - 00042264 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-04-25 22:08 - 2016-04-25 22:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2016-04-25 22:08 - 2016-04-25 22:08 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-04-25 22:01 - 2016-04-25 22:01 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ViaHub3_01011.Wdf
2016-04-25 22:00 - 2016-04-25 22:00 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xhcdrv_01011.Wdf
2016-04-24 15:44 - 2016-04-25 21:38 - 00000944 _____ C:\Users\Thomas\Desktop\Start Tor Browser.lnk
2016-04-24 15:44 - 2016-04-24 15:44 - 00000833 _____ C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-04-24 12:18 - 2016-04-24 21:15 - 00000000 ____D C:\Program Files\WinRAR
2016-04-24 12:18 - 2016-04-24 15:44 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-24 12:18 - 2016-04-24 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-24 12:18 - 2016-04-24 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skiller PRO
2016-04-24 12:18 - 2016-04-24 12:18 - 00000000 ____D C:\Program Files (x86)\Skiller PRO
2016-04-23 23:32 - 2016-04-23 23:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPEEDLINK PRIME
2016-04-23 23:32 - 2016-04-23 23:32 - 00000000 ____D C:\Program Files (x86)\SPEEDLINK
2016-04-17 21:00 - 2016-04-17 21:00 - 00000000 ____D C:\Users\Thomas\Documents\Benutzerdefinierte Office-Vorlagen
2016-04-17 20:58 - 2016-04-17 20:58 - 00000000 ____D C:\Users\Thomas\AppData\LocalLow\Temp
2016-04-17 20:30 - 2016-04-17 20:31 - 00000000 ____D C:\Users\Thomas\Desktop\MS Office
2016-04-17 20:18 - 2016-04-17 20:18 - 00002180 _____ C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-04-17 20:18 - 2016-04-17 20:18 - 00002120 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-04-17 20:18 - 2016-04-17 20:18 - 00002120 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-04-17 20:18 - 2016-04-17 20:18 - 00000000 ___RD C:\Users\Thomas\OneDrive
2016-04-17 20:18 - 2016-04-17 20:18 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-04-17 20:18 - 2016-04-17 20:18 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-04-17 20:03 - 2016-04-17 20:03 - 00002509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-04-17 20:03 - 2016-04-17 20:03 - 00002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-04-17 20:03 - 2016-04-17 20:03 - 00002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-04-17 20:03 - 2016-04-17 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2016-04-17 19:59 - 2016-05-07 11:43 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-17 19:59 - 2016-04-17 19:59 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-04-17 19:56 - 2016-05-07 11:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-04-17 19:56 - 2016-04-17 19:56 - 00000000 ____D C:\Users\Thomas\Desktop\Chemsketch
2016-04-17 19:56 - 2016-04-17 19:56 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-04-17 19:51 - 2016-04-17 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACDLabs Freeware 2015
2016-04-17 19:50 - 2016-04-17 19:51 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Advanced Chemistry Development
2016-04-17 19:50 - 2016-04-17 19:51 - 00000000 ____D C:\ProgramData\Advanced Chemistry Development
2016-04-17 19:50 - 2016-04-17 19:51 - 00000000 ____D C:\ACD2015FREE
2016-04-17 15:04 - 2016-05-03 14:09 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-17 15:03 - 2016-05-11 11:46 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-17 15:03 - 2016-05-10 23:08 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-17 15:03 - 2016-04-17 15:41 - 00000000 ____D C:\Users\Thomas\AppData\Local\Google
2016-04-17 15:03 - 2016-04-17 15:04 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-17 15:03 - 2016-04-17 15:03 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-04-17 15:03 - 2016-04-17 15:03 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-04-17 14:59 - 2016-04-17 14:59 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\LolClient
2016-04-16 17:36 - 2016-05-05 14:17 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\DVDVideoSoft
2016-04-16 17:36 - 2016-04-16 17:36 - 00001398 _____ C:\Users\Public\Desktop\Free YouTube To MP3 Converter.lnk
2016-04-16 17:36 - 2016-04-16 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-04-16 17:36 - 2016-04-16 17:36 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2016-04-16 17:36 - 2016-04-16 17:36 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-04-15 23:15 - 2016-04-15 23:15 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2016-04-15 23:15 - 2016-04-15 23:15 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2016-04-15 23:15 - 2016-04-15 23:15 - 00110880 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2016-04-15 23:15 - 2016-04-15 23:15 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2016-04-15 23:15 - 2016-04-15 23:15 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2016-04-15 23:15 - 2016-04-15 23:15 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2016-04-15 23:15 - 2016-04-15 23:15 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2016-04-15 23:15 - 2016-04-15 23:15 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2016-04-15 23:14 - 2016-04-15 23:14 - 09526616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2016-04-15 23:14 - 2016-04-15 23:14 - 00120656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2016-04-15 23:13 - 2016-04-15 23:13 - 08844232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2016-04-15 23:11 - 2016-04-15 23:11 - 00296648 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2016-04-15 23:05 - 2016-04-15 23:05 - 26345472 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2016-04-15 22:57 - 2016-04-15 22:57 - 06956032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2016-04-15 22:54 - 2016-04-15 22:54 - 48212480 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2016-04-15 22:54 - 2016-04-15 22:54 - 00235008 _____ C:\Windows\system32\clinfo.exe
2016-04-15 22:53 - 2016-04-15 22:53 - 05420032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2016-04-15 22:52 - 2016-04-15 22:52 - 40126976 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2016-04-15 22:51 - 2016-04-15 22:51 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-04-15 22:51 - 2016-04-15 22:51 - 00059392 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-04-15 22:49 - 2016-04-15 22:49 - 26886656 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2016-04-15 22:49 - 2016-04-15 22:49 - 21730304 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2016-04-15 22:28 - 2016-04-15 22:28 - 00701440 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2016-04-15 22:28 - 2016-04-15 22:28 - 00580096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2016-04-15 22:27 - 2016-04-15 22:27 - 30380032 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2016-04-15 22:27 - 2016-04-15 22:27 - 06884864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2016-04-15 22:27 - 2016-04-15 22:27 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2016-04-15 22:27 - 2016-04-15 22:27 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2016-04-15 22:24 - 2016-04-15 22:24 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2016-04-15 22:24 - 2016-04-15 22:24 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2016-04-15 22:23 - 2016-04-15 22:23 - 05398016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2016-04-15 22:22 - 2016-04-15 22:22 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2016-04-15 22:22 - 2016-04-15 22:22 - 00096256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2016-04-15 22:21 - 2016-04-15 22:21 - 25070080 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2016-04-15 22:21 - 2016-04-15 22:21 - 00103424 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2016-04-15 22:20 - 2016-04-15 22:20 - 00097280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2016-04-15 22:20 - 2016-04-15 22:20 - 00089600 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2016-04-15 22:19 - 2016-04-15 22:19 - 15711744 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2016-04-15 22:19 - 2016-04-15 22:19 - 00698768 _____ C:\Windows\SysWOW64\atiapfxx.blb
2016-04-15 22:19 - 2016-04-15 22:19 - 00698768 _____ C:\Windows\system32\atiapfxx.blb
2016-04-15 22:19 - 2016-04-15 22:19 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2016-04-15 22:19 - 2016-04-15 22:19 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2016-04-15 22:19 - 2016-04-15 22:19 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2016-04-15 22:19 - 2016-04-15 22:19 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2016-04-15 22:19 - 2016-04-15 22:19 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2016-04-15 22:18 - 2016-04-15 22:18 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2016-04-15 22:17 - 2016-04-15 22:17 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2016-04-15 22:15 - 2016-04-15 22:15 - 00564736 _____ (AMD) C:\Windows\system32\atieclxx.exe
2016-04-15 22:15 - 2016-04-15 22:15 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2016-04-15 22:15 - 2016-04-15 22:15 - 00224256 _____ C:\Windows\system32\dgtrayicon.exe
2016-04-15 22:15 - 2016-04-15 22:15 - 00209920 _____ C:\Windows\system32\GameManager64.dll
2016-04-15 22:15 - 2016-04-15 22:15 - 00204800 _____ C:\Windows\system32\amdgfxinfo64.dll
2016-04-15 22:15 - 2016-04-15 22:15 - 00189952 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2016-04-15 22:15 - 2016-04-15 22:15 - 00162304 _____ C:\Windows\system32\atieah64.exe
2016-04-15 22:15 - 2016-04-15 22:15 - 00145408 _____ C:\Windows\SysWOW64\atieah32.exe
2016-04-15 22:15 - 2016-04-15 22:15 - 00078336 _____ (AMD) C:\Windows\system32\atimuixx.dll
2016-04-15 22:14 - 2016-04-15 22:14 - 00251392 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2016-04-15 22:14 - 2016-04-15 22:14 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2016-04-15 22:12 - 2016-04-15 22:12 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2016-04-15 22:12 - 2016-04-15 22:12 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00944640 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00944640 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00157696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00142336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00075776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2016-04-15 22:10 - 2016-04-15 22:10 - 00676864 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2016-04-15 22:10 - 2016-04-15 22:10 - 00195072 _____ C:\Windows\system32\hsa-thunk64.dll
2016-04-15 22:10 - 2016-04-15 22:10 - 00174592 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2016-04-15 18:28 - 2016-04-15 18:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-04-15 16:23 - 2016-04-15 16:23 - 02412544 _____ C:\Windows\system32\amdacpusl.pdb
2016-04-15 16:20 - 2016-04-15 16:20 - 00364544 _____ (Advanced Micro Devices) C:\Windows\system32\amdacpusl.dll
2016-04-15 16:20 - 2016-04-15 16:20 - 00306176 _____ C:\Windows\system32\amdacpusl.pdb.pub
2016-04-15 16:20 - 2016-04-15 16:20 - 00248832 _____ (Advanced Micro Devices) C:\Windows\SysWOW64\amdacpusl.dll
2016-04-12 21:16 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-12 21:16 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-12 21:16 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-12 21:16 - 2016-03-29 19:53 - 03216896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-12 21:16 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-12 21:16 - 2016-03-18 01:04 - 05551336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-12 21:16 - 2016-03-18 01:04 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-12 21:16 - 2016-03-18 01:04 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-12 21:16 - 2016-03-18 01:04 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-04-12 21:16 - 2016-03-18 01:01 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-12 21:16 - 2016-03-18 01:01 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-12 21:16 - 2016-03-18 00:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-04-12 21:16 - 2016-03-18 00:57 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-04-12 21:16 - 2016-03-18 00:57 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-04-12 21:16 - 2016-03-18 00:57 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-04-12 21:16 - 2016-03-18 00:57 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-04-12 21:16 - 2016-03-18 00:57 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-12 21:16 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-12 21:16 - 2016-03-18 00:56 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-04-12 21:16 - 2016-03-18 00:54 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-12 21:16 - 2016-03-18 00:54 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-12 21:16 - 2016-03-18 00:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-04-12 21:16 - 2016-03-18 00:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-04-12 21:16 - 2016-03-18 00:53 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-12 21:16 - 2016-03-18 00:53 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-12 21:16 - 2016-03-18 00:53 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-12 21:16 - 2016-03-18 00:53 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-04-12 21:16 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-04-12 21:16 - 2016-03-18 00:33 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-12 21:16 - 2016-03-18 00:31 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-04-12 21:16 - 2016-03-18 00:31 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-04-12 21:16 - 2016-03-18 00:31 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-12 21:16 - 2016-03-18 00:31 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-04-12 21:16 - 2016-03-18 00:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-04-12 21:16 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-04-12 21:16 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-04-12 21:16 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-04-12 21:16 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-04-12 21:16 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-04-12 21:16 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-04-12 21:16 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-12 21:16 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-04-12 21:16 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-04-12 21:16 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-04-12 21:16 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-04-12 21:16 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-04-12 21:16 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-12 21:16 - 2016-03-17 23:53 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-04-12 21:16 - 2016-03-17 23:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-04-12 21:16 - 2016-03-17 23:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-04-12 21:16 - 2016-03-17 23:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-04-12 21:16 - 2016-03-17 23:44 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-04-12 21:16 - 2016-03-17 23:43 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-04-12 21:16 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-04-12 21:16 - 2016-03-17 23:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-12 21:16 - 2016-03-17 23:37 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-12 21:16 - 2016-03-17 23:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-12 21:16 - 2016-03-17 23:35 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-04-12 21:16 - 2016-03-17 23:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-04-12 21:16 - 2016-03-17 23:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-04-12 21:16 - 2016-03-17 23:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-04-12 21:16 - 2016-03-17 23:30 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-04-12 21:16 - 2016-03-17 23:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-04-12 21:16 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-04-12 21:16 - 2016-03-17 23:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-12 21:16 - 2016-03-17 23:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-12 21:16 - 2016-03-17 23:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-12 21:16 - 2016-03-17 23:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-12 21:16 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-12 21:16 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-12 21:16 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-12 21:16 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-12 21:16 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-12 21:16 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-12 21:16 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-12 21:16 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-12 21:16 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-12 21:16 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-12 21:16 - 2016-03-11 20:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-04-12 21:16 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-04-12 21:16 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-12 21:16 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-12 21:16 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-12 21:16 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-04-12 21:16 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-04-12 21:16 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-04-12 21:16 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-04-12 21:16 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-04-12 21:16 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-04-12 21:16 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-11 12:09 - 2009-07-14 06:45 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-11 12:09 - 2009-07-14 06:45 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-11 11:51 - 2011-04-12 09:43 - 00699092 _____ C:\Windows\system32\perfh007.dat
2016-05-11 11:51 - 2011-04-12 09:43 - 00149232 _____ C:\Windows\system32\perfc007.dat
2016-05-11 11:51 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-11 11:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-11 11:46 - 2016-04-08 16:36 - 00000000 ____D C:\Users\Thomas\AppData\Local\Apps\2.0
2016-05-11 11:46 - 2016-04-06 21:40 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-11 11:46 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-11 11:45 - 2016-04-09 11:54 - 00000000 ____D C:\Users\Thomas\AppData\Local\Downloaded Installations
2016-05-11 11:42 - 2016-04-06 21:00 - 00000000 ____D C:\60123cffff02c322a6
2016-05-10 23:48 - 2016-04-06 21:53 - 00000000 ____D C:\Users\Thomas\AppData\Local\ElevatedDiagnostics
2016-05-10 23:27 - 2014-01-11 18:52 - 00000000 ____D C:\Users\Thomas\Desktop\#I so'n Shit
2016-05-10 23:26 - 2016-04-07 15:20 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-05-10 23:20 - 2016-04-10 00:44 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-10 23:14 - 2016-04-06 22:57 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Skype
2016-05-10 22:12 - 2016-04-06 20:55 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\TS3Client
2016-05-10 20:25 - 2016-04-07 16:27 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-10 20:24 - 2016-04-07 16:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-08 12:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-05-07 11:20 - 2016-04-06 20:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-06 11:46 - 2016-04-08 16:28 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-06 11:46 - 2016-04-08 16:28 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-05 14:19 - 2016-04-10 15:23 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-01 18:18 - 2016-04-06 21:29 - 00000000 ____D C:\Users\Thomas\AppData\Local\Spotify
2016-05-01 17:54 - 2016-04-06 21:28 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Spotify
2016-04-26 17:45 - 2016-04-06 20:55 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-04-25 22:11 - 2016-04-06 21:49 - 00004230 _____ C:\Windows\System32\Tasks\AMD Updater
2016-04-25 22:11 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-04-25 22:09 - 2016-04-06 21:42 - 00000000 ____D C:\Program Files\AMD
2016-04-25 22:09 - 2016-04-06 21:14 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-25 22:08 - 2016-04-06 21:43 - 00000000 ____D C:\Program Files (x86)\AMD
2016-04-25 22:04 - 2016-04-06 21:40 - 00000000 ____D C:\AMD
2016-04-24 12:18 - 2016-04-06 20:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-22 09:57 - 2010-11-21 05:27 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-18 19:08 - 2009-07-14 06:45 - 00424696 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-17 20:50 - 2016-04-06 21:22 - 00110176 _____ C:\Users\Thomas\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-17 20:18 - 2016-04-06 19:37 - 00000000 ____D C:\Users\Thomas
2016-04-17 17:03 - 2016-04-10 21:32 - 00000000 ____D C:\Program Files\Common Files\logishrd
2016-04-15 23:14 - 2016-04-04 06:16 - 00152568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2016-04-15 23:14 - 2016-04-04 06:16 - 00133528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2016-04-15 23:14 - 2016-04-04 06:15 - 11631488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2016-04-15 23:14 - 2016-04-04 06:15 - 09588416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2016-04-15 23:14 - 2016-04-04 06:15 - 08585696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2016-04-15 23:14 - 2016-04-04 06:15 - 07394016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2016-04-15 23:14 - 2016-04-04 06:15 - 01519920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2016-04-15 23:14 - 2016-04-04 06:15 - 01248000 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2016-04-15 23:14 - 2016-04-04 06:15 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2016-04-15 22:24 - 2016-04-04 04:25 - 00865280 _____ (AMD) C:\Windows\system32\coinst_16.15.dll
2016-04-15 22:15 - 2016-04-04 03:57 - 00186368 _____ C:\Windows\SysWOW64\GameManager32.dll
2016-04-15 22:11 - 2016-04-04 03:33 - 01276416 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2016-04-13 19:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-04-11 07:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-04-06 21:12 - 2016-04-06 21:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Thomas\AppData\Local\Temp\libeay32.dll
C:\Users\Thomas\AppData\Local\Temp\msvcr120.dll
C:\Users\Thomas\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-05-08 17:08
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-05-2016
durchgeführt von Thomas (2016-05-11 12:48:16)
Gestartet von C:\Users\Thomas\Downloads
Windows 7 Professional Service Pack 1 (X64) (2016-04-06 17:37:00)
Start-Modus: Safe Mode (with Networking)
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-758422454-1604163277-2610386603-500 - Administrator - Disabled)
Gast (S-1-5-21-758422454-1604163277-2610386603-501 - Limited - Disabled)
Thomas (S-1-5-21-758422454-1604163277-2610386603-1000 - Administrator - Enabled) => C:\Users\Thomas
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ACD/Labs Freeware in C:\ACD2015FREE\ (HKLM-x32\...\ACDLabs in C__ACD2015FREE_) (Version: v14.00, FREE - ACD/Labs)
ACP Application (Version: 2016.0415.1620.42 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{34D5220A-58D0-473C-90E4-15136C3FB0E3}) (Version: 4.3.1.0690 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
f.lux (HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Flux) (Version: - )
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.6.328 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.6868.2060 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Mozilla Thunderbird 45.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.0 (x86 de)) (Version: 45.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6828.1015 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6828.1015 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6828.1015 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Skiller PRO (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 2.1.15.6 - Sharkoon Technologies)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
SPEEDLINK PRIME Gaming Mouse (HKLM-x32\...\SPEEDLINK KUDOS) (Version: - )
Spotify (HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Spotify) (Version: 1.0.26.132.ga4e3ccee - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-758422454-1604163277-2610386603-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-758422454-1604163277-2610386603-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1814CA9E-7654-4C59-A165-834EAFF679D5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-04-29] (Microsoft Corporation)
Task: {27A11073-67A1-4E9E-8D6E-45BDC9C1B526} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-04-24] (Microsoft Corporation)
Task: {27D6393D-4FA7-49C0-BE3D-07B63F1744C5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {29C10ED2-A5DB-47E4-90CB-64F2328E12F5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-10] (Adobe Systems Incorporated)
Task: {2B3D71FA-7E23-4D26-825C-F593771E4CD8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {6278FE4B-B427-4684-98CD-0860249EFF41} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-04-29] (Microsoft Corporation)
Task: {8BD2EB0E-CC15-4B5E-96EE-86402FE4DE2E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-04-29] (Microsoft Corporation)
Task: {9304EBB5-82CD-4F09-B853-E07F96DD2FAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17] (Google Inc.)
Task: {B03D6180-4DBB-4D79-800E-2FA7B7550D83} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-04-29] (Microsoft Corporation)
Task: {D122ABCC-35C0-4196-9705-4C9E5608F49A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-04-29] (Microsoft Corporation)
Task: {DAF3A632-9FB4-418A-9FFA-AE2B117D2E43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17] (Google Inc.)
Task: {E81E985F-3881-447F-B0A0-40F0625F0B5B} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-04-15] (Advanced Micro Devices, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{1BCAC893-CFF5-4B9B-B850-44B7676B9E6C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7111D390-46B3-475F-80D1-301F5CDBB677}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A4AB2E0E-53C0-4177-9A3E-20002042C1D7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C4571AB8-9671-4363-B564-69DB43825264}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2FAD3544-A9CF-429F-BBC3-0A9ABF814914}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{36A774A3-45F8-474F-A081-87A5A9C1E404}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8EC2A934-959C-4D2A-BC87-C8720EA64DE9}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5AACE038-93F5-4799-9AE6-F166A1ADCEC0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D17EAD2D-00F5-4473-9873-7CBF0C0914D2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E76E4D58-B87C-4CED-9F5B-711B2906D389}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AC3BC60B-C4A3-4230-BDA5-4AD011A42F8C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{93B56332-F08C-4B6B-93F4-A3F34F9C5A36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{200E9D49-D84B-4235-A117-7685E9F00AD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6867D683-685D-4382-9E43-7C6CDDB4BE9D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{25B354C7-1BA0-4185-B445-EC8D1A210A17}C:\users\thomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E44951C8-D687-4754-8D0B-8AB1B23EF7F4}C:\users\thomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9C60BA12-94B0-4E54-BF18-5AB6F5E4C1F3}] => (Block) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{39537144-DD55-4166-9463-33EF7C683842}] => (Block) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9EDC795F-272A-4EB3-AD00-1A91DCDE93CA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{BBA74933-FA30-4DA3-B21A-25D571817B41}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{B012F289-0C94-4CA8-AB32-1DA7A4B769E8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{0E1C8AF4-9E36-458A-9836-A67DE07796CD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{A5D40BF6-B394-4075-92B5-40FAC0B071F9}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{D4E6A0F9-6BA8-46E9-81CE-15A620FC7729}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{3056E7AE-0BC8-4731-9E16-9E4EAEDC3026}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{704ADC8C-BBA6-4E33-91D1-C5BF2058EAE0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{7E0479A9-88A2-4214-9B71-542190D6AFCA}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{7AFF1394-3682-4074-A63B-78CB06000157}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{006E7432-7673-4D85-9C07-6A4C56E8CFB0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{04A0DEE9-698B-445C-951D-BD6AA2D243AA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
==================== Wiederherstellungspunkte =========================
06-05-2016 11:46:34 Windows Update
06-05-2016 18:25:46 Windows Update
07-05-2016 02:00:30 Windows Update
07-05-2016 11:24:18 Windows Update
07-05-2016 14:36:19 Windows Update
08-05-2016 01:52:15 Windows Update
08-05-2016 11:55:58 Windows Update
08-05-2016 17:10:43 Windows Update
09-05-2016 00:19:15 Windows Update
09-05-2016 17:37:19 Windows Update
09-05-2016 18:33:28 Windows Update
10-05-2016 00:59:20 Windows Update
10-05-2016 14:13:09 Windows Update
10-05-2016 22:12:04 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/11/2016 12:44:59 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\Thomas\AppData\Local\Temp\jrt\CreateRestorePoint.exe "JRT Pre-Junkware Removal"; Beschreibung = JRT Pre-Junkware Removal; Fehler = 0x8007043c).
Error: (05/11/2016 12:23:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RadeonSettings.exe, Version: 10.1.1.1622, Zeitstempel: 0x5711503b
Name des fehlerhaften Moduls: MSVCR120.dll, Version: 12.0.21005.1, Zeitstempel: 0x524f83ff
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000000000074a46
ID des fehlerhaften Prozesses: 0x70c
Startzeit der fehlerhaften Anwendung: 0xRadeonSettings.exe0
Pfad der fehlerhaften Anwendung: RadeonSettings.exe1
Pfad des fehlerhaften Moduls: RadeonSettings.exe2
Berichtskennung: RadeonSettings.exe3
Error: (05/11/2016 12:18:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/11/2016 12:17:04 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\Thomas\AppData\Local\Temp\jrt\CreateRestorePoint.exe "JRT Pre-Junkware Removal"; Beschreibung = JRT Pre-Junkware Removal; Fehler = 0x8007043c).
Error: (05/11/2016 11:48:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/11/2016 11:40:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/11/2016 11:36:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/11/2016 11:03:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/11/2016 11:03:21 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (05/11/2016 11:03:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Systemfehler:
=============
Error: (05/11/2016 12:47:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/11/2016 12:47:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/11/2016 12:47:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/11/2016 12:47:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/11/2016 12:47:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/11/2016 12:47:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/11/2016 12:44:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/11/2016 12:44:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/11/2016 12:44:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/11/2016 12:44:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
==================== Speicherinformationen ===========================
Prozessor: AMD FX-8320E Eight-Core Processor
Prozentuale Nutzung des RAM: 10%
Installierter physikalischer RAM: 16350.65 MB
Verfügbarer physikalischer RAM: 14670.25 MB
Summe virtueller Speicher: 32699.48 MB
Verfügbarer virtueller Speicher: 31094.45 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:465.76 GB) (Free:342.01 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 85DD657B)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
28.05.2016, 10:55
| #2 |
| | PC führt Programme zT wahllos aus/nicht ausCode:
ATTFilter 10:55:22.0848 0x1a6c TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
10:55:36.0841 0x1a6c ============================================================
10:55:36.0841 0x1a6c Current date / time: 2016/05/27 10:55:36.0841
10:55:36.0841 0x1a6c SystemInfo:
10:55:36.0841 0x1a6c
10:55:36.0841 0x1a6c OS Version: 6.1.7601 ServicePack: 1.0
10:55:36.0841 0x1a6c Product type: Workstation
10:55:36.0841 0x1a6c ComputerName: THOMAS-PC
10:55:36.0841 0x1a6c UserName: Thomas
10:55:36.0841 0x1a6c Windows directory: C:\Windows
10:55:36.0841 0x1a6c System windows directory: C:\Windows
10:55:36.0841 0x1a6c Running under WOW64
10:55:36.0841 0x1a6c Processor architecture: Intel x64
10:55:36.0841 0x1a6c Number of processors: 8
10:55:36.0841 0x1a6c Page size: 0x1000
10:55:36.0841 0x1a6c Boot type: Normal boot
10:55:36.0841 0x1a6c ============================================================
10:55:36.0950 0x1a6c KLMD registered as C:\Windows\system32\drivers\86345052.sys
10:55:37.0558 0x1a6c System UUID: {71019C58-4816-56F5-548D-3AC9F487C3AC}
10:55:37.0964 0x1a6c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:55:37.0979 0x1a6c ============================================================
10:55:37.0979 0x1a6c \Device\Harddisk0\DR0:
10:55:37.0979 0x1a6c MBR partitions:
10:55:37.0979 0x1a6c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
10:55:37.0979 0x1a6c ============================================================
10:55:37.0979 0x1a6c C: <-> \Device\Harddisk0\DR0\Partition1
10:55:37.0979 0x1a6c ============================================================
10:55:37.0979 0x1a6c Initialize success
10:55:37.0979 0x1a6c ============================================================
10:56:11.0235 0x134c ============================================================
10:56:11.0235 0x134c Scan started
10:56:11.0235 0x134c Mode: Manual; SigCheck; TDLFS;
10:56:11.0235 0x134c ============================================================
10:56:11.0235 0x134c KSN ping started
10:56:13.0553 0x134c KSN ping finished: true
10:56:13.0764 0x134c ================ Scan system memory ========================
10:56:13.0764 0x134c System memory - ok
10:56:13.0765 0x134c ================ Scan services =============================
10:56:13.0798 0x134c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:56:13.0843 0x134c 1394ohci - ok
10:56:13.0856 0x134c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:56:13.0871 0x134c ACPI - ok
10:56:13.0874 0x134c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:56:13.0889 0x134c AcpiPmi - ok
10:56:13.0894 0x134c [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:56:13.0904 0x134c AdobeARMservice - ok
10:56:13.0929 0x134c [ 6A050671F2C76FB48131F12786802807, 71B37A9CEAE5AB1B069FB010BC547E14445461885B74FA879E63F9F2DAF644A5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:56:13.0947 0x134c AdobeFlashPlayerUpdateSvc - ok
10:56:13.0961 0x134c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:56:13.0983 0x134c adp94xx - ok
10:56:13.0994 0x134c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:56:14.0012 0x134c adpahci - ok
10:56:14.0019 0x134c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:56:14.0033 0x134c adpu320 - ok
10:56:14.0038 0x134c [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:56:14.0054 0x134c AeLookupSvc - ok
10:56:14.0066 0x134c [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
10:56:14.0089 0x134c AFD - ok
10:56:14.0093 0x134c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
10:56:14.0103 0x134c agp440 - ok
10:56:14.0107 0x134c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
10:56:14.0122 0x134c ALG - ok
10:56:14.0125 0x134c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
10:56:14.0134 0x134c aliide - ok
10:56:14.0144 0x134c [ B31F6F6CBE002161AD2EA27733D4D1A4, 4765B4E7F893724B1EE57D2555881D7498DB22940BB99586CA025269C437B1F1 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:56:14.0170 0x134c AMD External Events Utility - ok
10:56:14.0173 0x134c AMD FUEL Service - ok
10:56:14.0182 0x134c [ BFFC39EA0FD433AA21BBDA36E111ABCA, 05EBBFB3B66BF868538D9C00157051671C26265BD4A738BC54707B0E913AAD51 ] amdacpksd C:\Windows\system32\drivers\amdacpksd.sys
10:56:14.0195 0x134c amdacpksd - ok
10:56:14.0201 0x134c [ 3785941746AC5AC844832CB965DEBF9D, 136DED7611C85FA192B1FC57F98C018F657D502DFC431A61C4C2360BB15D84F9 ] amdacpusrsvc C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
10:56:14.0207 0x134c amdacpusrsvc - detected UnsignedFile.Multi.Generic ( 1 )
10:56:16.0634 0x134c amdacpusrsvc ( UnsignedFile.Multi.Generic ) - warning
10:56:18.0993 0x134c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
10:56:19.0014 0x134c amdide - ok
10:56:19.0022 0x134c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:56:19.0033 0x134c AmdK8 - ok
10:56:19.0035 0x134c amdkmdag - ok
10:56:19.0047 0x134c [ F6A33C17A38EC7555161599458E5A59A, 0FD503F3CD91B47802A4773714C3E07632004D27FE1BC44185E1217775F0FB49 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
10:56:19.0067 0x134c amdkmdap - ok
10:56:19.0072 0x134c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:56:19.0083 0x134c AmdPPM - ok
10:56:19.0088 0x134c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:56:19.0099 0x134c amdsata - ok
10:56:19.0106 0x134c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
10:56:19.0118 0x134c amdsbs - ok
10:56:19.0121 0x134c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:56:19.0130 0x134c amdxata - ok
10:56:19.0134 0x134c [ EBECBA1E37CE98BA2BD64A22A788DAC5, 247C474DAF9FFFF7FB46EB6185088B94B886A7685F98CABE1983EFEAEE1A8338 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
10:56:19.0144 0x134c amd_sata - ok
10:56:19.0147 0x134c [ 7F1B42E70FAE147B14B28B83E003F039, 093C2B57AFDC93E667A3AB1F74442DBA42B0DE2132388E73BDC3D09FDBB1B3D0 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
10:56:19.0155 0x134c amd_xata - ok
10:56:19.0158 0x134c [ F2154A205F4B784B61A72AEBC72BDC5F, A1D962BCF952FAD8016D9210327E7C1044BF4D3D035C7443F8671DDA16E0A390 ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
10:56:19.0167 0x134c AODDriver4.2 - ok
10:56:19.0171 0x134c [ 1FDE3302A17928B999E6BBA6D346F7DB, 186029C1C62842F1FE21AAD445134A3DEDB978D2E27169D5016C3149FCC42E5C ] AODDriver4.3.0 C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys
10:56:19.0179 0x134c AODDriver4.3.0 - ok
10:56:19.0184 0x134c [ 24D5D2C9F24B9B7AF63182F5A444C3F9, 02D781C0FFADD355851D37B5401EFD8798F113BB5BC17A994AC5CF548360C3D2 ] AODService C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
10:56:19.0194 0x134c AODService - ok
10:56:19.0199 0x134c [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
10:56:19.0213 0x134c AppHostSvc - ok
10:56:19.0217 0x134c [ 6474F8823C7188D2DA579F01FB6CED6B, 81D4E9D026CA60FB8840D520D151B8C2F4745A75DF90A4D6C80641F1A23AB605 ] AppID C:\Windows\system32\drivers\appid.sys
10:56:19.0231 0x134c AppID - ok
10:56:19.0235 0x134c [ 8F58BA1F7772D6D7CE45F03309608001, CDB109E0DD241042C058F7D81A1BDEBC34435CB2DC4A7A7A3692193DD5806097 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:56:19.0245 0x134c AppIDSvc - ok
10:56:19.0249 0x134c [ B62867835B41BCD839D9896AB4D7DF09, 98036D0202DB6171E90485898175833AC44873A85E6453EBE928E433B364CE07 ] Appinfo C:\Windows\System32\appinfo.dll
10:56:19.0263 0x134c Appinfo - ok
10:56:19.0269 0x134c [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:56:19.0280 0x134c Apple Mobile Device Service - ok
10:56:19.0286 0x134c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
10:56:19.0303 0x134c AppMgmt - ok
10:56:19.0308 0x134c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
10:56:19.0318 0x134c arc - ok
10:56:19.0323 0x134c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:56:19.0333 0x134c arcsas - ok
10:56:19.0345 0x134c [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:56:19.0356 0x134c aspnet_state - ok
10:56:19.0359 0x134c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:56:19.0389 0x134c AsyncMac - ok
10:56:19.0393 0x134c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
10:56:19.0402 0x134c atapi - ok
10:56:19.0407 0x134c [ D67188D9964E08CF344AF8390BA22E75, C4A1DD5AD5D691FAA74764105C701717F41682320ED65584FF4C84B995AAB283 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
10:56:19.0420 0x134c AtiHDAudioService - ok
10:56:19.0436 0x134c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:56:19.0463 0x134c AudioEndpointBuilder - ok
10:56:19.0479 0x134c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:56:19.0503 0x134c AudioSrv - ok
10:56:19.0509 0x134c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:56:19.0527 0x134c AxInstSV - ok
10:56:19.0539 0x134c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
10:56:19.0560 0x134c b06bdrv - ok
10:56:19.0569 0x134c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:56:19.0584 0x134c b57nd60a - ok
10:56:19.0590 0x134c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
10:56:19.0605 0x134c BDESVC - ok
10:56:19.0608 0x134c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
10:56:19.0634 0x134c Beep - ok
10:56:19.0651 0x134c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
10:56:19.0679 0x134c BFE - ok
10:56:19.0699 0x134c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
10:56:19.0747 0x134c BITS - ok
10:56:19.0751 0x134c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:56:19.0762 0x134c blbdrive - ok
10:56:19.0773 0x134c [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:56:19.0790 0x134c Bonjour Service - ok
10:56:19.0795 0x134c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:56:19.0809 0x134c bowser - ok
10:56:19.0813 0x134c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
10:56:19.0825 0x134c BrFiltLo - ok
10:56:19.0828 0x134c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
10:56:19.0839 0x134c BrFiltUp - ok
10:56:19.0845 0x134c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
10:56:19.0861 0x134c Browser - ok
10:56:19.0869 0x134c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:56:19.0888 0x134c Brserid - ok
10:56:19.0892 0x134c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:56:19.0905 0x134c BrSerWdm - ok
10:56:19.0908 0x134c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:56:19.0920 0x134c BrUsbMdm - ok
10:56:19.0923 0x134c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:56:19.0933 0x134c BrUsbSer - ok
10:56:19.0937 0x134c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:56:19.0950 0x134c BTHMODEM - ok
10:56:19.0956 0x134c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
10:56:19.0984 0x134c bthserv - ok
10:56:19.0988 0x134c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:56:20.0015 0x134c cdfs - ok
10:56:20.0020 0x134c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
10:56:20.0033 0x134c cdrom - ok
10:56:20.0038 0x134c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
10:56:20.0064 0x134c CertPropSvc - ok
10:56:20.0068 0x134c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
10:56:20.0081 0x134c circlass - ok
10:56:20.0090 0x134c [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
10:56:20.0107 0x134c CLFS - ok
10:56:20.0172 0x134c [ 9A62177931525A679F7ECB295442D89F, F2946F677F0602AE89E90BB62718B6AD0A4B430DE22801A0D2A358146D698D54 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
10:56:20.0176 0x18d0 Object required for P2P: [ 6A050671F2C76FB48131F12786802807 ] AdobeFlashPlayerUpdateSvc
10:56:20.0243 0x134c ClickToRunSvc - ok
10:56:20.0253 0x134c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:56:20.0264 0x134c clr_optimization_v2.0.50727_32 - ok
10:56:20.0270 0x134c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:56:20.0280 0x134c clr_optimization_v2.0.50727_64 - ok
10:56:20.0289 0x134c [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:56:20.0302 0x134c clr_optimization_v4.0.30319_32 - ok
10:56:20.0307 0x134c [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:56:20.0319 0x134c clr_optimization_v4.0.30319_64 - ok
10:56:20.0323 0x134c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
10:56:20.0333 0x134c CmBatt - ok
10:56:20.0336 0x134c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:56:20.0345 0x134c cmdide - ok
10:56:20.0357 0x134c [ CA3FB5A6B626D8A00A89E049CF95954E, CD5E3E40972513195108BA46CEC1D0AEA6B09A67EEBDD17EB759BD1729B07C06 ] CNG C:\Windows\system32\Drivers\cng.sys
10:56:20.0380 0x134c CNG - ok
10:56:20.0384 0x134c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
10:56:20.0393 0x134c Compbatt - ok
10:56:20.0396 0x134c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
10:56:20.0409 0x134c CompositeBus - ok
10:56:20.0411 0x134c COMSysApp - ok
10:56:20.0415 0x134c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:56:20.0424 0x134c crcdisk - ok
10:56:20.0432 0x134c [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:56:20.0448 0x134c CryptSvc - ok
10:56:20.0461 0x134c [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
10:56:20.0485 0x134c CSC - ok
10:56:20.0509 0x134c [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
10:56:20.0533 0x134c CscService - ok
10:56:20.0548 0x134c [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
10:56:20.0572 0x134c DcomLaunch - ok
10:56:20.0581 0x134c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
10:56:20.0614 0x134c defragsvc - ok
10:56:20.0619 0x134c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:56:20.0646 0x134c DfsC - ok
10:56:20.0656 0x134c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:56:20.0676 0x134c Dhcp - ok
10:56:20.0708 0x134c [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
10:56:20.0752 0x134c DiagTrack - ok
10:56:20.0766 0x134c [ BB5C615C2F0D6F392B3C93B988969E02, 13F30E2BEE863823FB85A57C407060B2677D1EF95908D49D97FD0551D29E1969 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
10:56:20.0781 0x134c DigitalWave.Update.Service - ok
10:56:20.0785 0x134c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
10:56:20.0813 0x134c discache - ok
10:56:20.0818 0x134c [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
10:56:20.0828 0x134c Disk - ok
10:56:20.0833 0x134c [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
10:56:20.0848 0x134c dmvsc - ok
10:56:20.0855 0x134c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:56:20.0871 0x134c Dnscache - ok
10:56:20.0879 0x134c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
10:56:20.0911 0x134c dot3svc - ok
10:56:20.0918 0x134c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
10:56:20.0947 0x134c DPS - ok
10:56:20.0950 0x134c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:56:20.0962 0x134c drmkaud - ok
10:56:20.0983 0x134c [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:56:21.0012 0x134c DXGKrnl - ok
10:56:21.0019 0x134c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
10:56:21.0048 0x134c EapHost - ok
10:56:21.0113 0x134c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
10:56:21.0190 0x134c ebdrv - ok
10:56:21.0199 0x134c [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] EFS C:\Windows\System32\lsass.exe
10:56:21.0213 0x134c EFS - ok
10:56:21.0229 0x134c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:56:21.0256 0x134c ehRecvr - ok
10:56:21.0262 0x134c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
10:56:21.0274 0x134c ehSched - ok
10:56:21.0287 0x134c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:56:21.0306 0x134c elxstor - ok
10:56:21.0310 0x134c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:56:21.0320 0x134c ErrDev - ok
10:56:21.0333 0x134c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
10:56:21.0368 0x134c EventSystem - ok
10:56:21.0375 0x134c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
10:56:21.0404 0x134c exfat - ok
10:56:21.0411 0x134c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:56:21.0441 0x134c fastfat - ok
10:56:21.0457 0x134c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
10:56:21.0484 0x134c Fax - ok
10:56:21.0488 0x134c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
10:56:21.0499 0x134c fdc - ok
10:56:21.0502 0x134c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
10:56:21.0529 0x134c fdPHost - ok
10:56:21.0532 0x134c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
10:56:21.0559 0x134c FDResPub - ok
10:56:21.0563 0x134c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:56:21.0573 0x134c FileInfo - ok
10:56:21.0577 0x134c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:56:21.0604 0x134c Filetrace - ok
10:56:21.0607 0x134c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
10:56:21.0618 0x134c flpydisk - ok
10:56:21.0626 0x134c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:56:21.0641 0x134c FltMgr - ok
10:56:21.0667 0x134c [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
10:56:21.0704 0x134c FontCache - ok
10:56:21.0709 0x134c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:56:21.0719 0x134c FontCache3.0.0.0 - ok
10:56:21.0723 0x134c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:56:21.0734 0x134c FsDepends - ok
10:56:21.0738 0x134c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:56:21.0748 0x134c Fs_Rec - ok
10:56:21.0755 0x134c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:56:21.0771 0x134c fvevol - ok
10:56:21.0775 0x134c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:56:21.0785 0x134c gagp30kx - ok
10:56:21.0787 0x134c gdrv - ok
10:56:21.0805 0x134c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
10:56:21.0847 0x134c gpsvc - ok
10:56:21.0854 0x134c [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:56:21.0866 0x134c gupdate - ok
10:56:21.0871 0x134c [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:56:21.0882 0x134c gupdatem - ok
10:56:21.0885 0x134c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:56:21.0898 0x134c hcw85cir - ok
10:56:21.0908 0x134c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:56:21.0927 0x134c HdAudAddService - ok
10:56:21.0932 0x134c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:56:21.0947 0x134c HDAudBus - ok
10:56:21.0950 0x134c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
10:56:21.0961 0x134c HidBatt - ok
10:56:21.0966 0x134c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:56:21.0979 0x134c HidBth - ok
10:56:21.0983 0x134c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
10:56:21.0995 0x134c HidIr - ok
10:56:21.0999 0x134c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
10:56:22.0027 0x134c hidserv - ok
10:56:22.0031 0x134c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:56:22.0043 0x134c HidUsb - ok
10:56:22.0048 0x134c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:56:22.0076 0x134c hkmsvc - ok
10:56:22.0084 0x134c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:56:22.0102 0x134c HomeGroupListener - ok
10:56:22.0108 0x134c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:56:22.0123 0x134c HomeGroupProvider - ok
10:56:22.0127 0x134c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:56:22.0138 0x134c HpSAMD - ok
10:56:22.0156 0x134c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:56:22.0185 0x134c HTTP - ok
10:56:22.0189 0x134c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:56:22.0198 0x134c hwpolicy - ok
10:56:22.0203 0x134c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:56:22.0216 0x134c i8042prt - ok
10:56:22.0227 0x134c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:56:22.0244 0x134c iaStorV - ok
10:56:22.0263 0x134c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:56:22.0290 0x134c idsvc - ok
10:56:22.0294 0x134c IEEtwCollectorService - ok
10:56:22.0299 0x134c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:56:22.0308 0x134c iirsp - ok
10:56:22.0327 0x134c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
10:56:22.0355 0x134c IKEEXT - ok
10:56:22.0361 0x134c IntcAzAudAddService - ok
10:56:22.0364 0x134c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
10:56:22.0373 0x134c intelide - ok
10:56:22.0377 0x134c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
10:56:22.0388 0x134c intelppm - ok
10:56:22.0392 0x134c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:56:22.0421 0x134c IPBusEnum - ok
10:56:22.0426 0x134c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:56:22.0454 0x134c IpFilterDriver - ok
10:56:22.0467 0x134c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:56:22.0492 0x134c iphlpsvc - ok
10:56:22.0497 0x134c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:56:22.0508 0x134c IPMIDRV - ok
10:56:22.0513 0x134c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:56:22.0541 0x134c IPNAT - ok
10:56:22.0555 0x134c [ F4B68F7C1666A2A6CD1D37A08F1D6DF1, 63A3D85B07D10E6B3F4E84FDD6EA6C00F2756E1C9B3E57C11A2FFCD815E99946 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:56:22.0577 0x134c iPod Service - ok
10:56:22.0581 0x134c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:56:22.0594 0x134c IRENUM - ok
10:56:22.0597 0x134c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:56:22.0597 0x18d0 Object send P2P result: true
10:56:22.0606 0x134c isapnp - ok
10:56:22.0614 0x134c [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:56:22.0628 0x134c iScsiPrt - ok
10:56:22.0632 0x134c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:56:22.0642 0x134c kbdclass - ok
10:56:22.0645 0x134c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:56:22.0655 0x134c kbdhid - ok
10:56:22.0658 0x134c [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] KeyIso C:\Windows\system32\lsass.exe
10:56:22.0667 0x134c KeyIso - ok
10:56:22.0672 0x134c [ 033D1EA0A55D92B4C0F7EDB7DF8F0E5A, 31E48564C7F3AD6BB71C0E366D25D4FD55A60B48CD2B28FCB8A7A834ED7568E6 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:56:22.0682 0x134c KSecDD - ok
10:56:22.0688 0x134c [ 1FA53C950F443B25A79C731EF8362E7D, 00A5D62BF1F953848B3019A3771CB240915E34D536A43EA5B35F312D6F67EDC4 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:56:22.0700 0x134c KSecPkg - ok
10:56:22.0704 0x134c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:56:22.0732 0x134c ksthunk - ok
10:56:22.0742 0x134c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
10:56:22.0778 0x134c KtmRm - ok
10:56:22.0787 0x134c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:56:22.0824 0x134c LanmanServer - ok
10:56:22.0830 0x134c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:56:22.0859 0x134c LanmanWorkstation - ok
10:56:22.0865 0x134c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:56:22.0896 0x134c lltdio - ok
10:56:22.0905 0x134c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:56:22.0939 0x134c lltdsvc - ok
10:56:22.0943 0x134c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:56:22.0971 0x134c lmhosts - ok
10:56:22.0978 0x134c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:56:22.0989 0x134c LSI_FC - ok
10:56:22.0994 0x134c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:56:23.0005 0x134c LSI_SAS - ok
10:56:23.0009 0x134c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
10:56:23.0020 0x134c LSI_SAS2 - ok
10:56:23.0025 0x134c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:56:23.0037 0x134c LSI_SCSI - ok
10:56:23.0042 0x134c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
10:56:23.0072 0x134c luafv - ok
10:56:23.0083 0x134c [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
10:56:23.0098 0x134c LVRS64 - ok
10:56:23.0197 0x134c [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
10:56:23.0311 0x134c LVUVC64 - ok
10:56:23.0323 0x134c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:56:23.0336 0x134c Mcx2Svc - ok
10:56:23.0340 0x134c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
10:56:23.0351 0x134c megasas - ok
10:56:23.0359 0x134c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
10:56:23.0375 0x134c MegaSR - ok
10:56:23.0379 0x134c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
10:56:23.0409 0x134c MMCSS - ok
10:56:23.0413 0x134c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
10:56:23.0442 0x134c Modem - ok
10:56:23.0446 0x134c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:56:23.0460 0x134c monitor - ok
10:56:23.0464 0x134c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:56:23.0474 0x134c mouclass - ok
10:56:23.0478 0x134c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:56:23.0489 0x134c mouhid - ok
10:56:23.0494 0x134c [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:56:23.0505 0x134c mountmgr - ok
10:56:23.0510 0x134c [ FC9A9C09B35A93F76A03D5E355FA862C, B7ED57B9D39D547BA2927FC5F02C2475BF131FDB8AD40FFDE72C966506756B56 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:56:23.0522 0x134c MozillaMaintenance - ok
10:56:23.0531 0x134c [ DA0FAEE45D6F03D7647851A20977A7D0, AFB1EA053CD4BCA903868896D020205D4C207C85314E6C56C4663922A3F9BD6A ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
10:56:23.0549 0x134c MpFilter - ok
10:56:23.0555 0x134c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:56:23.0567 0x134c mpio - ok
10:56:23.0571 0x134c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:56:23.0600 0x134c mpsdrv - ok
10:56:23.0619 0x134c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:56:23.0664 0x134c MpsSvc - ok
10:56:23.0671 0x134c [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:56:23.0687 0x134c MRxDAV - ok
10:56:23.0694 0x134c [ A3A4D13D413D4F39BE3AD4C59ECACDED, 0C4AF0A66E68233D76B958A9D99C09BFCADFB0347855FB6EA5CE3F4356542B83 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:56:23.0710 0x134c mrxsmb - ok
10:56:23.0719 0x134c [ 62C90A2C681A85B33E365D259B74EAC5, 510E5FD19AF98D9B56666F9AE3DAC89399677D51C48A3602A4C125EE12203621 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:56:23.0735 0x134c mrxsmb10 - ok
10:56:23.0740 0x134c [ 3751A25C842BDE4B7AF895F70A3EE3A2, 8C3DA4C03B88A0D860DBA907B115C2AE99D7F168DA7BB36A8D3C9F1D19678A8C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:56:23.0753 0x134c mrxsmb20 - ok
10:56:23.0756 0x134c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
10:56:23.0766 0x134c msahci - ok
10:56:23.0772 0x134c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:56:23.0784 0x134c msdsm - ok
10:56:23.0789 0x134c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
10:56:23.0804 0x134c MSDTC - ok
10:56:23.0810 0x134c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:56:23.0839 0x134c Msfs - ok
10:56:23.0842 0x134c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:56:23.0870 0x134c mshidkmdf - ok
10:56:23.0873 0x134c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:56:23.0882 0x134c msisadrv - ok
10:56:23.0888 0x134c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:56:23.0920 0x134c MSiSCSI - ok
10:56:23.0923 0x134c msiserver - ok
10:56:23.0926 0x134c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:56:23.0954 0x134c MSKSSRV - ok
10:56:23.0957 0x134c [ C66FE30BBA4604A06EE9E4180ABE4BD9, 43E60C15C05FF19082142BB9D1F29D1B3269AD4A7FB32AF109AE63FE5A6AA0A9 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:56:23.0968 0x134c MsMpSvc - ok
10:56:23.0971 0x134c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:56:23.0999 0x134c MSPCLOCK - ok
10:56:24.0002 0x134c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:56:24.0031 0x134c MSPQM - ok
10:56:24.0042 0x134c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:56:24.0058 0x134c MsRPC - ok
10:56:24.0064 0x134c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:56:24.0074 0x134c mssmbios - ok
10:56:24.0077 0x134c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:56:24.0104 0x134c MSTEE - ok
10:56:24.0107 0x134c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
10:56:24.0117 0x134c MTConfig - ok
10:56:24.0121 0x134c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
10:56:24.0131 0x134c Mup - ok
10:56:24.0143 0x134c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
10:56:24.0179 0x134c napagent - ok
10:56:24.0189 0x134c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:56:24.0209 0x134c NativeWifiP - ok
10:56:24.0230 0x134c [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:56:24.0260 0x134c NDIS - ok
10:56:24.0265 0x134c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:56:24.0293 0x134c NdisCap - ok
10:56:24.0297 0x134c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:56:24.0324 0x134c NdisTapi - ok
10:56:24.0328 0x134c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:56:24.0356 0x134c Ndisuio - ok
10:56:24.0362 0x134c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:56:24.0391 0x134c NdisWan - ok
10:56:24.0395 0x134c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:56:24.0422 0x134c NDProxy - ok
10:56:24.0425 0x134c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:56:24.0453 0x134c NetBIOS - ok
10:56:24.0461 0x134c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:56:24.0492 0x134c NetBT - ok
10:56:24.0496 0x134c [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] Netlogon C:\Windows\system32\lsass.exe
10:56:24.0508 0x134c Netlogon - ok
10:56:24.0518 0x134c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
10:56:24.0554 0x134c Netman - ok
10:56:24.0560 0x134c [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:56:24.0573 0x134c NetMsmqActivator - ok
10:56:24.0578 0x134c [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:56:24.0591 0x134c NetPipeActivator - ok
10:56:24.0603 0x134c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
10:56:24.0641 0x134c netprofm - ok
10:56:24.0647 0x134c [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:56:24.0660 0x134c NetTcpActivator - ok
10:56:24.0665 0x134c [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:56:24.0677 0x134c NetTcpPortSharing - ok
10:56:24.0681 0x134c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:56:24.0691 0x134c nfrd960 - ok
10:56:24.0697 0x134c [ 6D79C8CB73187FBEAAD1F680FADF98D3, 0075B2CCC4FFF929023F95686D7BBE32C0FCE05DEB2159C0784AF85D64E1B66E ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:56:24.0711 0x134c NisDrv - ok
10:56:24.0720 0x134c [ B8F4F580638373FBF72F2B572446D294, A5CD9ABCA5CDC335D2C6FDCB81327B600150E45BB867B88859A00AF974B42F85 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
10:56:24.0739 0x134c NisSrv - ok
10:56:24.0747 0x134c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
10:56:24.0768 0x134c NlaSvc - ok
10:56:24.0772 0x134c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:56:24.0800 0x134c Npfs - ok
10:56:24.0803 0x134c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
10:56:24.0833 0x134c nsi - ok
10:56:24.0836 0x134c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:56:24.0865 0x134c nsiproxy - ok
10:56:24.0903 0x134c [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:56:24.0948 0x134c Ntfs - ok
10:56:24.0954 0x134c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
10:56:24.0982 0x134c Null - ok
10:56:24.0989 0x134c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:56:25.0001 0x134c nvraid - ok
10:56:25.0007 0x134c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:56:25.0020 0x134c nvstor - ok
10:56:25.0025 0x134c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:56:25.0036 0x134c nv_agp - ok
10:56:25.0041 0x134c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:56:25.0053 0x134c ohci1394 - ok
10:56:25.0060 0x134c [ 2D1931102E3FA5942DA27A8F3942418B, 30BAB70BA85274D373A11D41E8C20CB8556D7EF7FFFB8D82C88C4002CCA79B37 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:56:25.0075 0x134c ose - ok
10:56:25.0180 0x134c [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:56:25.0300 0x134c osppsvc - ok
10:56:25.0317 0x134c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:56:25.0337 0x134c p2pimsvc - ok
10:56:25.0349 0x134c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
10:56:25.0368 0x134c p2psvc - ok
10:56:25.0373 0x134c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
10:56:25.0385 0x134c Parport - ok
10:56:25.0389 0x134c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:56:25.0399 0x134c partmgr - ok
10:56:25.0406 0x134c [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:56:25.0424 0x134c PcaSvc - ok
10:56:25.0431 0x134c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
10:56:25.0443 0x134c pci - ok
10:56:25.0446 0x134c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
10:56:25.0455 0x134c pciide - ok
10:56:25.0462 0x134c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:56:25.0476 0x134c pcmcia - ok
10:56:25.0480 0x134c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
10:56:25.0490 0x134c pcw - ok
10:56:25.0506 0x134c [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:56:25.0530 0x134c PEAUTH - ok
10:56:25.0559 0x134c [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
10:56:25.0601 0x134c PeerDistSvc - ok
10:56:25.0624 0x134c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:56:25.0635 0x134c PerfHost - ok
10:56:25.0669 0x134c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
10:56:25.0727 0x134c pla - ok
10:56:25.0740 0x134c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:56:25.0763 0x134c PlugPlay - ok
10:56:25.0767 0x134c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:56:25.0778 0x134c PNRPAutoReg - ok
10:56:25.0787 0x134c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:56:25.0804 0x134c PNRPsvc - ok
10:56:25.0817 0x134c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:56:25.0853 0x134c PolicyAgent - ok
10:56:25.0861 0x134c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
10:56:25.0892 0x134c Power - ok
10:56:25.0898 0x134c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:56:25.0926 0x134c PptpMiniport - ok
10:56:25.0931 0x134c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
10:56:25.0943 0x134c Processor - ok
10:56:25.0951 0x134c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
10:56:25.0969 0x134c ProfSvc - ok
10:56:25.0973 0x134c [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:56:25.0983 0x134c ProtectedStorage - ok
10:56:25.0990 0x134c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:56:26.0020 0x134c Psched - ok
10:56:26.0053 0x134c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:56:26.0094 0x134c ql2300 - ok
10:56:26.0102 0x134c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:56:26.0114 0x134c ql40xx - ok
10:56:26.0123 0x134c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
10:56:26.0143 0x134c QWAVE - ok
10:56:26.0147 0x134c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:56:26.0162 0x134c QWAVEdrv - ok
10:56:26.0166 0x134c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:56:26.0194 0x134c RasAcd - ok
10:56:26.0198 0x134c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:56:26.0226 0x134c RasAgileVpn - ok
10:56:26.0231 0x134c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
10:56:26.0262 0x134c RasAuto - ok
10:56:26.0267 0x134c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:56:26.0295 0x134c Rasl2tp - ok
10:56:26.0304 0x134c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
10:56:26.0337 0x134c RasMan - ok
10:56:26.0342 0x134c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:56:26.0373 0x134c RasPppoe - ok
10:56:26.0378 0x134c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:56:26.0408 0x134c RasSstp - ok
10:56:26.0417 0x134c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:56:26.0451 0x134c rdbss - ok
10:56:26.0455 0x134c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:56:26.0468 0x134c rdpbus - ok
10:56:26.0471 0x134c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:56:26.0500 0x134c RDPCDD - ok
10:56:26.0509 0x134c [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
10:56:26.0526 0x134c RDPDR - ok
10:56:26.0530 0x134c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:56:26.0561 0x134c RDPENCDD - ok
10:56:26.0566 0x134c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:56:26.0595 0x134c RDPREFMP - ok
10:56:26.0601 0x134c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:56:26.0615 0x134c RdpVideoMiniport - ok
10:56:26.0624 0x134c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:56:26.0642 0x134c RDPWD - ok
10:56:26.0649 0x134c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:56:26.0664 0x134c rdyboost - ok
10:56:26.0670 0x134c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:56:26.0700 0x134c RemoteAccess - ok
10:56:26.0707 0x134c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:56:26.0739 0x134c RemoteRegistry - ok
10:56:26.0743 0x134c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:56:26.0773 0x134c RpcEptMapper - ok
10:56:26.0776 0x134c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
10:56:26.0787 0x134c RpcLocator - ok
10:56:26.0799 0x134c [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
10:56:26.0820 0x134c RpcSs - ok
10:56:26.0825 0x134c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:56:26.0853 0x134c rspndr - ok
10:56:26.0876 0x134c [ F668E1FA742B84FEF0F25E8933BD0CC8, 9755826C8A472C342B4948D8D36D190E54DAD05188D4A6E05994ECE529B13CCD ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:56:26.0909 0x134c RTL8167 - ok
10:56:26.0913 0x134c [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
10:56:26.0923 0x134c s3cap - ok
10:56:26.0927 0x134c [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] SamSs C:\Windows\system32\lsass.exe
10:56:26.0938 0x134c SamSs - ok
10:56:26.0943 0x134c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:56:26.0955 0x134c sbp2port - ok
10:56:26.0962 0x134c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:56:26.0994 0x134c SCardSvr - ok
10:56:26.0998 0x134c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:56:27.0025 0x134c scfilter - ok
10:56:27.0050 0x134c [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
10:56:27.0088 0x134c Schedule - ok
10:56:27.0095 0x134c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:56:27.0122 0x134c SCPolicySvc - ok
10:56:27.0129 0x134c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:56:27.0146 0x134c SDRSVC - ok
10:56:27.0150 0x134c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:56:27.0164 0x134c secdrv - ok
10:56:27.0168 0x134c [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
10:56:27.0182 0x134c seclogon - ok
10:56:27.0186 0x134c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
10:56:27.0215 0x134c SENS - ok
10:56:27.0218 0x134c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:56:27.0233 0x134c SensrSvc - ok
10:56:27.0236 0x134c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:56:27.0247 0x134c Serenum - ok
10:56:27.0251 0x134c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:56:27.0263 0x134c Serial - ok
10:56:27.0267 0x134c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:56:27.0278 0x134c sermouse - ok
10:56:27.0287 0x134c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
10:56:27.0317 0x134c SessionEnv - ok
10:56:27.0321 0x134c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:56:27.0333 0x134c sffdisk - ok
10:56:27.0337 0x134c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:56:27.0350 0x134c sffp_mmc - ok
10:56:27.0353 0x134c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:56:27.0365 0x134c sffp_sd - ok
10:56:27.0369 0x134c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:56:27.0379 0x134c sfloppy - ok
10:56:27.0391 0x134c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:56:27.0426 0x134c SharedAccess - ok
10:56:27.0438 0x134c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:56:27.0474 0x134c ShellHWDetection - ok
10:56:27.0479 0x134c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
10:56:27.0489 0x134c SiSRaid2 - ok
10:56:27.0494 0x134c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:56:27.0505 0x134c SiSRaid4 - ok
10:56:27.0515 0x134c [ 3E98CE04689597C76B3EF4D3D0323836, F7FFF675066281190C236F2995EB003A1779231E5164EEE6BEE334A4240B1DF9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:56:27.0532 0x134c SkypeUpdate - ok
10:56:27.0538 0x134c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:56:27.0569 0x134c Smb - ok
10:56:27.0576 0x134c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:56:27.0588 0x134c SNMPTRAP - ok
10:56:27.0591 0x134c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
10:56:27.0600 0x134c spldr - ok
10:56:27.0615 0x134c [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
10:56:27.0654 0x134c Spooler - ok
10:56:27.0729 0x134c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
10:56:27.0834 0x134c sppsvc - ok
10:56:27.0844 0x134c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:56:27.0874 0x134c sppuinotify - ok
10:56:27.0887 0x134c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:56:27.0910 0x134c srv - ok
10:56:27.0921 0x134c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:56:27.0940 0x134c srv2 - ok
10:56:27.0947 0x134c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:56:27.0961 0x134c srvnet - ok
10:56:27.0968 0x134c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:56:28.0001 0x134c SSDPSRV - ok
10:56:28.0006 0x134c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:56:28.0038 0x134c SstpSvc - ok
10:56:28.0057 0x134c [ BE826A247D22F2FDF24B92AD40049F89, 06996ECCE5A694DEFDC99DB56F45DD0ABD9A2150581F1FD132FBBD863C474DE3 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:56:28.0082 0x134c Steam Client Service - ok
10:56:28.0087 0x134c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
10:56:28.0097 0x134c stexstor - ok
10:56:28.0112 0x134c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
10:56:28.0140 0x134c stisvc - ok
10:56:28.0145 0x134c [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
10:56:28.0155 0x134c storflt - ok
10:56:28.0159 0x134c [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
10:56:28.0173 0x134c StorSvc - ok
10:56:28.0178 0x134c [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
10:56:28.0187 0x134c storvsc - ok
10:56:28.0190 0x134c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:56:28.0200 0x134c swenum - ok
10:56:28.0213 0x134c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
10:56:28.0253 0x134c swprv - ok
10:56:28.0290 0x134c [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
10:56:28.0433 0x134c SysMain - ok
10:56:28.0441 0x134c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:56:28.0459 0x134c TabletInputService - ok
10:56:28.0469 0x134c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:56:28.0503 0x134c TapiSrv - ok
10:56:28.0545 0x134c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:56:28.0595 0x134c Tcpip - ok
10:56:28.0638 0x134c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:56:28.0686 0x134c TCPIP6 - ok
10:56:28.0695 0x134c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:56:28.0706 0x134c tcpipreg - ok
10:56:28.0711 0x134c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:56:28.0725 0x134c TDPIPE - ok
10:56:28.0728 0x134c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:56:28.0739 0x134c TDTCP - ok
10:56:28.0745 0x134c [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:56:28.0757 0x134c tdx - ok
10:56:28.0761 0x134c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:56:28.0772 0x134c TermDD - ok
10:56:28.0789 0x134c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
10:56:28.0818 0x134c TermService - ok
10:56:28.0823 0x134c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
10:56:28.0840 0x134c Themes - ok
10:56:28.0845 0x134c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
10:56:28.0875 0x134c THREADORDER - ok
10:56:28.0883 0x134c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
10:56:28.0915 0x134c TrkWks - ok
10:56:28.0921 0x134c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:56:28.0952 0x134c TrustedInstaller - ok
10:56:28.0958 0x134c [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:56:28.0972 0x134c tssecsrv - ok
10:56:28.0976 0x134c [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:56:28.0990 0x134c TsUsbFlt - ok
10:56:28.0993 0x134c [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
10:56:29.0006 0x134c TsUsbGD - ok
10:56:29.0012 0x134c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:56:29.0041 0x134c tunnel - ok
10:56:29.0045 0x134c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:56:29.0056 0x134c uagp35 - ok
10:56:29.0066 0x134c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:56:29.0098 0x134c udfs - ok
10:56:29.0105 0x134c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:56:29.0118 0x134c UI0Detect - ok
10:56:29.0122 0x134c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:56:29.0131 0x134c uliagpkx - ok
10:56:29.0136 0x134c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:56:29.0147 0x134c umbus - ok
10:56:29.0150 0x134c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
10:56:29.0160 0x134c UmPass - ok
10:56:29.0167 0x134c [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
10:56:29.0182 0x134c UmRdpService - ok
10:56:29.0194 0x134c [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
10:56:29.0211 0x134c UMVPFSrv - ok
10:56:29.0222 0x134c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
10:56:29.0257 0x134c upnphost - ok
10:56:29.0262 0x134c [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:56:29.0277 0x134c USBAAPL64 - ok
10:56:29.0282 0x134c [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A, DE1CDDEEF2285CC8387E88ACB13C000576DC8819DF6DC648C988068B5C83BB15 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:56:29.0297 0x134c usbaudio - ok
10:56:29.0302 0x134c [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829, 5D6E404FE0AB875202CA1A3E8E9D2F4368DF6ACCFA1C872ECFAF8399CBA3A485 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:56:29.0314 0x134c usbccgp - ok
10:56:29.0319 0x134c [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:56:29.0333 0x134c usbcir - ok
10:56:29.0337 0x134c [ 74EE782B1D9C241EFE425565854C661C, E8258EA65B0FCAD4E077B176E9D9324646B652D6E651241E397346A39770D065 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:56:29.0348 0x134c usbehci - ok
10:56:29.0353 0x134c [ 5A4AC5D05A7C97C68596416C05D6F2B4, 1CDE5172B763D2D65379B9F3ABACC080AF676DB9354EC98A455E620C4CE3E18A ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
10:56:29.0362 0x134c usbfilter - ok
10:56:29.0372 0x134c [ DC96BD9CCB8403251BCF25047573558E, 66EBF8A6B3BC0634F32DDCC8BA31F1EB5987E8C6853E1DC26005E3EED0945565 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:56:29.0389 0x134c usbhub - ok
10:56:29.0393 0x134c [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
10:56:29.0403 0x134c usbohci - ok
10:56:29.0407 0x134c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
10:56:29.0420 0x134c usbprint - ok
10:56:29.0425 0x134c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:56:29.0439 0x134c USBSTOR - ok
10:56:29.0443 0x134c [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:56:29.0454 0x134c usbuhci - ok
10:56:29.0458 0x134c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
10:56:29.0487 0x134c UxSms - ok
10:56:29.0491 0x134c [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] VaultSvc C:\Windows\system32\lsass.exe
10:56:29.0501 0x134c VaultSvc - ok
10:56:29.0505 0x134c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:56:29.0515 0x134c vdrvroot - ok
10:56:29.0528 0x134c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
10:56:29.0566 0x134c vds - ok
10:56:29.0571 0x134c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:56:29.0583 0x134c vga - ok
10:56:29.0587 0x134c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:56:29.0614 0x134c VgaSave - ok
10:56:29.0621 0x134c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:56:29.0634 0x134c vhdmp - ok
10:56:29.0638 0x134c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
10:56:29.0647 0x134c viaide - ok
10:56:29.0654 0x134c [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
10:56:29.0667 0x134c vmbus - ok
10:56:29.0671 0x134c [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
10:56:29.0681 0x134c VMBusHID - ok
10:56:29.0686 0x134c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:56:29.0696 0x134c volmgr - ok
10:56:29.0707 0x134c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:56:29.0723 0x134c volmgrx - ok
10:56:29.0732 0x134c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:56:29.0747 0x134c volsnap - ok
10:56:29.0754 0x134c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:56:29.0766 0x134c vsmraid - ok
10:56:29.0801 0x134c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
10:56:29.0864 0x134c VSS - ok
10:56:29.0875 0x134c [ 9B84E527379C3F4482F7F6A218B5751F, E00DAC7252D675F9E9F9531364CC74D02D72CE82B2C06DFCF70D8882DC6B3BF4 ] VUSB3HUB C:\Windows\system32\DRIVERS\ViaHub3.sys
10:56:29.0893 0x134c VUSB3HUB - ok
10:56:29.0897 0x134c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
10:56:29.0911 0x134c vwifibus - ok
10:56:29.0922 0x134c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
10:56:29.0959 0x134c W32Time - ok
10:56:29.0973 0x134c [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
10:56:29.0993 0x134c W3SVC - ok
10:56:29.0997 0x134c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:56:30.0008 0x134c WacomPen - ok
10:56:30.0013 0x134c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:56:30.0041 0x134c WANARP - ok
10:56:30.0045 0x134c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:56:30.0073 0x134c Wanarpv6 - ok
10:56:30.0085 0x134c [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
10:56:30.0104 0x134c WAS - ok
10:56:30.0137 0x134c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
10:56:30.0184 0x134c wbengine - ok
10:56:30.0194 0x134c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:56:30.0213 0x134c WbioSrvc - ok
10:56:30.0224 0x134c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:56:30.0245 0x134c wcncsvc - ok
10:56:30.0250 0x134c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:56:30.0265 0x134c WcsPlugInService - ok
10:56:30.0268 0x134c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
10:56:30.0277 0x134c Wd - ok
10:56:30.0295 0x134c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:56:30.0322 0x134c Wdf01000 - ok
10:56:30.0328 0x134c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:56:30.0344 0x134c WdiServiceHost - ok
10:56:30.0349 0x134c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:56:30.0361 0x134c WdiSystemHost - ok
10:56:30.0369 0x134c [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
10:56:30.0388 0x134c WebClient - ok
10:56:30.0397 0x134c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:56:30.0430 0x134c Wecsvc - ok
10:56:30.0435 0x134c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:56:30.0466 0x134c wercplsupport - ok
10:56:30.0471 0x134c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
10:56:30.0501 0x134c WerSvc - ok
10:56:30.0504 0x134c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:56:30.0531 0x134c WfpLwf - ok
10:56:30.0535 0x134c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:56:30.0548 0x134c WIMMount - ok
10:56:30.0556 0x134c WinDefend - ok
10:56:30.0558 0x1abc Object required for P2P: [ DA0FAEE45D6F03D7647851A20977A7D0 ] MpFilter
10:56:30.0562 0x134c WinHttpAutoProxySvc - ok
10:56:30.0575 0x134c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:56:30.0610 0x134c Winmgmt - ok
10:56:30.0655 0x134c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
10:56:30.0716 0x134c WinRM - ok
10:56:30.0726 0x134c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:56:30.0739 0x134c WinUsb - ok
10:56:30.0760 0x134c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:56:30.0793 0x134c Wlansvc - ok
10:56:30.0798 0x134c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:56:30.0809 0x134c WmiAcpi - ok
10:56:30.0817 0x134c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:56:30.0832 0x134c wmiApSrv - ok
10:56:30.0835 0x134c WMPNetworkSvc - ok
10:56:30.0839 0x134c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:56:30.0854 0x134c WPCSvc - ok
10:56:30.0860 0x134c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:56:30.0874 0x134c WPDBusEnum - ok
10:56:30.0879 0x134c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:56:30.0909 0x134c ws2ifsl - ok
10:56:30.0915 0x134c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
10:56:30.0932 0x134c wscsvc - ok
10:56:30.0937 0x134c [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
10:56:30.0950 0x134c WSDPrintDevice - ok
10:56:30.0953 0x134c WSearch - ok
10:56:31.0012 0x134c [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\Windows\system32\wuaueng.dll
10:56:31.0081 0x134c wuauserv - ok
10:56:31.0090 0x134c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:56:31.0105 0x134c WudfPf - ok
10:56:31.0111 0x134c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:56:31.0125 0x134c WUDFRd - ok
10:56:31.0130 0x134c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:56:31.0143 0x134c wudfsvc - ok
10:56:31.0151 0x134c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
10:56:31.0169 0x134c WwanSvc - ok
10:56:31.0179 0x134c [ 05E47B40CE30DEEF07E49B41178B3273, 1504C086E46ADC020D2C600393F5A58656BBC8885FA8777F307F0A9F2F1E8465 ] xhcdrv C:\Windows\system32\DRIVERS\xhcdrv.sys
10:56:31.0197 0x134c xhcdrv - ok
10:56:31.0201 0x134c ================ Scan global ===============================
10:56:31.0204 0x134c [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
10:56:31.0211 0x134c [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
10:56:31.0222 0x134c [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
10:56:31.0230 0x134c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:56:31.0239 0x134c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
10:56:31.0246 0x134c [ Global ] - ok
10:56:31.0246 0x134c ================ Scan MBR ==================================
10:56:31.0248 0x134c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:56:31.0314 0x134c \Device\Harddisk0\DR0 - ok
10:56:31.0314 0x134c ================ Scan VBR ==================================
10:56:31.0316 0x134c [ 1657A05D297BC85A388212388AB7FBEA ] \Device\Harddisk0\DR0\Partition1
10:56:31.0317 0x134c \Device\Harddisk0\DR0\Partition1 - ok
10:56:31.0317 0x134c ================ Scan generic autorun ======================
10:56:31.0344 0x134c [ DD7B4F9E6B71A599FEF4BD9DA0AE57C2, 6B22356F74F7ED069A3FC39C62326AA98A70D0E860A2EB29A6C46F4077FB567A ] c:\Program Files\Microsoft Security Client\msseces.exe
10:56:31.0383 0x134c MSC - ok
10:56:31.0391 0x134c [ 404A6E6550DB206EA6E9B1AC642102B2, 33CAF3CDEF820DFC97844BBCA56B95B6D31D1C682C69A29D14F7A0C9058AC8EF ] C:\Program Files\iTunes\iTunesHelper.exe
10:56:31.0403 0x134c iTunesHelper - ok
10:56:31.0531 0x134c [ E7079E1F6631F12750B7708FB8F5D007, E4CB290D7AF6A28C02A26221618B83C29DD86BF9B26460B91FD42F4C7DEE4218 ] C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
10:56:31.0670 0x134c StartCN - ok
10:56:31.0712 0x134c [ 69A649BFBD52265A71A26C17899EA287, 4C96F09BD69FAAAF3467BDF3883BE63651EA2EB9447E6CE28BCD7BF9EB9E17B5 ] C:\Program Files (x86)\SPEEDLINK\SPEEDLINK PRIME Gaming Mouse\Gaming Mouse.exe
10:56:31.0746 0x134c SPEEDLINK KUDOS - detected UnsignedFile.Multi.Generic ( 1 )
10:56:32.0992 0x1abc Object send P2P result: true
10:56:32.0996 0x1abc Object required for P2P: [ 6D79C8CB73187FBEAAD1F680FADF98D3 ] NisDrv
10:56:34.0067 0x134c SPEEDLINK KUDOS ( UnsignedFile.Multi.Generic ) - warning
10:56:35.0411 0x1abc Object send P2P result: true
10:56:35.0421 0x1abc Object required for P2P: [ 3E98CE04689597C76B3EF4D3D0323836 ] SkypeUpdate
10:56:36.0429 0x134c [ 1504D15BCD8D3EC9C08F7BCB394CE5E2, 6B150B4819D9F7DF6893463986DB59ADDF71A05E03F10C2F59462480EF9486F4 ] C:\Program Files (x86)\Skiller PRO\Monitor.exe
10:56:36.0443 0x134c Skiller PRO - detected UnsignedFile.Multi.Generic ( 1 )
10:56:37.0836 0x1abc Object send P2P result: true
10:56:38.0768 0x134c Detect skipped due to KSN trusted
10:56:38.0768 0x134c Skiller PRO - ok
10:56:38.0768 0x134c Sidebar - ok
10:56:38.0773 0x134c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:56:38.0789 0x134c mctadmin - ok
10:56:38.0789 0x134c Sidebar - ok
10:56:38.0794 0x134c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:56:38.0809 0x134c mctadmin - ok
10:56:38.0857 0x134c [ 8E3A4D64A060C5CAA90F3B0C15A7DFE9, 62CEE1449AF368A5FA16DDF9690526965C32979564CF66BD8B3BB534110A910C ] C:\Users\Thomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe
10:56:38.0895 0x134c Spotify Web Helper - ok
10:56:38.0957 0x134c [ 341ADA552AAC541FD34C262296C256EE, 32672460EDDD46550955508343904705D8F26E10F713E3CACDC84689567A9ECF ] C:\Program Files (x86)\Steam\steam.exe
10:56:39.0031 0x134c Steam - ok
10:56:39.0058 0x134c [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\Thomas\AppData\Local\FluxSoftware\Flux\flux.exe
10:56:39.0090 0x134c f.lux - ok
10:56:39.0091 0x134c Waiting for KSN requests completion. In queue: 5
10:56:40.0092 0x134c Waiting for KSN requests completion. In queue: 5
10:56:41.0092 0x134c Waiting for KSN requests completion. In queue: 5
10:56:41.0413 0x1370 Object required for P2P: [ 8E3A4D64A060C5CAA90F3B0C15A7DFE9 ] C:\Users\Thomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe
10:56:42.0092 0x134c Waiting for KSN requests completion. In queue: 3
10:56:43.0092 0x134c Waiting for KSN requests completion. In queue: 3
10:56:43.0841 0x1370 Object send P2P result: true
10:56:43.0841 0x1370 Object required for P2P: [ 341ADA552AAC541FD34C262296C256EE ] C:\Program Files (x86)\Steam\steam.exe
10:56:44.0092 0x134c Waiting for KSN requests completion. In queue: 2
10:56:45.0092 0x134c Waiting for KSN requests completion. In queue: 2
10:56:46.0092 0x134c Waiting for KSN requests completion. In queue: 2
10:56:46.0281 0x1370 Object send P2P result: true
10:56:47.0101 0x134c AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.9.218.0 ), 0x61000 ( enabled : updated )
10:56:47.0104 0x134c Win FW state via NFP2: enabled ( trusted )
10:56:49.0449 0x134c ============================================================
10:56:49.0449 0x134c Scan finished
10:56:49.0449 0x134c ============================================================
10:56:49.0455 0x12ac Detected object count: 2
10:56:49.0455 0x12ac Actual detected object count: 2
10:57:19.0472 0x12ac amdacpusrsvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:57:19.0473 0x12ac amdacpusrsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:57:19.0473 0x12ac SPEEDLINK KUDOS ( UnsignedFile.Multi.Generic ) - skipped by user
10:57:19.0474 0x12ac SPEEDLINK KUDOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
29.05.2016, 19:04
| #3 |
| /// TB-Ausbilder /// Anleitungs-Guru  | PC führt Programme zT wahllos aus/nicht aus Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Bitte FRST-Scan im Normal-Modus: Schritt 1   Bitte starte FRST erneut, markiere auch die checkbox  und drücke auf Untersuchen. Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________ |
|
29.05.2016, 20:41
| #4 |
| | PC führt Programme zT wahllos aus/nicht aus Könnte ich nochmal den Link für das Programm erhalten? |
|
29.05.2016, 20:49
| #5 |
| /// TB-Ausbilder /// Anleitungs-Guru | PC führt Programme zT wahllos aus/nicht aus Klaro. Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
30.05.2016, 17:53
| #6 |
| | PC führt Programme zT wahllos aus/nicht ausCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-05-2016 02
durchgeführt von Thomas (Administrator) auf THOMAS-PC (30-05-2016 18:52:05)
Gestartet von C:\Users\Thomas\Downloads
Geladene Profile: Thomas (Verfügbare Profile: Thomas)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Spotify Ltd) C:\Users\Thomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Flux Software LLC) C:\Users\Thomas\AppData\Local\FluxSoftware\Flux\flux.exe
() C:\Program Files (x86)\SPEEDLINK\SPEEDLINK PRIME Gaming Mouse\Gaming Mouse.exe
(Sharkoon Technologies) C:\Program Files (x86)\Skiller PRO\Monitor.EXE
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
() C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.223.127.0.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-05-11] (Apple Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6564552 2016-05-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SPEEDLINK KUDOS] => C:\Program Files (x86)\SPEEDLINK\SPEEDLINK PRIME Gaming Mouse\Gaming Mouse.exe [1470464 2012-03-08] ()
HKLM-x32\...\Run: [Skiller PRO] => C:\Program Files (x86)\Skiller PRO\Monitor.exe [475136 2015-07-17] (Sharkoon Technologies)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Run: [Spotify Web Helper] => C:\Users\Thomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-05-11] (Spotify Ltd)
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Run: [f.lux] => C:\Users\Thomas\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{7F44B7C4-C23C-4E67-B9AC-3F19997CD50C}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-05-02] (Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-05-02] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-02] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-05-02] (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-05-02] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
FireFox:
========
FF ProfilePath: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default
FF Homepage: hxxps://www.reddit.com/
FF NetworkProxy: "proxy_over_tls", false
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-05-02] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-05-02] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Extension: Reddit Enhancement Suite - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2016-04-06]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2016-05-18]
FF Extension: Adblock Plus - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-01]
Chrome:
=======
CHR HomePage: Default -> hxxps://www.twitch.tv/directory/following
CHR StartupUrls: Default -> "hxxps://www.twitch.tv/directory/following"
CHR Profile: C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-17]
CHR Extension: (Google Docs) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-17]
CHR Extension: (Google Drive) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-17]
CHR Extension: (YouTube) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-17]
CHR Extension: (Google Tabellen) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-17]
CHR Extension: (Google Docs Offline) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17]
CHR Extension: (Google Mail) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-17]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-05-20] (Advanced Micro Devices) [Datei ist nicht signiert]
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-01-08] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2911472 2016-05-02] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-29] (Digital Wave Ltd.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [296648 2016-05-20] (Advanced Micro Devices)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [59624 2014-01-08] (Advanced Micro Devices)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2014-10-31] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [305664 2014-10-31] (VIA Technologies, Inc.)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-30 18:52 - 2016-05-30 18:52 - 00015200 _____ C:\Users\Thomas\Downloads\FRST.txt
2016-05-30 18:51 - 2016-05-30 18:51 - 02383872 _____ (Farbar) C:\Users\Thomas\Downloads\FRST64.exe
2016-05-29 23:03 - 2016-05-29 23:03 - 00000000 ____D C:\Users\Thomas\Documents\League of Legends
2016-05-28 13:57 - 2016-05-28 13:57 - 00006663 _____ C:\Users\Thomas\Downloads\Muster-Anschreiben-Naturwissenschaftler.pdf
2016-05-28 13:48 - 2016-05-28 13:48 - 00013077 _____ C:\Users\Thomas\Downloads\studentenjob_musteranschreiben.pdf
2016-05-27 15:23 - 2016-05-27 15:23 - 00003011 _____ C:\Users\Thomas\Downloads\TwitchHTML5-master.zip
2016-05-27 10:55 - 2016-05-27 10:58 - 00203436 _____ C:\TDSSKiller.3.1.0.9_27.05.2016_10.55.22_log.txt
2016-05-27 10:54 - 2016-05-27 10:55 - 00202236 _____ C:\TDSSKiller.3.1.0.9_27.05.2016_10.54.18_log.txt
2016-05-27 10:42 - 2016-05-27 10:42 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Thomas\Downloads\tdsskiller.exe
2016-05-24 16:48 - 2016-05-24 16:48 - 02684989 _____ C:\Users\Thomas\Downloads\Proteine.zip
2016-05-24 16:48 - 2016-05-24 16:48 - 00012930 _____ C:\Users\Thomas\Downloads\Aminosauren.zip
2016-05-24 16:47 - 2016-05-24 16:48 - 00051960 _____ C:\Users\Thomas\Downloads\DNA.zip
2016-05-24 16:15 - 2016-05-24 21:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-05-20 23:48 - 2016-05-20 23:48 - 00141280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2016-05-20 23:48 - 2016-05-20 23:48 - 00122704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00150544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00141280 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00125288 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2016-05-20 23:46 - 2016-05-20 23:46 - 09798560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2016-05-20 23:46 - 2016-05-20 23:46 - 08577456 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2016-05-20 23:44 - 2016-05-20 23:44 - 00296648 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2016-05-20 23:41 - 2016-05-20 23:41 - 27015680 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2016-05-20 23:35 - 2016-05-20 23:35 - 48616960 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2016-05-20 23:35 - 2016-05-20 23:35 - 00252928 _____ C:\Windows\system32\clinfo.exe
2016-05-20 23:34 - 2016-05-20 23:34 - 38098432 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2016-05-20 23:33 - 2016-05-20 23:33 - 00096256 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-05-20 23:33 - 2016-05-20 23:33 - 00087040 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-05-20 23:32 - 2016-05-20 23:32 - 27433472 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2016-05-20 23:31 - 2016-05-20 23:31 - 21600768 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2016-05-20 23:30 - 2016-05-20 23:30 - 08699392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2016-05-20 23:26 - 2016-05-20 23:26 - 06951424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2016-05-20 23:14 - 2016-05-20 23:14 - 30188032 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2016-05-20 23:13 - 2016-05-20 23:13 - 00730112 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2016-05-20 23:13 - 2016-05-20 23:13 - 00605696 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2016-05-20 23:12 - 2016-05-20 23:12 - 06965248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2016-05-20 23:12 - 2016-05-20 23:12 - 00142336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2016-05-20 23:12 - 2016-05-20 23:12 - 00117760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 05643776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 00716128 _____ C:\Windows\SysWOW64\atiapfxx.blb
2016-05-20 23:09 - 2016-05-20 23:09 - 00716128 _____ C:\Windows\system32\atiapfxx.blb
2016-05-20 23:09 - 2016-05-20 23:09 - 00385536 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2016-05-20 23:09 - 2016-05-20 23:09 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2016-05-20 23:08 - 2016-05-20 23:08 - 15711744 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2016-05-20 23:08 - 2016-05-20 23:08 - 14302720 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 24836096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 00113152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 00092160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 00038400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2016-05-20 23:04 - 2016-05-20 23:04 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2016-05-20 23:02 - 2016-05-20 23:02 - 00588288 _____ (AMD) C:\Windows\system32\atieclxx.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2016-05-20 23:02 - 2016-05-20 23:02 - 00306688 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00274432 _____ C:\Windows\system32\dgtrayicon.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00258560 _____ C:\Windows\system32\GameManager64.dll
2016-05-20 23:02 - 2016-05-20 23:02 - 00230912 _____ C:\Windows\system32\amdgfxinfo64.dll
2016-05-20 23:02 - 2016-05-20 23:02 - 00212480 _____ C:\Windows\system32\atieah64.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00202752 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2016-05-20 23:02 - 2016-05-20 23:02 - 00190464 _____ C:\Windows\SysWOW64\atieah32.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00093696 _____ (AMD) C:\Windows\system32\atimuixx.dll
2016-05-20 23:01 - 2016-05-20 23:01 - 00270336 _____ (AMD) C:\Windows\system32\atitmm64.dll
2016-05-20 22:59 - 2016-05-20 22:59 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2016-05-20 22:57 - 2016-05-20 22:57 - 01304576 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00973824 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00973824 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00498176 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2016-05-20 22:57 - 2016-05-20 22:57 - 00185344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00159232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00119808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00106496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00101376 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2016-05-20 22:56 - 2016-05-20 22:56 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2016-05-20 22:55 - 2016-05-20 22:55 - 00251392 _____ C:\Windows\system32\hsa-thunk64.dll
2016-05-20 22:55 - 2016-05-20 22:55 - 00217088 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2016-05-20 17:21 - 2016-05-20 17:21 - 02412544 _____ C:\Windows\system32\amdacpusl.pdb
2016-05-20 17:12 - 2016-05-20 17:12 - 00364544 _____ (Advanced Micro Devices) C:\Windows\system32\amdacpusl.dll
2016-05-20 17:12 - 2016-05-20 17:12 - 00306176 _____ C:\Windows\system32\amdacpusl.pdb.pub
2016-05-20 17:12 - 2016-05-20 17:12 - 00248832 _____ (Advanced Micro Devices) C:\Windows\SysWOW64\amdacpusl.dll
2016-05-18 20:03 - 2016-04-14 18:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-05-18 20:03 - 2016-04-14 18:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-05-18 20:03 - 2016-04-14 18:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-05-18 20:03 - 2016-04-14 18:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-05-18 20:03 - 2016-04-14 18:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-05-18 20:03 - 2016-04-14 18:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-05-18 20:03 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-05-18 20:03 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-05-18 20:03 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-05-18 20:03 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-05-18 20:03 - 2016-04-14 17:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-05-18 20:03 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-05-18 20:03 - 2016-04-12 03:23 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-05-18 20:03 - 2016-04-12 03:23 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-18 20:03 - 2016-04-12 03:20 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-05-18 20:03 - 2016-04-12 03:01 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-05-18 20:03 - 2016-04-12 03:01 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-18 20:03 - 2016-04-12 03:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-05-18 20:03 - 2016-04-12 02:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-18 20:03 - 2016-04-12 02:43 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-18 20:03 - 2016-04-12 02:43 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-18 20:03 - 2016-04-12 02:43 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-18 20:03 - 2016-04-12 02:42 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-18 20:03 - 2016-04-12 02:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-05-18 20:03 - 2016-04-12 02:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-05-18 20:03 - 2016-04-09 08:58 - 14186496 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-05-18 20:03 - 2016-04-09 08:57 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-05-18 20:03 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-05-18 20:03 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-05-18 20:03 - 2016-04-09 07:53 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-05-18 20:03 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-05-18 18:32 - 2016-05-18 18:32 - 00000000 ____D C:\Users\Thomas\Documents\UnrealTournament
2016-05-18 18:32 - 2016-05-18 18:32 - 00000000 ____D C:\Users\Thomas\AppData\Local\UnrealTournament
2016-05-18 17:14 - 2016-05-18 18:48 - 00000000 ____D C:\Program Files\Epic Games
2016-05-18 17:04 - 2016-05-18 17:04 - 00000000 ____D C:\Users\Thomas\AppData\Local\UnrealEngineLauncher
2016-05-18 17:03 - 2016-05-18 17:03 - 00000000 ____D C:\Users\Thomas\AppData\Local\UnrealEngine
2016-05-18 17:03 - 2016-05-18 17:03 - 00000000 ____D C:\Users\Thomas\AppData\Local\EpicGamesLauncher
2016-05-18 17:02 - 2016-05-18 17:05 - 00002517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2016-05-18 17:02 - 2016-05-18 17:05 - 00002505 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2016-05-18 17:02 - 2016-05-18 17:04 - 00000000 ____D C:\ProgramData\Epic
2016-05-18 17:02 - 2016-05-18 17:02 - 00000000 ____D C:\Program Files (x86)\Epic Games
2016-05-18 17:01 - 2016-05-18 17:01 - 33619968 _____ C:\Users\Thomas\Downloads\EpicGamesLauncherInstaller-2.11.9-2970807.msi
2016-05-17 20:38 - 2016-05-17 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-05-17 20:38 - 2016-05-17 20:38 - 00000000 ____D C:\Program Files\iTunes
2016-05-17 20:38 - 2016-05-17 20:38 - 00000000 ____D C:\Program Files\iPod
2016-05-17 20:38 - 2016-05-17 20:38 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-05-16 20:25 - 2016-05-16 20:27 - 63261230 _____ C:\Users\Thomas\Downloads\Fest & Flauschig - Aufbau West mit Olli Schulz und Jan Böhmermann.m4a
2016-05-15 00:14 - 2016-05-15 00:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-15 00:07 - 2016-05-15 00:08 - 22851472 _____ (Malwarebytes ) C:\Users\Thomas\Downloads\mbam-setup-computerbild.8000-2.2.1.1043.exe
2016-05-15 00:02 - 2016-05-15 00:02 - 00985600 _____ C:\Users\Thomas\Downloads\MicrosoftFixit50123.msi
2016-05-14 18:41 - 2016-05-14 18:41 - 01622481 _____ C:\Users\Thomas\Downloads\Dissertation_R_Nobis_ThULB.pdf
2016-05-14 13:18 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-14 13:18 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-14 13:18 - 2015-12-20 20:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-05-14 13:18 - 2015-12-20 20:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-05-14 13:18 - 2015-12-20 16:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-05-14 13:18 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-05-14 13:18 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2016-05-14 13:18 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2016-05-14 13:18 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-05-14 13:18 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2016-05-14 13:18 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2016-05-14 13:18 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2016-05-14 13:18 - 2014-12-11 19:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2016-05-14 13:18 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-05-14 13:18 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-05-14 13:18 - 2012-06-01 07:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2016-05-14 13:18 - 2012-06-01 07:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2016-05-14 13:18 - 2012-06-01 07:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2016-05-14 13:18 - 2012-06-01 07:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2016-05-14 13:18 - 2012-06-01 07:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2016-05-14 13:18 - 2012-06-01 07:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2016-05-14 13:18 - 2012-06-01 06:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2016-05-14 13:18 - 2012-06-01 06:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2016-05-14 13:18 - 2012-06-01 06:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2016-05-14 13:18 - 2012-06-01 06:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2016-05-14 13:18 - 2012-06-01 06:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2016-05-14 13:18 - 2012-06-01 06:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2016-05-14 13:17 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-14 13:17 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-14 00:33 - 2015-11-10 20:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-05-14 00:33 - 2015-11-10 20:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-05-14 00:33 - 2015-11-10 20:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-05-14 00:33 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-05-14 00:33 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-05-14 00:28 - 2015-12-08 23:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-05-14 00:28 - 2015-12-08 21:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-05-14 00:28 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-05-14 00:28 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-05-14 00:01 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2016-05-14 00:01 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-05-14 00:01 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-05-14 00:01 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2016-05-14 00:01 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2016-05-14 00:01 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2016-05-14 00:01 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2016-05-14 00:01 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2016-05-14 00:01 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2016-05-14 00:01 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2016-05-14 00:00 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2016-05-14 00:00 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2016-05-14 00:00 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2016-05-14 00:00 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2016-05-13 23:59 - 2016-05-13 23:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-05-13 23:59 - 2016-05-13 23:59 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-05-13 23:59 - 2016-05-13 23:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-05-13 23:56 - 2015-12-16 20:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-05-13 23:56 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-05-13 23:56 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-05-13 23:56 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-05-13 23:56 - 2015-12-16 20:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-05-13 23:56 - 2015-12-16 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-05-13 23:56 - 2015-12-16 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-05-13 23:56 - 2015-12-16 20:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-05-13 23:56 - 2015-12-16 16:38 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2016-05-13 23:56 - 2015-12-16 16:37 - 00419928 _____ C:\Windows\system32\locale.nls
2016-05-13 23:56 - 2015-08-05 19:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2016-05-13 23:56 - 2015-08-05 19:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-05-13 23:54 - 2016-03-09 21:00 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-05-13 23:54 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-05-13 23:54 - 2016-03-09 20:40 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-05-13 23:54 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-05-13 23:49 - 2016-05-13 23:53 - 00000000 ____D C:\Windows\system32\MRT
2016-05-13 23:49 - 2016-05-13 23:49 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-13 23:28 - 2016-05-13 23:28 - 00000000 ____D C:\Windows\SysWOW64\BestPractices
2016-05-13 23:28 - 2016-05-13 23:28 - 00000000 ____D C:\Windows\system32\BestPractices
2016-05-13 23:28 - 2016-05-13 23:28 - 00000000 ____D C:\inetpub
2016-05-13 11:35 - 2016-05-26 17:58 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-13 11:35 - 2016-05-26 17:58 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-11 23:37 - 2016-05-11 23:37 - 00000000 ____D C:\Users\Thomas\AppData\Local\GWX
2016-05-11 14:13 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-11 14:13 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-11 14:13 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-11 14:13 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-11 14:13 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-11 14:13 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-05-11 14:13 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-05-11 14:13 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-05-11 14:13 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-11 14:13 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-11 14:13 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-11 14:13 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-11 14:13 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-11 14:13 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-11 14:13 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-11 14:13 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-05-11 14:13 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-05-11 14:13 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-05-11 14:13 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-05-11 14:13 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-11 14:13 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-05-11 14:13 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-05-11 13:27 - 2016-05-11 13:27 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\library_dir
2016-05-11 12:47 - 2016-05-30 18:52 - 00000000 ____D C:\FRST
2016-05-11 12:18 - 2016-05-11 12:45 - 00001536 _____ C:\Users\Thomas\Desktop\JRT.txt
2016-05-11 12:16 - 2016-05-11 12:44 - 00000000 ____D C:\AdwCleaner
2016-05-11 11:03 - 2016-05-11 11:03 - 00000000 ____D C:\Program Files (x86)\ESET
2016-05-11 00:41 - 2016-05-11 00:41 - 00096256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2016-05-11 00:40 - 2016-05-11 00:40 - 00103424 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2016-05-11 00:36 - 2016-05-20 23:12 - 00865280 _____ (AMD) C:\Windows\system32\coinst_16.20.dll
2016-05-11 00:36 - 2016-05-11 00:36 - 00865280 _____ (AMD) C:\Windows\system32\SETE622.tmp
2016-05-10 23:37 - 2016-05-24 13:56 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-05-10 23:06 - 2016-05-13 23:13 - 00967006 _____ C:\Windows\ntbtlog.txt
2016-05-09 07:05 - 2016-05-09 07:05 - 00874790 _____ C:\Windows\system32\amdicdxx.dat
2016-05-08 12:49 - 2016-05-08 12:49 - 00000000 ___HD C:\ProgramData\CanonIJETV
2016-05-08 12:49 - 2016-05-08 12:49 - 00000000 ____D C:\Program Files (x86)\Canon
2016-05-08 12:14 - 2016-05-08 12:14 - 00000000 ____H C:\Users\Thomas\Documents\Default.rdp
2016-05-07 13:23 - 2016-05-07 13:23 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\WinRAR
2016-05-07 12:51 - 2016-05-11 11:04 - 00000000 ___RD C:\Users\Thomas\Documents\Scanned Documents
2016-05-07 12:51 - 2016-05-07 12:51 - 00000000 ____D C:\Users\Thomas\Documents\Fax
2016-05-06 22:45 - 2016-05-06 22:45 - 00368416 _____ C:\Windows\system32\ativvaxy_el_nd.dat
2016-05-06 16:11 - 2016-05-07 11:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-01 15:50 - 2016-05-24 22:07 - 00000000 ____D C:\Users\Thomas\Desktop\Rea
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-30 18:51 - 2016-04-06 21:40 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-30 18:51 - 2016-04-06 20:55 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\TS3Client
2016-05-30 18:39 - 2011-04-12 09:43 - 01335862 _____ C:\Windows\system32\perfh007.dat
2016-05-30 18:39 - 2011-04-12 09:43 - 00343982 _____ C:\Windows\system32\perfc007.dat
2016-05-30 18:39 - 2009-07-14 07:13 - 00006408 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-30 18:35 - 2016-04-17 15:03 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-30 18:35 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-30 00:20 - 2016-04-07 15:20 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-05-30 00:14 - 2016-04-17 15:03 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-30 00:08 - 2016-04-10 00:44 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-29 23:25 - 2016-04-17 20:58 - 00000000 ____D C:\Users\Thomas\AppData\LocalLow\Temp
2016-05-29 22:36 - 2016-04-06 22:57 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Skype
2016-05-29 22:28 - 2009-07-14 06:45 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-29 22:28 - 2009-07-14 06:45 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-28 11:45 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-05-25 17:21 - 2016-04-06 21:49 - 00004230 _____ C:\Windows\System32\Tasks\AMD Updater
2016-05-25 17:02 - 2016-04-06 21:43 - 00000000 ____D C:\Program Files (x86)\AMD
2016-05-25 17:02 - 2016-04-06 21:42 - 00000000 ____D C:\Program Files\AMD
2016-05-25 17:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-25 17:00 - 2016-04-06 21:40 - 00000000 ____D C:\AMD
2016-05-25 16:18 - 2016-04-06 20:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-23 19:53 - 2016-04-06 21:29 - 00000000 ____D C:\Users\Thomas\AppData\Local\Spotify
2016-05-23 19:53 - 2016-04-06 21:28 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Spotify
2016-05-22 22:05 - 2016-04-07 16:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-20 23:47 - 2016-04-04 06:16 - 00166488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2016-05-20 23:47 - 2016-04-04 06:16 - 00137136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 10694160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 08876704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 08865344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 01511680 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 01242832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 00123776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2016-05-20 23:46 - 2016-04-04 06:15 - 06999496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2016-05-20 23:02 - 2016-04-04 03:57 - 00223744 _____ C:\Windows\SysWOW64\GameManager32.dll
2016-05-19 14:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-05-18 17:04 - 2016-04-06 21:14 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-18 14:11 - 2016-04-17 19:59 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-18 14:10 - 2016-04-17 19:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-05-17 21:05 - 2014-01-11 18:52 - 00000000 ____D C:\Users\Thomas\Desktop\#I so'n Shit
2016-05-17 20:38 - 2016-04-06 21:21 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-05-17 14:19 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-05-16 20:25 - 2016-04-16 17:36 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\DVDVideoSoft
2016-05-14 23:29 - 2009-07-14 06:45 - 00424696 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-14 23:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2016-05-14 23:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2016-05-14 02:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-05-13 23:28 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-05-13 23:18 - 2014-08-09 16:19 - 00000000 ___RD C:\Users\Thomas\Dropbox
2016-05-13 23:14 - 2016-04-06 21:53 - 00000000 ____D C:\Users\Thomas\AppData\Local\ElevatedDiagnostics
2016-05-13 11:35 - 2016-04-10 15:23 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-13 01:15 - 2016-04-17 15:04 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-13 01:08 - 2016-04-10 00:44 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 01:08 - 2016-04-10 00:44 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 01:08 - 2016-04-10 00:44 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-12 22:54 - 2016-04-06 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-05-11 14:09 - 2016-04-17 15:03 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 14:09 - 2016-04-17 15:03 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-11 11:46 - 2016-04-08 16:36 - 00000000 ____D C:\Users\Thomas\AppData\Local\Apps\2.0
2016-05-11 11:45 - 2016-04-09 11:54 - 00000000 ____D C:\Users\Thomas\AppData\Local\Downloaded Installations
2016-05-11 11:42 - 2016-04-06 21:00 - 00000000 ____D C:\60123cffff02c322a6
2016-05-11 01:09 - 2016-04-04 06:16 - 00166488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETDE39.tmp
2016-05-11 01:09 - 2016-04-04 06:16 - 00137136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETE3C5.tmp
2016-05-11 01:09 - 2016-04-04 06:15 - 08873608 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETD911.tmp
2016-05-11 01:09 - 2016-04-04 06:15 - 08865344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETD679.tmp
2016-05-11 01:09 - 2016-04-04 06:15 - 06999496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETD5EA.tmp
2016-05-11 01:09 - 2016-04-04 06:15 - 01510144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETDEAA.tmp
2016-05-11 01:09 - 2016-04-04 06:15 - 01241296 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETDEDB.tmp
2016-05-11 01:09 - 2016-04-04 06:15 - 00123776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETE384.tmp
2016-05-11 00:27 - 2016-04-04 03:57 - 00223744 _____ C:\Windows\SysWOW64\SETDCF7.tmp
2016-05-10 20:25 - 2016-04-07 16:27 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-08 12:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-04-06 21:12 - 2016-04-06 21:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Thomas\AppData\Local\Temp\libeay32.dll
C:\Users\Thomas\AppData\Local\Temp\msvcr120.dll
C:\Users\Thomas\AppData\Local\Temp\playstv_patch.exe
C:\Users\Thomas\AppData\Local\Temp\raptrpatch.exe
C:\Users\Thomas\AppData\Local\Temp\raptr_stub.exe
C:\Users\Thomas\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-05-28 19:50
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-05-2016 02
durchgeführt von Thomas (2016-05-30 18:52:46)
Gestartet von C:\Users\Thomas\Downloads
Windows 7 Professional Service Pack 1 (X64) (2016-04-06 17:37:00)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-758422454-1604163277-2610386603-500 - Administrator - Disabled)
Gast (S-1-5-21-758422454-1604163277-2610386603-501 - Limited - Disabled)
Thomas (S-1-5-21-758422454-1604163277-2610386603-1000 - Administrator - Enabled) => C:\Users\Thomas
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ACD/Labs Freeware in C:\ACD2015FREE\ (HKLM-x32\...\ACDLabs in C__ACD2015FREE_) (Version: v14.00, FREE - ACD/Labs)
ACP Application (Version: 2016.0520.1712.17 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{34D5220A-58D0-473C-90E4-15136C3FB0E3}) (Version: 4.3.1.0690 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Epic Games Launcher (HKLM-x32\...\{CA4F7840-CC89-451D-8453-392F2EDAA605}) (Version: 1.1.70.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
f.lux (HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Flux) (Version: - )
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.6.328 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
iTunes (HKLM\...\{58D7E5F7-BAD1-49C5-93C8-B655736EDA00}) (Version: 12.4.0.119 - Apple Inc.)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.6868.2062 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Mozilla Thunderbird 45.1.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.0 (x86 de)) (Version: 45.1.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Skiller PRO (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 2.1.15.6 - Sharkoon Technologies)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
SPEEDLINK PRIME Gaming Mouse (HKLM-x32\...\SPEEDLINK KUDOS) (Version: - )
Spotify (HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-758422454-1604163277-2610386603-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-758422454-1604163277-2610386603-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {15FE0B6C-6F9D-4CE1-98EF-E2F5F33A4845} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-02] (Microsoft Corporation)
Task: {27D6393D-4FA7-49C0-BE3D-07B63F1744C5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {29C10ED2-A5DB-47E4-90CB-64F2328E12F5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {2B3D71FA-7E23-4D26-825C-F593771E4CD8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {49C0D252-62E5-45C7-9C09-CDD4CEDA94DA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-05] (Microsoft Corporation)
Task: {80B348DC-5F01-49E8-BC90-AD93FFCEEA62} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-05] (Microsoft Corporation)
Task: {9304EBB5-82CD-4F09-B853-E07F96DD2FAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17] (Google Inc.)
Task: {D122ABCC-35C0-4196-9705-4C9E5608F49A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-05-05] (Microsoft Corporation)
Task: {DAF3A632-9FB4-418A-9FFA-AE2B117D2E43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17] (Google Inc.)
Task: {E81E985F-3881-447F-B0A0-40F0625F0B5B} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-05-20] (Advanced Micro Devices, Inc.)
Task: {FF1C5EBB-E5CD-4FA8-A11A-41021CA2DD57} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-02] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-08-30 19:47 - 2013-08-30 19:47 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-22 14:41 - 2012-10-22 14:41 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-22 14:42 - 2012-10-22 14:42 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-17 19:56 - 2016-05-02 04:01 - 00417472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2012-03-08 05:12 - 2012-03-08 05:12 - 01470464 _____ () C:\Program Files (x86)\SPEEDLINK\SPEEDLINK PRIME Gaming Mouse\Gaming Mouse.exe
2016-04-22 01:07 - 2016-04-22 01:07 - 00313656 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2015-10-22 13:22 - 2016-04-26 17:45 - 00174872 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2015-10-22 13:21 - 2016-04-26 17:45 - 00103192 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2015-10-22 13:21 - 2016-04-26 17:45 - 00107800 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2015-10-22 13:22 - 2016-04-26 17:45 - 00312088 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2015-10-22 13:22 - 2016-04-26 17:45 - 00485656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2016-04-06 21:48 - 2016-04-06 21:48 - 00103424 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
2016-04-16 17:36 - 2016-03-29 00:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-04-16 17:36 - 2016-03-29 00:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-04-16 17:36 - 2016-03-29 00:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-04-16 17:36 - 2016-03-29 00:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-04-16 17:36 - 2016-03-29 00:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-04-16 17:36 - 2016-03-29 00:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-04-04 03:57 - 2016-05-20 23:02 - 00223744 _____ () C:\Windows\SysWOW64\GameManager32.dll
2016-04-06 21:42 - 2016-04-29 22:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-04-06 21:42 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-04-06 21:42 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-04-06 21:42 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-04-06 21:42 - 2016-04-30 02:10 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2016-04-06 21:42 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-04-06 21:42 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-04-06 21:42 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-04-06 21:42 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-04-06 21:42 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-04-06 21:42 - 2016-04-30 02:10 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-04-06 21:42 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-05-30 18:51 - 2016-05-30 18:51 - 00155232 ___HT () C:\Users\Thomas\AppData\Local\Temp\~CE85.tmp
2016-04-24 12:18 - 2015-07-20 17:15 - 00057344 _____ () C:\Program Files (x86)\Skiller PRO\lan.dll
2016-04-24 12:18 - 2012-08-14 22:41 - 00061440 _____ () C:\Program Files (x86)\Skiller PRO\hiddriver.dll
2016-04-06 21:42 - 2016-04-28 03:00 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-06 21:49 - 2016-05-05 12:45 - 00198144 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\launcher.dll
2016-04-06 21:48 - 2016-04-06 21:48 - 00317952 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00203776 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\vstdlib.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00390656 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\filesystem_stdio.dll
2016-04-06 21:48 - 2016-05-22 22:04 - 06971392 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\engine.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00166912 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\inputsystem.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 01174016 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vphysics.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 01242112 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\materialsystem.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00355840 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\datacache.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00610816 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\studiorender.dll
2016-04-06 21:49 - 2016-05-05 12:45 - 00164864 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\soundemittersystem.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00708096 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vscript.dll
2016-04-06 21:49 - 2016-05-05 12:45 - 00134656 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\valve_avi.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 01336832 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vguimatsurface.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00395264 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vgui2.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 03276288 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\scaleformui.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 01769984 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\shaderapidx9.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00143360 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\localize.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00230912 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dbg.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 01016832 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dx9.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00584704 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\matchmaking.dll
2016-04-06 21:48 - 2016-05-22 22:03 - 12712448 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\client.dll
2016-04-06 21:48 - 2016-05-22 22:04 - 10263040 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\server.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00094208 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\scenefilecache.dll
2016-04-06 21:49 - 2016-05-05 12:45 - 00084992 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vaudio_miles.dll
2016-04-06 21:48 - 2016-04-06 21:48 - 00071680 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\mssmp3.asi
2016-04-06 21:48 - 2016-04-06 21:48 - 00012800 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\mssds3d.flt
2016-04-06 21:48 - 2016-04-06 21:48 - 00055808 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\msseax.flt
2016-04-06 21:49 - 2016-05-05 12:45 - 00173568 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vaudio_celt.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00974848 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\serverbrowser.dll
2016-04-06 21:42 - 2015-09-25 01:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{1BCAC893-CFF5-4B9B-B850-44B7676B9E6C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7111D390-46B3-475F-80D1-301F5CDBB677}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A4AB2E0E-53C0-4177-9A3E-20002042C1D7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C4571AB8-9671-4363-B564-69DB43825264}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2FAD3544-A9CF-429F-BBC3-0A9ABF814914}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{36A774A3-45F8-474F-A081-87A5A9C1E404}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5AACE038-93F5-4799-9AE6-F166A1ADCEC0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D17EAD2D-00F5-4473-9873-7CBF0C0914D2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E76E4D58-B87C-4CED-9F5B-711B2906D389}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AC3BC60B-C4A3-4230-BDA5-4AD011A42F8C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{93B56332-F08C-4B6B-93F4-A3F34F9C5A36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{200E9D49-D84B-4235-A117-7685E9F00AD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6867D683-685D-4382-9E43-7C6CDDB4BE9D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{25B354C7-1BA0-4185-B445-EC8D1A210A17}C:\users\thomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E44951C8-D687-4754-8D0B-8AB1B23EF7F4}C:\users\thomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9C60BA12-94B0-4E54-BF18-5AB6F5E4C1F3}] => (Block) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{39537144-DD55-4166-9463-33EF7C683842}] => (Block) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9EDC795F-272A-4EB3-AD00-1A91DCDE93CA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{BBA74933-FA30-4DA3-B21A-25D571817B41}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{B012F289-0C94-4CA8-AB32-1DA7A4B769E8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{0E1C8AF4-9E36-458A-9836-A67DE07796CD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{04A0DEE9-698B-445C-951D-BD6AA2D243AA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{9B4A8547-A8A2-43E3-8D3E-DDFA4F740689}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{4413B138-BB2B-4F17-80EE-0A27F117B626}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{040FD958-5701-424B-97AD-F962EEC8BA2D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{372EBF4E-BDA0-41FF-AD6C-53B78DC18B73}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{38C4DFE6-9166-4F9E-AE16-FF8F0FE2A98D}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{84C52CDD-7C66-403F-BE49-BDEA926B5BF2}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{FC285D08-4A1A-4901-9CC9-CB28AF2F5DF1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{99DFCD0E-F2CD-4A9E-B724-E5E25AFD6C69}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{740FCBC3-A4D3-4A3D-B3CC-5E656DCC5FE9}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{799231B6-3B0E-4909-B188-F152276B6C49}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{A038B329-29C2-4041-A19D-56B47D5FAAA1}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{45A133EC-4E01-4B76-8709-DCCA7F6B7F2A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{3CF14EA0-D892-424E-9C74-BA1EFD3D93D6}C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{902BD277-E7B5-441E-9F6F-C61AF6AF7FA9}C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [TCP Query User{047EECAB-C51C-4DED-BDDF-29B8FB1CA506}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{AD5FA729-B796-401F-BC28-C4ED603C9B9A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{9B9F5C7C-6F5B-4058-BE3C-79408F2C3002}C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Block) C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{7ECDD799-55F7-4B0D-B7FF-8ECB77C4038B}C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Block) C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
==================== Wiederherstellungspunkte =========================
18-05-2016 20:00:34 Windows Update
18-05-2016 20:01:07 Windows Update
18-05-2016 20:01:43 Windows Update
18-05-2016 20:03:09 Windows Update
22-05-2016 22:04:55 Windows Update
25-05-2016 17:01:36 Gerätetreiber-Paketinstallation: Advanced Micro Devices, Inc. Grafikkarte
26-05-2016 17:20:16 Windows Update
26-05-2016 17:58:52 Windows Update
30-05-2016 18:51:48 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/30/2016 06:39:37 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (05/30/2016 06:39:37 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (05/30/2016 06:39:37 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (05/30/2016 06:37:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/30/2016 06:35:26 PM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description: ATI EEU Client event error
Error: (05/29/2016 09:36:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (05/29/2016 09:36:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (05/29/2016 09:36:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (05/29/2016 09:34:04 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (05/29/2016 09:34:04 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Systemfehler:
=============
Error: (05/30/2016 06:50:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.
Error: (05/29/2016 09:47:48 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.
Error: (05/29/2016 07:20:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.
Error: (05/29/2016 12:27:01 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.
Error: (05/28/2016 08:09:59 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.
Error: (05/28/2016 12:00:44 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.
Error: (05/27/2016 10:54:10 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.
Error: (05/26/2016 05:19:26 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.
Error: (05/25/2016 10:48:47 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.
Error: (05/25/2016 04:50:56 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "SABINEJAENICKE",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7F44B7C4-C23C-4E67-B9AC-3F19997CD50C}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
==================== Speicherinformationen ===========================
Prozessor: AMD FX-8320E Eight-Core Processor
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 16350.65 MB
Verfügbarer physikalischer RAM: 11571.52 MB
Summe virtueller Speicher: 32699.48 MB
Verfügbarer virtueller Speicher: 27079.27 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:465.76 GB) (Free:320.67 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 85DD657B)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
30.05.2016, 18:16
| #7 |
| /// TB-Ausbilder /// Anleitungs-Guru | PC führt Programme zT wahllos aus/nicht aus Schritt 1  Scan mit Combofix
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
30.05.2016, 21:19
| #8 |
| | PC führt Programme zT wahllos aus/nicht ausCode:
ATTFilter ComboFix 16-05-31.01 - Thomas 30.05.2016 22:05:25.1.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.16351.12890 [GMT 2:00]
ausgeführt von:: c:\users\Thomas\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
SP: Microsoft Security Essentials *Enabled/Updated* {CDE0C533-D3CD-62A1-E772-AFADDF863628}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\SET4461.tmp
c:\windows\SysWow64\SET450F.tmp
c:\windows\SysWow64\SET47C6.tmp
c:\windows\SysWow64\SET4C39.tmp
c:\windows\SysWow64\SET4E7A.tmp
c:\windows\SysWow64\SET5343.tmp
c:\windows\SysWow64\SET5364.tmp
c:\windows\SysWow64\SET71E9.tmp
c:\windows\SysWow64\SET7268.tmp
c:\windows\SysWow64\SET751F.tmp
c:\windows\SysWow64\SET7905.tmp
c:\windows\SysWow64\SET7AE9.tmp
c:\windows\SysWow64\SET7F83.tmp
c:\windows\SysWow64\SET7FA4.tmp
c:\windows\SysWow64\SETD5EA.tmp
c:\windows\SysWow64\SETD679.tmp
c:\windows\SysWow64\SETD911.tmp
c:\windows\SysWow64\SETDCF7.tmp
c:\windows\SysWow64\SETDEDB.tmp
c:\windows\SysWow64\SETE0B2.tmp
c:\windows\SysWow64\SETE131.tmp
c:\windows\SysWow64\SETE384.tmp
c:\windows\SysWow64\SETE3C5.tmp
c:\windows\SysWow64\SETE417.tmp
c:\windows\SysWow64\SETE80C.tmp
c:\windows\SysWow64\SETEA4E.tmp
c:\windows\SysWow64\SETEEE8.tmp
c:\windows\SysWow64\SETEF09.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2016-04-28 bis 2016-05-30 ))))))))))))))))))))))))))))))
.
.
2016-05-30 20:09 . 2016-05-30 20:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-05-30 16:52 . 2016-05-26 20:28 11895896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8B56FDFB-4D46-436B-A9D5-1F05C299305B}\mpengine.dll
2016-05-30 16:51 . 2016-05-26 20:28 11895896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-05-24 14:15 . 2016-05-24 19:17 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2016-05-22 20:05 . 2016-05-12 10:53 1167568 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EF8A72DD-0949-44D6-8CC7-6DA0E15BA815}\gapaengine.dll
2016-05-20 21:48 . 2016-05-20 21:48 141280 ----a-w- c:\windows\system32\amdave64.dll
2016-05-20 21:48 . 2016-05-20 21:48 122704 ----a-w- c:\windows\SysWow64\amdave32.dll
2016-05-20 21:47 . 2016-05-20 21:47 141280 ----a-w- c:\windows\system32\amdhcp64.dll
2016-05-20 21:47 . 2016-05-20 21:47 125288 ----a-w- c:\windows\SysWow64\amdhcp32.dll
2016-05-20 21:47 . 2016-05-20 21:47 109856 ----a-w- c:\windows\system32\atimpc64.dll
2016-05-20 21:47 . 2016-05-20 21:47 109856 ----a-w- c:\windows\system32\amdpcom64.dll
2016-05-20 21:47 . 2016-05-20 21:47 92328 ----a-w- c:\windows\SysWow64\atimpc32.dll
2016-05-20 21:47 . 2016-05-20 21:47 92328 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2016-05-20 21:47 . 2016-05-20 21:47 150544 ----a-w- c:\windows\system32\atiu9p64.dll
2016-05-20 21:46 . 2016-05-20 21:46 9798560 ----a-w- c:\windows\system32\atiumd6a.dll
2016-05-20 21:46 . 2016-05-20 21:46 8577456 ----a-w- c:\windows\system32\atiumd64.dll
2016-05-20 21:44 . 2016-05-20 21:44 296648 ----a-w- c:\windows\system32\drivers\amdacpksd.sys
2016-05-20 21:41 . 2016-05-20 21:41 27015680 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2016-05-20 21:35 . 2016-05-20 21:35 252928 ----a-w- c:\windows\system32\clinfo.exe
2016-05-20 21:35 . 2016-05-20 21:35 48616960 ----a-w- c:\windows\system32\amdocl64.dll
2016-05-20 21:34 . 2016-05-20 21:34 38098432 ----a-w- c:\windows\SysWow64\amdocl.dll
2016-05-20 21:33 . 2016-05-20 21:33 96256 ----a-w- c:\windows\system32\OpenCL.dll
2016-05-20 21:33 . 2016-05-20 21:33 87040 ----a-w- c:\windows\SysWow64\OpenCL.dll
2016-05-20 21:32 . 2016-05-20 21:32 27433472 ----a-w- c:\windows\system32\amdocl12cl64.dll
2016-05-20 21:31 . 2016-05-20 21:31 21600768 ----a-w- c:\windows\SysWow64\amdocl12cl.dll
2016-05-20 21:30 . 2016-05-20 21:30 8699392 ----a-w- c:\windows\system32\amdvlk64.dll
2016-05-20 21:26 . 2016-05-20 21:26 6951424 ----a-w- c:\windows\SysWow64\amdvlk32.dll
2016-05-20 21:14 . 2016-05-20 21:14 30188032 ----a-w- c:\windows\system32\atio6axx.dll
2016-05-20 21:13 . 2016-05-20 21:13 730112 ----a-w- c:\windows\system32\amdlvr64.dll
2016-05-20 21:13 . 2016-05-20 21:13 605696 ----a-w- c:\windows\SysWow64\amdlvr32.dll
2016-05-20 21:12 . 2016-05-20 21:12 142336 ----a-w- c:\windows\system32\mantle64.dll
2016-05-20 21:12 . 2016-05-20 21:12 117760 ----a-w- c:\windows\SysWow64\mantle32.dll
2016-05-20 21:12 . 2016-05-20 21:12 6965248 ----a-w- c:\windows\system32\amdmantle64.dll
2016-05-20 21:09 . 2016-05-20 21:09 385536 ----a-w- c:\windows\system32\atiapfxx.exe
2016-05-20 21:09 . 2016-05-20 21:09 62464 ----a-w- c:\windows\system32\aticalrt64.dll
2016-05-20 21:09 . 2016-05-20 21:09 52224 ----a-w- c:\windows\SysWow64\aticalrt.dll
2016-05-20 21:09 . 2016-05-20 21:09 55808 ----a-w- c:\windows\system32\aticalcl64.dll
2016-05-20 21:09 . 2016-05-20 21:09 49152 ----a-w- c:\windows\SysWow64\aticalcl.dll
2016-05-20 21:09 . 2016-05-20 21:09 5643776 ----a-w- c:\windows\SysWow64\amdmantle32.dll
2016-05-20 21:08 . 2016-05-20 21:08 15711744 ----a-w- c:\windows\system32\aticaldd64.dll
2016-05-20 21:08 . 2016-05-20 21:08 14302720 ----a-w- c:\windows\SysWow64\aticaldd.dll
2016-05-20 21:06 . 2016-05-20 21:06 24836096 ----a-w- c:\windows\SysWow64\atioglxx.dll
2016-05-20 21:06 . 2016-05-20 21:06 50688 ----a-w- c:\windows\system32\amdmmcl6.dll
2016-05-20 21:06 . 2016-05-20 21:06 38400 ----a-w- c:\windows\SysWow64\amdmmcl.dll
2016-05-20 21:06 . 2016-05-20 21:06 113152 ----a-w- c:\windows\system32\mantleaxl64.dll
2016-05-20 21:06 . 2016-05-20 21:06 92160 ----a-w- c:\windows\SysWow64\mantleaxl32.dll
2016-05-20 21:02 . 2016-05-20 21:02 442368 ----a-w- c:\windows\system32\atidemgy.dll
2016-05-20 21:02 . 2016-05-20 21:02 274432 ----a-w- c:\windows\system32\dgtrayicon.exe
2016-05-20 21:02 . 2016-05-20 21:02 258560 ----a-w- c:\windows\system32\GameManager64.dll
2016-05-20 21:02 . 2016-05-20 21:02 212480 ----a-w- c:\windows\system32\atieah64.exe
2016-05-20 21:02 . 2016-05-20 21:02 190464 ----a-w- c:\windows\SysWow64\atieah32.exe
2016-05-20 21:02 . 2016-05-20 21:02 230912 ----a-w- c:\windows\system32\amdgfxinfo64.dll
2016-05-20 21:02 . 2016-05-20 21:02 202752 ----a-w- c:\windows\SysWow64\amdgfxinfo32.dll
2016-05-20 21:02 . 2016-05-20 21:02 93696 ----a-w- c:\windows\system32\atimuixx.dll
2016-05-20 21:02 . 2016-05-20 21:02 588288 ----a-w- c:\windows\system32\atieclxx.exe
2016-05-20 21:02 . 2016-05-20 21:02 306688 ----a-w- c:\windows\system32\atiesrxx.exe
2016-05-20 21:01 . 2016-05-20 21:01 270336 ----a-w- c:\windows\system32\atitmm64.dll
2016-05-20 20:57 . 2016-05-20 20:57 1304576 ----a-w- c:\windows\system32\atiadlxx.dll
2016-05-20 20:57 . 2016-05-20 20:57 973824 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2016-05-20 20:57 . 2016-05-20 20:57 973824 ----a-w- c:\windows\SysWow64\atiadlxx.dll
2016-05-20 20:57 . 2016-05-20 20:57 106496 ----a-w- c:\windows\system32\atig6pxx.dll
2016-05-20 20:57 . 2016-05-20 20:57 91136 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2016-05-20 20:57 . 2016-05-20 20:57 91136 ----a-w- c:\windows\system32\atiglpxx.dll
2016-05-20 20:57 . 2016-05-20 20:57 185344 ----a-w- c:\windows\system32\atig6txx.dll
2016-05-20 20:57 . 2016-05-20 20:57 159232 ----a-w- c:\windows\SysWow64\atigktxx.dll
2016-05-20 20:57 . 2016-05-20 20:57 498176 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2016-05-20 20:57 . 2016-05-20 20:57 119808 ----a-w- c:\windows\system32\atisamu64.dll
2016-05-20 20:57 . 2016-05-20 20:57 101376 ----a-w- c:\windows\SysWow64\atisamu32.dll
2016-05-20 20:56 . 2016-05-20 20:56 43520 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2016-05-20 20:55 . 2016-05-20 20:55 251392 ----a-w- c:\windows\system32\hsa-thunk64.dll
2016-05-20 20:55 . 2016-05-20 20:55 217088 ----a-w- c:\windows\SysWow64\hsa-thunk.dll
2016-05-20 15:12 . 2016-05-20 15:12 364544 ----a-w- c:\windows\system32\amdacpusl.dll
2016-05-20 15:12 . 2016-05-20 15:12 248832 ----a-w- c:\windows\SysWow64\amdacpusl.dll
2016-05-18 16:32 . 2016-05-18 16:32 -------- d-----w- c:\users\Thomas\AppData\Local\UnrealTournament
2016-05-18 15:14 . 2016-05-18 16:48 -------- d-----w- c:\program files\Epic Games
2016-05-18 15:03 . 2016-05-18 15:03 -------- d-----w- c:\users\Thomas\AppData\Local\UnrealEngine
2016-05-18 15:03 . 2016-05-18 15:03 -------- d-----w- c:\users\Thomas\AppData\Local\EpicGamesLauncher
2016-05-18 15:02 . 2016-05-18 15:04 -------- d-----w- c:\programdata\Epic
2016-05-18 15:02 . 2016-05-18 15:02 -------- d-----w- c:\program files (x86)\Epic Games
2016-05-17 18:38 . 2016-05-17 18:38 -------- d-----w- c:\program files\iPod
2016-05-17 18:38 . 2016-05-17 18:38 -------- d-----w- c:\program files (x86)\iTunes
2016-05-17 18:38 . 2016-05-17 18:38 -------- d-----w- c:\program files\iTunes
2016-05-14 22:14 . 2016-05-14 22:14 -------- d-----w- c:\programdata\Malwarebytes
2016-05-14 11:17 . 2016-04-09 04:20 1230848 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2016-05-14 11:17 . 2016-04-09 03:52 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll
2016-05-13 22:33 . 2015-11-10 18:55 1648128 ----a-w- c:\windows\system32\DWrite.dll
2016-05-13 22:33 . 2015-11-10 18:55 1180160 ----a-w- c:\windows\system32\FntCache.dll
2016-05-13 22:33 . 2015-11-10 18:39 1251328 ----a-w- c:\windows\SysWow64\DWrite.dll
2016-05-13 22:33 . 2015-07-30 18:06 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2016-05-13 22:33 . 2015-07-30 17:57 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2016-05-13 22:28 . 2015-12-08 21:54 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2016-05-13 22:28 . 2015-12-08 19:07 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2016-05-13 22:28 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2016-05-13 22:28 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2016-05-13 22:01 . 2013-10-02 04:51 3584 ----a-w- c:\windows\system32\drivers\de-DE\tsusbflt.sys.mui
2016-05-13 22:01 . 2013-10-02 01:10 44544 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2016-05-13 22:01 . 2013-10-02 02:22 56832 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2016-05-13 22:01 . 2013-10-02 02:11 13824 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-05-13 22:01 . 2013-10-02 02:08 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-05-13 22:01 . 2013-10-02 01:48 56832 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2016-05-13 22:01 . 2013-10-02 01:48 18944 ----a-w- c:\windows\system32\wksprtPS.dll
2016-05-13 22:01 . 2013-10-02 00:14 50176 ----a-w- c:\windows\SysWow64\MsRdpWebAccess.dll
2016-05-13 22:01 . 2013-10-02 00:14 17920 ----a-w- c:\windows\SysWow64\wksprtPS.dll
2016-05-13 22:01 . 2013-10-01 23:31 1147392 ----a-w- c:\windows\system32\mstsc.exe
2016-05-13 22:01 . 2013-10-01 22:34 1068544 ----a-w- c:\windows\SysWow64\mstsc.exe
2016-05-13 22:00 . 2012-08-23 14:10 19456 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2016-05-13 22:00 . 2012-08-23 14:08 30208 ----a-w- c:\windows\system32\drivers\TsUsbGD.sys
2016-05-13 22:00 . 2012-08-23 11:12 192000 ----a-w- c:\windows\SysWow64\rdpendp_winip.dll
2016-05-13 22:00 . 2012-08-23 10:51 228864 ----a-w- c:\windows\system32\rdpendp_winip.dll
2016-05-13 21:59 . 2016-05-13 21:59 -------- d-----w- c:\program files\Microsoft Silverlight
2016-05-13 21:59 . 2016-05-13 21:59 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2016-05-13 21:56 . 2015-12-16 18:55 69120 ----a-w- c:\windows\system32\nlsbres.dll
2016-05-13 21:56 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\KBDAZEL.DLL
2016-05-13 21:56 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\KBDAZE.DLL
2016-05-13 21:56 . 2015-12-16 18:48 6656 ----a-w- c:\windows\SysWow64\KBDAZEL.DLL
2016-05-13 21:56 . 2015-12-16 18:47 69120 ----a-w- c:\windows\SysWow64\nlsbres.dll
2016-05-13 21:56 . 2015-12-16 18:53 7168 ----a-w- c:\windows\system32\kbdgeoqw.dll
2016-05-13 21:56 . 2015-12-16 18:48 6656 ----a-w- c:\windows\SysWow64\kbdgeoqw.dll
2016-05-13 21:56 . 2015-08-05 17:56 22528 ----a-w- c:\windows\system32\icaapi.dll
2016-05-13 21:56 . 2015-08-05 17:06 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2016-05-13 21:54 . 2016-03-09 19:00 396800 ----a-w- c:\windows\system32\webio.dll
2016-05-13 21:54 . 2016-03-09 19:00 444416 ----a-w- c:\windows\system32\winhttp.dll
2016-05-13 21:54 . 2016-03-09 18:40 351744 ----a-w- c:\windows\SysWow64\winhttp.dll
2016-05-13 21:54 . 2016-03-09 18:40 316416 ----a-w- c:\windows\SysWow64\webio.dll
2016-05-13 21:49 . 2016-05-13 21:53 -------- d-----w- c:\windows\system32\MRT
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-05-29 22:20 . 2016-04-07 13:20 65536 ----a-w- c:\windows\system32\spu_storage.bin
2016-05-20 21:47 . 2016-04-04 04:16 166488 ----a-w- c:\windows\system32\atiuxp64.dll
2016-05-20 21:47 . 2016-04-04 04:16 137136 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2016-05-20 21:47 . 2016-04-04 04:15 123776 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2016-05-20 21:47 . 2016-04-04 04:15 1511680 ----a-w- c:\windows\system32\aticfx64.dll
2016-05-20 21:47 . 2016-04-04 04:15 1242832 ----a-w- c:\windows\SysWow64\aticfx32.dll
2016-05-20 21:47 . 2016-04-04 04:15 10694160 ----a-w- c:\windows\system32\atidxx64.dll
2016-05-20 21:47 . 2016-04-04 04:15 8876704 ----a-w- c:\windows\SysWow64\atidxx32.dll
2016-05-20 21:47 . 2016-04-04 04:15 8865344 ----a-w- c:\windows\SysWow64\atiumdva.dll
2016-05-20 21:46 . 2016-04-04 04:15 6999496 ----a-w- c:\windows\SysWow64\atiumdag.dll
2016-05-20 21:02 . 2016-04-04 01:57 223744 ----a-w- c:\windows\SysWow64\GameManager32.dll
2016-05-12 23:08 . 2016-04-09 22:44 797376 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-05-12 23:08 . 2016-04-09 22:44 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-05-12 10:53 . 2016-04-14 16:38 1167568 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2016-05-10 23:09 . 2016-04-04 04:16 166488 ----a-w- c:\windows\system32\SETDE39.tmp
2016-05-10 23:09 . 2016-04-04 04:15 1510144 ----a-w- c:\windows\system32\SETDEAA.tmp
2016-05-02 12:18 . 2016-04-17 18:02 2405656 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2016-04-29 19:48 . 2016-04-04 04:16 152568 ----a-w- c:\windows\system32\SET4DB9.tmp
2016-04-29 19:48 . 2016-04-04 04:15 1519920 ----a-w- c:\windows\system32\SET4E4A.tmp
2016-04-29 19:48 . 2016-04-04 04:15 11631488 ----a-w- c:\windows\system32\SET43F2.tmp
2016-04-22 07:57 . 2010-11-21 03:27 453288 ------w- c:\windows\system32\MpSigStub.exe
2016-04-15 21:14 . 2016-04-04 04:16 152568 ----a-w- c:\windows\system32\SETE9AC.tmp
2016-04-15 21:14 . 2016-04-04 04:15 1519920 ----a-w- c:\windows\system32\SETEA1D.tmp
2016-04-15 21:14 . 2016-04-04 04:15 11631488 ----a-w- c:\windows\system32\SETE043.tmp
2016-04-15 20:24 . 2016-04-04 02:25 865280 ----a-w- c:\windows\system32\SETF1D3.tmp
2016-04-15 20:11 . 2016-04-04 01:33 1276416 ----a-w- c:\windows\system32\SETD87C.tmp
2016-04-09 06:54 . 2016-05-11 12:13 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-04-08 16:08 . 2016-04-08 16:08 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2016-04-08 16:08 . 2016-04-08 16:08 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2016-04-08 16:08 . 2016-04-08 16:08 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2016-04-08 16:08 . 2016-04-08 16:08 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2016-04-08 16:08 . 2016-04-08 16:08 235008 ----a-w- c:\windows\system32\elshyph.dll
2016-04-08 16:08 . 2016-04-08 16:08 1950720 ----a-w- c:\windows\SysWow64\wininet.dll
2016-04-08 16:08 . 2016-04-08 16:08 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2016-04-08 16:07 . 2016-04-08 16:07 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2016-04-08 16:07 . 2016-04-08 16:07 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2016-04-08 16:07 . 2016-04-08 16:07 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2016-04-08 16:07 . 2016-04-08 16:07 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2016-04-08 16:07 . 2016-04-08 16:07 503808 ----a-w- c:\windows\SysWow64\vbscript.dll
2016-04-08 16:07 . 2016-04-08 16:07 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2016-04-08 16:07 . 2016-04-08 16:07 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2016-04-08 16:07 . 2016-04-08 16:07 341504 ----a-w- c:\windows\SysWow64\html.iec
2016-04-08 16:07 . 2016-04-08 16:07 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2016-04-08 16:07 . 2016-04-08 16:07 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2016-04-08 16:07 . 2016-04-08 16:07 2052608 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2016-04-08 16:07 . 2016-04-08 16:07 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2016-04-08 16:07 . 2016-04-08 16:07 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2016-04-08 16:07 . 2016-04-08 16:07 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2016-04-08 16:07 . 2016-04-08 16:07 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2016-04-08 16:07 . 2016-04-08 16:07 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2016-04-08 16:07 . 2016-04-08 16:07 942592 ----a-w- c:\windows\system32\jsIntl.dll
2016-04-08 16:07 . 2016-04-08 16:07 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2016-04-08 16:07 . 2016-04-08 16:07 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2016-04-08 16:07 . 2016-04-08 16:07 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2016-04-08 16:07 . 2016-04-08 16:07 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2016-04-08 16:07 . 2016-04-08 16:07 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2016-04-08 16:07 . 2016-04-08 16:07 633856 ----a-w- c:\windows\system32\ieui.dll
2016-04-08 16:07 . 2016-04-08 16:07 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2016-04-08 16:07 . 2016-04-08 16:07 6026240 ----a-w- c:\windows\system32\jscript9.dll
2016-04-08 16:07 . 2016-04-08 16:07 54784 ----a-w- c:\windows\system32\jsproxy.dll
2016-04-08 16:07 . 2016-04-08 16:07 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2016-04-08 16:07 . 2016-04-08 16:07 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2016-04-08 16:07 . 2016-04-08 16:07 48640 ----a-w- c:\windows\system32\mshtmler.dll
2016-04-08 16:07 . 2016-04-08 16:07 4305920 ----a-w- c:\windows\SysWow64\jscript9.dll
2016-04-08 16:07 . 2016-04-08 16:07 2885632 ----a-w- c:\windows\system32\iertutil.dll
2016-04-08 16:07 . 2016-04-08 16:07 247808 ----a-w- c:\windows\system32\msls31.dll
2016-04-08 16:07 . 2016-04-08 16:07 2426880 ----a-w- c:\windows\system32\wininet.dll
2016-04-08 16:07 . 2016-04-08 16:07 199680 ----a-w- c:\windows\system32\msrating.dll
2016-04-08 16:07 . 2016-04-08 16:07 1545728 ----a-w- c:\windows\system32\urlmon.dll
2016-04-08 16:07 . 2016-04-08 16:07 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2016-04-08 16:07 . 2016-04-08 16:07 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2016-04-08 16:07 . 2016-04-08 16:07 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2016-04-08 16:07 . 2016-04-08 16:07 105984 ----a-w- c:\windows\system32\iesysprep.dll
2016-04-08 16:07 . 2016-04-08 16:07 14404096 ----a-w- c:\windows\system32\ieframe.dll
2016-04-08 16:07 . 2016-04-08 16:07 92160 ----a-w- c:\windows\system32\mshtmled.dll
2016-04-08 16:07 . 2016-04-08 16:07 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2016-04-08 16:07 . 2016-04-08 16:07 816640 ----a-w- c:\windows\system32\jscript.dll
2016-04-08 16:07 . 2016-04-08 16:07 81408 ----a-w- c:\windows\system32\icardie.dll
2016-04-08 16:07 . 2016-04-08 16:07 801280 ----a-w- c:\windows\system32\msfeeds.dll
2016-04-08 16:07 . 2016-04-08 16:07 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2016-04-08 16:07 . 2016-04-08 16:07 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2016-04-08 16:07 . 2016-04-08 16:07 77312 ----a-w- c:\windows\system32\tdc.ocx
2016-04-08 16:07 . 2016-04-08 16:07 720384 ----a-w- c:\windows\system32\ie4uinit.exe
2016-04-08 16:07 . 2016-04-08 16:07 66560 ----a-w- c:\windows\system32\iesetup.dll
2016-04-08 16:07 . 2016-04-08 16:07 62464 ----a-w- c:\windows\system32\pngfilt.dll
2016-04-08 16:07 . 2016-04-08 16:07 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2016-04-08 16:07 . 2016-04-08 16:07 584192 ----a-w- c:\windows\system32\vbscript.dll
2016-04-08 16:07 . 2016-04-08 16:07 490496 ----a-w- c:\windows\system32\dxtmsft.dll
2016-04-08 16:07 . 2016-04-08 16:07 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2016-04-08 16:07 . 2016-04-08 16:07 48128 ----a-w- c:\windows\system32\imgutil.dll
2016-04-08 16:07 . 2016-04-08 16:07 417792 ----a-w- c:\windows\system32\html.iec
2016-04-08 16:07 . 2016-04-08 16:07 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2016-04-08 16:07 . 2016-04-08 16:07 389840 ----a-w- c:\windows\system32\iedkcs32.dll
2016-04-08 16:07 . 2016-04-08 16:07 34304 ----a-w- c:\windows\system32\iernonce.dll
2016-04-08 16:07 . 2016-04-08 16:07 316928 ----a-w- c:\windows\system32\dxtrans.dll
2016-04-08 16:07 . 2016-04-08 16:07 30208 ----a-w- c:\windows\system32\licmgr10.dll
2016-04-08 16:07 . 2016-04-08 16:07 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2016-04-08 16:07 . 2016-04-08 16:07 24917504 ----a-w- c:\windows\system32\mshtml.dll
2016-04-08 16:07 . 2016-04-08 16:07 243200 ----a-w- c:\windows\system32\webcheck.dll
2016-04-08 16:07 . 2016-04-08 16:07 235520 ----a-w- c:\windows\system32\url.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2016-04-17 18:18 1587912 ----a-w- c:\users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2016-04-17 18:18 1587912 ----a-w- c:\users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2016-04-17 18:18 1587912 ----a-w- c:\users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2016-04-17 18:18 1587912 ----a-w- c:\users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2016-04-17 18:18 1587912 ----a-w- c:\users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-05-02 12:19 1538864 ----a-w- c:\program files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-05-02 12:19 1538864 ----a-w- c:\program files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-05-02 12:19 1538864 ----a-w- c:\program files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\Thomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2016-05-11 1525360]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2016-04-30 3077712]
"f.lux"="c:\users\Thomas\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-23 1017224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SPEEDLINK KUDOS"="c:\program files (x86)\SPEEDLINK\SPEEDLINK PRIME Gaming Mouse\Gaming Mouse.exe" [2012-03-08 1470464]
"Skiller PRO"="c:\program files (x86)\Skiller PRO\Monitor.exe" [2015-07-17 475136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 amdacpksd;ACP Kernel Service Driver;c:\windows\system32\drivers\amdacpksd.sys;c:\windows\SYSNATIVE\drivers\amdacpksd.sys [x]
S2 amdacpusrsvc;ACP User Service;c:\program files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe;c:\program files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 AODDriver4.3.0;AODDriver4.3.0;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DigitalWave.Update.Service;Digital Wave Update Service;c:\program files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe;c:\program files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
S3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\DRIVERS\ViaHub3.sys;c:\windows\SYSNATIVE\DRIVERS\ViaHub3.sys [x]
S3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\DRIVERS\xhcdrv.sys;c:\windows\SYSNATIVE\DRIVERS\xhcdrv.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-05-12 23:14 1186968 ----a-w- c:\program files (x86)\Google\Chrome\Application\50.0.2661.102\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2016-05-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-09 23:08]
.
2016-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17 13:03]
.
2016-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17 13:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2016-04-17 18:18 1641664 ----a-w- c:\users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2016-04-17 18:18 1641664 ----a-w- c:\users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2016-04-17 18:18 1641664 ----a-w- c:\users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2016-04-17 18:18 1641664 ----a-w- c:\users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2016-04-17 18:18 1641664 ----a-w- c:\users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-05-02 11:01 2096432 ----a-w- c:\program files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-05-02 11:01 2096432 ----a-w- c:\program files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-05-02 11:01 2096432 ----a-w- c:\program files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-01-29 1340192]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2016-05-11 176952]
"StartCN"="c:\program files\AMD\CNext\CNext\RadeonSettings.exe" [2016-05-20 6564552]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\program files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.2.1
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
FF - ProfilePath - c:\users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.reddit.com/
FF - prefs.js: network.proxy.type - 0
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2016-05-30 22:12:13
ComboFix-quarantined-files.txt 2016-05-30 20:12
.
Vor Suchlauf: 14 Verzeichnis(se), 343.760.642.048 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 344.521.256.960 Bytes frei
.
- - End Of File - - 736A75C334EE3F94C3D941140EE2A2EA
A36C5E4F47E84449FF07ED3517B43A31
|
|
31.05.2016, 18:04
| #9 |
| /// TB-Ausbilder /// Anleitungs-Guru | PC führt Programme zT wahllos aus/nicht aus Hi, Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2  
Schritt 3 Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Untersuchen. Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
31.05.2016, 21:39
| #10 |
| | PC führt Programme zT wahllos aus/nicht aus Hier gabs keinen Neustart des PCs. Code:
ATTFilter # AdwCleaner v5.119 - Bericht erstellt am 31/05/2016 um 22:09:14
# Aktualisiert am 30/05/2016 von Xplode
# Datenbank : 2016-05-30.3 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Thomas - THOMAS-PC
# Gestartet von : C:\Users\Thomas\Downloads\AdwCleaner_5.119.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel gefunden : HKCU\Software\OCS
Schlüssel gefunden : HKU\S-1-5-21-758422454-1604163277-2610386603-1000\Software\OCS
***** [ Internetbrowser ] *****
*************************
C:\AdwCleaner\AdwCleaner[S1].txt - [435 Bytes] - [11/05/2016 12:16:52]
C:\AdwCleaner\AdwCleaner[S2].txt - [1049 Bytes] - [11/05/2016 12:17:55]
C:\AdwCleaner\AdwCleaner[S3].txt - [380 Bytes] - [11/05/2016 12:44:56]
C:\AdwCleaner\AdwCleaner[S4].txt - [1044 Bytes] - [31/05/2016 22:09:14]
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1117 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 31.05.2016 Suchlaufzeit: 22:27 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.05.31.04 Rootkit-Datenbank: v2016.05.27.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Thomas Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 310073 Abgelaufene Zeit: 8 Min., 4 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-05-2016 02
durchgeführt von Thomas (Administrator) auf THOMAS-PC (31-05-2016 22:38:24)
Gestartet von C:\Users\Thomas\Downloads
Geladene Profile: Thomas (Verfügbare Profile: Thomas)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
() C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Spotify Ltd) C:\Users\Thomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Flux Software LLC) C:\Users\Thomas\AppData\Local\FluxSoftware\Flux\flux.exe
() C:\Program Files (x86)\SPEEDLINK\SPEEDLINK PRIME Gaming Mouse\Gaming Mouse.exe
(Sharkoon Technologies) C:\Program Files (x86)\Skiller PRO\Monitor.EXE
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Thomas\Downloads\FRST64(1).exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-05-11] (Apple Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6564552 2016-05-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SPEEDLINK KUDOS] => C:\Program Files (x86)\SPEEDLINK\SPEEDLINK PRIME Gaming Mouse\Gaming Mouse.exe [1470464 2012-03-08] ()
HKLM-x32\...\Run: [Skiller PRO] => C:\Program Files (x86)\Skiller PRO\Monitor.exe [475136 2015-07-17] (Sharkoon Technologies)
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Run: [Spotify Web Helper] => C:\Users\Thomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-05-11] (Spotify Ltd)
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Run: [f.lux] => C:\Users\Thomas\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{7F44B7C4-C23C-4E67-B9AC-3F19997CD50C}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-05-02] (Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-05-02] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-02] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-05-02] (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-05-02] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
FireFox:
========
FF ProfilePath: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default
FF Homepage: hxxps://www.reddit.com/
FF NetworkProxy: "proxy_over_tls", false
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-05-02] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-05-02] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Extension: Reddit Enhancement Suite - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2016-04-06]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2016-05-18]
FF Extension: Adblock Plus - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-01]
Chrome:
=======
CHR HomePage: Default -> hxxps://www.twitch.tv/directory/following
CHR StartupUrls: Default -> "hxxps://www.twitch.tv/directory/following"
CHR Profile: C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-17]
CHR Extension: (YouTube) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17]
CHR Extension: (Google Mail) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-17]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-05-20] (Advanced Micro Devices) [Datei ist nicht signiert]
R2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-01-08] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2911472 2016-05-02] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-29] (Digital Wave Ltd.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [296648 2016-05-20] (Advanced Micro Devices)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [59624 2014-01-08] (Advanced Micro Devices)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2014-10-31] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [305664 2014-10-31] (VIA Technologies, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-31 22:37 - 2016-05-31 22:37 - 00001207 _____ C:\Users\Thomas\Desktop\mbam.txt
2016-05-31 22:26 - 2016-05-31 22:27 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-31 22:26 - 2016-05-31 22:26 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-05-31 22:26 - 2016-05-31 22:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-05-31 22:26 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-05-31 22:26 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-05-31 22:26 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-05-31 22:08 - 2016-05-31 22:08 - 02383872 _____ (Farbar) C:\Users\Thomas\Downloads\FRST64(1).exe
2016-05-31 22:07 - 2016-05-31 22:08 - 22851472 _____ (Malwarebytes ) C:\Users\Thomas\Downloads\mbam-setup-2.2.1.1043.exe
2016-05-31 22:07 - 2016-05-31 22:07 - 03677248 _____ C:\Users\Thomas\Downloads\AdwCleaner_5.119.exe
2016-05-30 22:12 - 2016-05-30 22:12 - 00036647 _____ C:\ComboFix.txt
2016-05-30 22:04 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2016-05-30 22:04 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2016-05-30 22:04 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-05-30 22:04 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-05-30 22:04 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-05-30 22:04 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2016-05-30 22:04 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2016-05-30 22:04 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2016-05-30 21:59 - 2016-05-30 22:12 - 00000000 ____D C:\Qoobox
2016-05-30 21:59 - 2016-05-30 22:10 - 00000000 ____D C:\Windows\erdnt
2016-05-30 21:58 - 2016-05-30 21:58 - 05659529 ____R (Swearware) C:\Users\Thomas\Downloads\ComboFix.exe
2016-05-30 21:24 - 2016-05-30 21:24 - 27650032 _____ (pdfforge GmbH ) C:\Users\Thomas\Downloads\PDFCreator-2_3_0-Setup.exe
2016-05-30 18:52 - 2016-05-31 22:38 - 00014528 _____ C:\Users\Thomas\Downloads\FRST.txt
2016-05-30 18:52 - 2016-05-30 18:53 - 00039986 _____ C:\Users\Thomas\Downloads\Addition.txt
2016-05-30 18:51 - 2016-05-30 18:51 - 02383872 _____ (Farbar) C:\Users\Thomas\Downloads\FRST64.exe
2016-05-29 23:03 - 2016-05-29 23:03 - 00000000 ____D C:\Users\Thomas\Documents\League of Legends
2016-05-28 13:57 - 2016-05-28 13:57 - 00006663 _____ C:\Users\Thomas\Downloads\Muster-Anschreiben-Naturwissenschaftler.pdf
2016-05-28 13:48 - 2016-05-28 13:48 - 00013077 _____ C:\Users\Thomas\Downloads\studentenjob_musteranschreiben.pdf
2016-05-27 15:23 - 2016-05-27 15:23 - 00003011 _____ C:\Users\Thomas\Downloads\TwitchHTML5-master.zip
2016-05-27 10:55 - 2016-05-27 10:58 - 00203436 _____ C:\TDSSKiller.3.1.0.9_27.05.2016_10.55.22_log.txt
2016-05-27 10:54 - 2016-05-27 10:55 - 00202236 _____ C:\TDSSKiller.3.1.0.9_27.05.2016_10.54.18_log.txt
2016-05-27 10:42 - 2016-05-27 10:42 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Thomas\Downloads\tdsskiller.exe
2016-05-24 16:48 - 2016-05-24 16:48 - 02684989 _____ C:\Users\Thomas\Downloads\Proteine.zip
2016-05-24 16:48 - 2016-05-24 16:48 - 00012930 _____ C:\Users\Thomas\Downloads\Aminosauren.zip
2016-05-24 16:47 - 2016-05-24 16:48 - 00051960 _____ C:\Users\Thomas\Downloads\DNA.zip
2016-05-24 16:15 - 2016-05-24 21:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-05-20 23:48 - 2016-05-20 23:48 - 00141280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2016-05-20 23:48 - 2016-05-20 23:48 - 00122704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00150544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00141280 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00125288 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2016-05-20 23:46 - 2016-05-20 23:46 - 09798560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2016-05-20 23:46 - 2016-05-20 23:46 - 08577456 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2016-05-20 23:44 - 2016-05-20 23:44 - 00296648 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2016-05-20 23:41 - 2016-05-20 23:41 - 27015680 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2016-05-20 23:35 - 2016-05-20 23:35 - 48616960 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2016-05-20 23:35 - 2016-05-20 23:35 - 00252928 _____ C:\Windows\system32\clinfo.exe
2016-05-20 23:34 - 2016-05-20 23:34 - 38098432 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2016-05-20 23:33 - 2016-05-20 23:33 - 00096256 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-05-20 23:33 - 2016-05-20 23:33 - 00087040 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-05-20 23:32 - 2016-05-20 23:32 - 27433472 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2016-05-20 23:31 - 2016-05-20 23:31 - 21600768 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2016-05-20 23:30 - 2016-05-20 23:30 - 08699392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2016-05-20 23:26 - 2016-05-20 23:26 - 06951424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2016-05-20 23:14 - 2016-05-20 23:14 - 30188032 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2016-05-20 23:13 - 2016-05-20 23:13 - 00730112 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2016-05-20 23:13 - 2016-05-20 23:13 - 00605696 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2016-05-20 23:12 - 2016-05-20 23:12 - 06965248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2016-05-20 23:12 - 2016-05-20 23:12 - 00142336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2016-05-20 23:12 - 2016-05-20 23:12 - 00117760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 05643776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 00716128 _____ C:\Windows\SysWOW64\atiapfxx.blb
2016-05-20 23:09 - 2016-05-20 23:09 - 00716128 _____ C:\Windows\system32\atiapfxx.blb
2016-05-20 23:09 - 2016-05-20 23:09 - 00385536 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2016-05-20 23:09 - 2016-05-20 23:09 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2016-05-20 23:08 - 2016-05-20 23:08 - 15711744 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2016-05-20 23:08 - 2016-05-20 23:08 - 14302720 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 24836096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 00113152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 00092160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 00038400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2016-05-20 23:04 - 2016-05-20 23:04 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2016-05-20 23:02 - 2016-05-20 23:02 - 00588288 _____ (AMD) C:\Windows\system32\atieclxx.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2016-05-20 23:02 - 2016-05-20 23:02 - 00306688 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00274432 _____ C:\Windows\system32\dgtrayicon.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00258560 _____ C:\Windows\system32\GameManager64.dll
2016-05-20 23:02 - 2016-05-20 23:02 - 00230912 _____ C:\Windows\system32\amdgfxinfo64.dll
2016-05-20 23:02 - 2016-05-20 23:02 - 00212480 _____ C:\Windows\system32\atieah64.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00202752 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2016-05-20 23:02 - 2016-05-20 23:02 - 00190464 _____ C:\Windows\SysWOW64\atieah32.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00093696 _____ (AMD) C:\Windows\system32\atimuixx.dll
2016-05-20 23:01 - 2016-05-20 23:01 - 00270336 _____ (AMD) C:\Windows\system32\atitmm64.dll
2016-05-20 22:59 - 2016-05-20 22:59 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2016-05-20 22:57 - 2016-05-20 22:57 - 01304576 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00973824 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00973824 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00498176 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2016-05-20 22:57 - 2016-05-20 22:57 - 00185344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00159232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00119808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00106496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00101376 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2016-05-20 22:56 - 2016-05-20 22:56 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2016-05-20 22:55 - 2016-05-20 22:55 - 00251392 _____ C:\Windows\system32\hsa-thunk64.dll
2016-05-20 22:55 - 2016-05-20 22:55 - 00217088 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2016-05-20 17:21 - 2016-05-20 17:21 - 02412544 _____ C:\Windows\system32\amdacpusl.pdb
2016-05-20 17:12 - 2016-05-20 17:12 - 00364544 _____ (Advanced Micro Devices) C:\Windows\system32\amdacpusl.dll
2016-05-20 17:12 - 2016-05-20 17:12 - 00306176 _____ C:\Windows\system32\amdacpusl.pdb.pub
2016-05-20 17:12 - 2016-05-20 17:12 - 00248832 _____ (Advanced Micro Devices) C:\Windows\SysWOW64\amdacpusl.dll
2016-05-18 20:03 - 2016-04-14 18:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-05-18 20:03 - 2016-04-14 18:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-05-18 20:03 - 2016-04-14 18:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-05-18 20:03 - 2016-04-14 18:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-05-18 20:03 - 2016-04-14 18:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-05-18 20:03 - 2016-04-14 18:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-05-18 20:03 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-05-18 20:03 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-05-18 20:03 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-05-18 20:03 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-05-18 20:03 - 2016-04-14 17:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-05-18 20:03 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-05-18 20:03 - 2016-04-12 03:23 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-05-18 20:03 - 2016-04-12 03:23 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-18 20:03 - 2016-04-12 03:20 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-05-18 20:03 - 2016-04-12 03:01 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-05-18 20:03 - 2016-04-12 03:01 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-18 20:03 - 2016-04-12 03:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-05-18 20:03 - 2016-04-12 02:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-18 20:03 - 2016-04-12 02:43 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-18 20:03 - 2016-04-12 02:43 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-18 20:03 - 2016-04-12 02:43 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-18 20:03 - 2016-04-12 02:42 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-18 20:03 - 2016-04-12 02:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-05-18 20:03 - 2016-04-12 02:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-05-18 20:03 - 2016-04-09 08:58 - 14186496 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-05-18 20:03 - 2016-04-09 08:57 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-05-18 20:03 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-05-18 20:03 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-05-18 20:03 - 2016-04-09 07:53 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-05-18 20:03 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-05-18 18:32 - 2016-05-18 18:32 - 00000000 ____D C:\Users\Thomas\Documents\UnrealTournament
2016-05-18 18:32 - 2016-05-18 18:32 - 00000000 ____D C:\Users\Thomas\AppData\Local\UnrealTournament
2016-05-18 17:14 - 2016-05-18 18:48 - 00000000 ____D C:\Program Files\Epic Games
2016-05-18 17:04 - 2016-05-18 17:04 - 00000000 ____D C:\Users\Thomas\AppData\Local\UnrealEngineLauncher
2016-05-18 17:03 - 2016-05-18 17:03 - 00000000 ____D C:\Users\Thomas\AppData\Local\UnrealEngine
2016-05-18 17:03 - 2016-05-18 17:03 - 00000000 ____D C:\Users\Thomas\AppData\Local\EpicGamesLauncher
2016-05-18 17:02 - 2016-05-18 17:05 - 00002517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2016-05-18 17:02 - 2016-05-18 17:05 - 00002505 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2016-05-18 17:02 - 2016-05-18 17:04 - 00000000 ____D C:\ProgramData\Epic
2016-05-18 17:02 - 2016-05-18 17:02 - 00000000 ____D C:\Program Files (x86)\Epic Games
2016-05-18 17:01 - 2016-05-18 17:01 - 33619968 _____ C:\Users\Thomas\Downloads\EpicGamesLauncherInstaller-2.11.9-2970807.msi
2016-05-17 20:38 - 2016-05-17 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-05-17 20:38 - 2016-05-17 20:38 - 00000000 ____D C:\Program Files\iTunes
2016-05-17 20:38 - 2016-05-17 20:38 - 00000000 ____D C:\Program Files\iPod
2016-05-17 20:38 - 2016-05-17 20:38 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-05-16 20:25 - 2016-05-16 20:27 - 63261230 _____ C:\Users\Thomas\Downloads\Fest & Flauschig - Aufbau West mit Olli Schulz und Jan Böhmermann.m4a
2016-05-15 00:14 - 2016-05-15 00:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-15 00:07 - 2016-05-15 00:08 - 22851472 _____ (Malwarebytes ) C:\Users\Thomas\Downloads\mbam-setup-computerbild.8000-2.2.1.1043.exe
2016-05-15 00:02 - 2016-05-15 00:02 - 00985600 _____ C:\Users\Thomas\Downloads\MicrosoftFixit50123.msi
2016-05-14 18:41 - 2016-05-14 18:41 - 01622481 _____ C:\Users\Thomas\Downloads\Dissertation_R_Nobis_ThULB.pdf
2016-05-14 13:18 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-14 13:18 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-14 13:18 - 2015-12-20 20:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-05-14 13:18 - 2015-12-20 20:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-05-14 13:18 - 2015-12-20 16:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-05-14 13:18 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-05-14 13:18 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2016-05-14 13:18 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2016-05-14 13:18 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-05-14 13:18 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2016-05-14 13:18 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2016-05-14 13:18 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2016-05-14 13:18 - 2014-12-11 19:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2016-05-14 13:18 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-05-14 13:18 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-05-14 13:18 - 2012-06-01 07:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2016-05-14 13:18 - 2012-06-01 07:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2016-05-14 13:18 - 2012-06-01 07:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2016-05-14 13:18 - 2012-06-01 07:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2016-05-14 13:18 - 2012-06-01 07:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2016-05-14 13:18 - 2012-06-01 07:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2016-05-14 13:18 - 2012-06-01 06:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2016-05-14 13:18 - 2012-06-01 06:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2016-05-14 13:18 - 2012-06-01 06:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2016-05-14 13:18 - 2012-06-01 06:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2016-05-14 13:18 - 2012-06-01 06:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2016-05-14 13:18 - 2012-06-01 06:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2016-05-14 13:17 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-14 13:17 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-14 00:33 - 2015-11-10 20:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-05-14 00:33 - 2015-11-10 20:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-05-14 00:33 - 2015-11-10 20:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-05-14 00:33 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-05-14 00:33 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-05-14 00:28 - 2015-12-08 23:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-05-14 00:28 - 2015-12-08 21:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-05-14 00:28 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-05-14 00:28 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-05-14 00:01 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2016-05-14 00:01 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-05-14 00:01 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-05-14 00:01 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2016-05-14 00:01 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2016-05-14 00:01 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2016-05-14 00:01 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2016-05-14 00:01 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2016-05-14 00:01 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2016-05-14 00:01 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2016-05-14 00:00 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2016-05-14 00:00 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2016-05-14 00:00 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2016-05-14 00:00 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2016-05-13 23:59 - 2016-05-13 23:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-05-13 23:59 - 2016-05-13 23:59 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-05-13 23:59 - 2016-05-13 23:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-05-13 23:56 - 2015-12-16 20:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-05-13 23:56 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-05-13 23:56 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-05-13 23:56 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-05-13 23:56 - 2015-12-16 20:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-05-13 23:56 - 2015-12-16 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-05-13 23:56 - 2015-12-16 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-05-13 23:56 - 2015-12-16 20:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-05-13 23:56 - 2015-12-16 16:38 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2016-05-13 23:56 - 2015-12-16 16:37 - 00419928 _____ C:\Windows\system32\locale.nls
2016-05-13 23:56 - 2015-08-05 19:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2016-05-13 23:56 - 2015-08-05 19:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-05-13 23:54 - 2016-03-09 21:00 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-05-13 23:54 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-05-13 23:54 - 2016-03-09 20:40 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-05-13 23:54 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-05-13 23:49 - 2016-05-13 23:53 - 00000000 ____D C:\Windows\system32\MRT
2016-05-13 23:49 - 2016-05-13 23:49 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-13 23:28 - 2016-05-13 23:28 - 00000000 ____D C:\Windows\SysWOW64\BestPractices
2016-05-13 23:28 - 2016-05-13 23:28 - 00000000 ____D C:\Windows\system32\BestPractices
2016-05-13 23:28 - 2016-05-13 23:28 - 00000000 ____D C:\inetpub
2016-05-13 11:35 - 2016-05-26 17:58 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-13 11:35 - 2016-05-26 17:58 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-11 23:37 - 2016-05-11 23:37 - 00000000 ____D C:\Users\Thomas\AppData\Local\GWX
2016-05-11 14:13 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-11 14:13 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-11 14:13 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-11 14:13 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-11 14:13 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-11 14:13 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-05-11 14:13 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-05-11 14:13 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-05-11 14:13 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-11 14:13 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-11 14:13 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-11 14:13 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-11 14:13 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-11 14:13 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-11 14:13 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-11 14:13 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-05-11 14:13 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-05-11 14:13 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-05-11 14:13 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-05-11 14:13 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-11 14:13 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-05-11 14:13 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-05-11 13:27 - 2016-05-11 13:27 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\library_dir
2016-05-11 12:47 - 2016-05-31 22:38 - 00000000 ____D C:\FRST
2016-05-11 12:18 - 2016-05-11 12:45 - 00001536 _____ C:\Users\Thomas\Desktop\JRT.txt
2016-05-11 12:16 - 2016-05-31 22:09 - 00000000 ____D C:\AdwCleaner
2016-05-11 11:03 - 2016-05-11 11:03 - 00000000 ____D C:\Program Files (x86)\ESET
2016-05-11 00:41 - 2016-05-11 00:41 - 00096256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2016-05-11 00:40 - 2016-05-11 00:40 - 00103424 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2016-05-11 00:36 - 2016-05-20 23:12 - 00865280 _____ (AMD) C:\Windows\system32\coinst_16.20.dll
2016-05-11 00:36 - 2016-05-11 00:36 - 00865280 _____ (AMD) C:\Windows\system32\SETE622.tmp
2016-05-10 23:37 - 2016-05-31 22:26 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-05-10 23:06 - 2016-05-13 23:13 - 00967006 _____ C:\Windows\ntbtlog.txt
2016-05-09 07:05 - 2016-05-09 07:05 - 00874790 _____ C:\Windows\system32\amdicdxx.dat
2016-05-08 12:49 - 2016-05-08 12:49 - 00000000 ___HD C:\ProgramData\CanonIJETV
2016-05-08 12:49 - 2016-05-08 12:49 - 00000000 ____D C:\Program Files (x86)\Canon
2016-05-08 12:14 - 2016-05-08 12:14 - 00000000 ____H C:\Users\Thomas\Documents\Default.rdp
2016-05-07 13:23 - 2016-05-07 13:23 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\WinRAR
2016-05-07 12:51 - 2016-05-11 11:04 - 00000000 ___RD C:\Users\Thomas\Documents\Scanned Documents
2016-05-07 12:51 - 2016-05-07 12:51 - 00000000 ____D C:\Users\Thomas\Documents\Fax
2016-05-06 22:45 - 2016-05-06 22:45 - 00368416 _____ C:\Windows\system32\ativvaxy_el_nd.dat
2016-05-06 16:11 - 2016-05-07 11:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-01 15:50 - 2016-05-24 22:07 - 00000000 ____D C:\Users\Thomas\Desktop\Rea
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-31 22:14 - 2016-04-17 15:03 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-31 22:08 - 2016-04-10 00:44 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-31 22:08 - 2009-07-14 06:45 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-31 22:08 - 2009-07-14 06:45 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-31 21:34 - 2016-04-06 20:55 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\TS3Client
2016-05-31 19:11 - 2016-04-17 20:58 - 00000000 ____D C:\Users\Thomas\AppData\LocalLow\Temp
2016-05-31 16:24 - 2011-04-12 09:43 - 01364946 _____ C:\Windows\system32\perfh007.dat
2016-05-31 16:24 - 2011-04-12 09:43 - 00353018 _____ C:\Windows\system32\perfc007.dat
2016-05-31 16:24 - 2009-07-14 07:13 - 00006408 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-31 16:19 - 2016-04-06 21:40 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-31 16:18 - 2016-04-17 15:03 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-31 16:18 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-30 22:33 - 2016-04-07 15:20 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-05-30 22:10 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2016-05-30 20:55 - 2016-04-06 19:37 - 00000000 ____D C:\Users\Thomas\AppData\Local\VirtualStore
2016-05-29 22:36 - 2016-04-06 22:57 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Skype
2016-05-28 11:45 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-05-25 17:21 - 2016-04-06 21:49 - 00004230 _____ C:\Windows\System32\Tasks\AMD Updater
2016-05-25 17:02 - 2016-04-06 21:43 - 00000000 ____D C:\Program Files (x86)\AMD
2016-05-25 17:02 - 2016-04-06 21:42 - 00000000 ____D C:\Program Files\AMD
2016-05-25 17:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-25 17:00 - 2016-04-06 21:40 - 00000000 ____D C:\AMD
2016-05-25 16:18 - 2016-04-06 20:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-23 19:53 - 2016-04-06 21:29 - 00000000 ____D C:\Users\Thomas\AppData\Local\Spotify
2016-05-23 19:53 - 2016-04-06 21:28 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Spotify
2016-05-22 22:05 - 2016-04-07 16:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-20 23:47 - 2016-04-04 06:16 - 00166488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2016-05-20 23:47 - 2016-04-04 06:16 - 00137136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 10694160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 08876704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 08865344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 01511680 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 01242832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 00123776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2016-05-20 23:46 - 2016-04-04 06:15 - 06999496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2016-05-20 23:02 - 2016-04-04 03:57 - 00223744 _____ C:\Windows\SysWOW64\GameManager32.dll
2016-05-19 14:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-05-18 17:04 - 2016-04-06 21:14 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-18 14:11 - 2016-04-17 19:59 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-18 14:10 - 2016-04-17 19:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-05-17 21:05 - 2014-01-11 18:52 - 00000000 ____D C:\Users\Thomas\Desktop\#I so'n Shit
2016-05-17 20:38 - 2016-04-06 21:21 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-05-17 14:19 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-05-16 20:25 - 2016-04-16 17:36 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\DVDVideoSoft
2016-05-14 23:29 - 2009-07-14 06:45 - 00424696 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-14 23:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2016-05-14 23:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2016-05-14 02:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-05-13 23:28 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-05-13 23:18 - 2014-08-09 16:19 - 00000000 ___RD C:\Users\Thomas\Dropbox
2016-05-13 23:14 - 2016-04-06 21:53 - 00000000 ____D C:\Users\Thomas\AppData\Local\ElevatedDiagnostics
2016-05-13 11:35 - 2016-04-10 15:23 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-13 01:15 - 2016-04-17 15:04 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-13 01:08 - 2016-04-10 00:44 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 01:08 - 2016-04-10 00:44 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 01:08 - 2016-04-10 00:44 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-12 22:54 - 2016-04-06 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-05-11 14:09 - 2016-04-17 15:03 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 14:09 - 2016-04-17 15:03 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-11 11:46 - 2016-04-08 16:36 - 00000000 ____D C:\Users\Thomas\AppData\Local\Apps\2.0
2016-05-11 11:45 - 2016-04-09 11:54 - 00000000 ____D C:\Users\Thomas\AppData\Local\Downloaded Installations
2016-05-11 11:42 - 2016-04-06 21:00 - 00000000 ____D C:\60123cffff02c322a6
2016-05-11 01:09 - 2016-04-04 06:16 - 00166488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETDE39.tmp
2016-05-11 01:09 - 2016-04-04 06:15 - 01510144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETDEAA.tmp
2016-05-10 20:25 - 2016-04-07 16:27 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-08 12:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-04-06 21:12 - 2016-04-06 21:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-05-28 19:50
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-05-2016 02
durchgeführt von Thomas (2016-05-31 22:38:42)
Gestartet von C:\Users\Thomas\Downloads
Windows 7 Professional Service Pack 1 (X64) (2016-04-06 17:37:00)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-758422454-1604163277-2610386603-500 - Administrator - Disabled)
Gast (S-1-5-21-758422454-1604163277-2610386603-501 - Limited - Disabled)
Thomas (S-1-5-21-758422454-1604163277-2610386603-1000 - Administrator - Enabled) => C:\Users\Thomas
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ACD/Labs Freeware in C:\ACD2015FREE\ (HKLM-x32\...\ACDLabs in C__ACD2015FREE_) (Version: v14.00, FREE - ACD/Labs)
ACP Application (Version: 2016.0520.1712.17 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{34D5220A-58D0-473C-90E4-15136C3FB0E3}) (Version: 4.3.1.0690 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Epic Games Launcher (HKLM-x32\...\{CA4F7840-CC89-451D-8453-392F2EDAA605}) (Version: 1.1.70.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
f.lux (HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Flux) (Version: - )
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.6.328 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
iTunes (HKLM\...\{58D7E5F7-BAD1-49C5-93C8-B655736EDA00}) (Version: 12.4.0.119 - Apple Inc.)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.6868.2062 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Mozilla Thunderbird 45.1.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.0 (x86 de)) (Version: 45.1.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Skiller PRO (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 2.1.15.6 - Sharkoon Technologies)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
SPEEDLINK PRIME Gaming Mouse (HKLM-x32\...\SPEEDLINK KUDOS) (Version: - )
Spotify (HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-758422454-1604163277-2610386603-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-758422454-1604163277-2610386603-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {15FE0B6C-6F9D-4CE1-98EF-E2F5F33A4845} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-02] (Microsoft Corporation)
Task: {27D6393D-4FA7-49C0-BE3D-07B63F1744C5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {29C10ED2-A5DB-47E4-90CB-64F2328E12F5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {2B3D71FA-7E23-4D26-825C-F593771E4CD8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {49C0D252-62E5-45C7-9C09-CDD4CEDA94DA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-05] (Microsoft Corporation)
Task: {80B348DC-5F01-49E8-BC90-AD93FFCEEA62} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-05] (Microsoft Corporation)
Task: {9304EBB5-82CD-4F09-B853-E07F96DD2FAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17] (Google Inc.)
Task: {D122ABCC-35C0-4196-9705-4C9E5608F49A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-05-05] (Microsoft Corporation)
Task: {DAF3A632-9FB4-418A-9FFA-AE2B117D2E43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17] (Google Inc.)
Task: {E81E985F-3881-447F-B0A0-40F0625F0B5B} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-05-20] (Advanced Micro Devices, Inc.)
Task: {FF1C5EBB-E5CD-4FA8-A11A-41021CA2DD57} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-02] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-08-30 19:47 - 2013-08-30 19:47 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-22 14:41 - 2012-10-22 14:41 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-22 14:42 - 2012-10-22 14:42 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-01-08 06:46 - 2014-01-08 06:46 - 00137584 _____ () C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-17 19:56 - 2016-05-02 04:01 - 00417472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2012-03-08 05:12 - 2012-03-08 05:12 - 01470464 _____ () C:\Program Files (x86)\SPEEDLINK\SPEEDLINK PRIME Gaming Mouse\Gaming Mouse.exe
2014-01-08 06:47 - 2014-01-08 06:47 - 00625000 _____ () C:\Program Files (x86)\AMD\OverDrive\Device.dll
2014-01-08 06:48 - 2014-01-08 06:48 - 03860848 _____ () C:\Program Files (x86)\AMD\OverDrive\Platform.dll
2014-01-08 06:49 - 2014-01-08 06:49 - 01587560 _____ () C:\Program Files (x86)\AMD\OverDrive\QtCore4.dll
2014-01-08 06:49 - 2014-01-08 06:49 - 06441320 _____ () C:\Program Files (x86)\AMD\OverDrive\QtGui4.dll
2014-01-08 06:50 - 2014-01-08 06:50 - 00362856 _____ () C:\Program Files (x86)\AMD\OverDrive\QtXml4.dll
2016-04-16 17:36 - 2016-03-29 00:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-04-16 17:36 - 2016-03-29 00:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-04-16 17:36 - 2016-03-29 00:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-04-16 17:36 - 2016-03-29 00:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-04-16 17:36 - 2016-03-29 00:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-04-16 17:36 - 2016-03-29 00:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-04-04 03:57 - 2016-05-20 23:02 - 00223744 _____ () C:\Windows\SysWOW64\GameManager32.dll
2016-04-06 21:42 - 2016-04-29 22:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-04-06 21:42 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-04-06 21:42 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-04-06 21:42 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-04-06 21:42 - 2016-04-30 02:10 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2016-04-06 21:42 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-04-06 21:42 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-04-06 21:42 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-04-06 21:42 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-04-06 21:42 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-04-06 21:42 - 2016-04-30 02:10 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-04-06 21:42 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-04-24 12:18 - 2015-07-20 17:15 - 00057344 _____ () C:\Program Files (x86)\Skiller PRO\lan.dll
2016-04-24 12:18 - 2012-08-14 22:41 - 00061440 _____ () C:\Program Files (x86)\Skiller PRO\hiddriver.dll
2016-04-06 21:42 - 2016-04-28 03:00 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-06 21:42 - 2015-09-25 01:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2016-05-13 01:15 - 2016-05-11 13:48 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-13 01:15 - 2016-05-11 13:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll
2016-05-13 01:15 - 2016-05-11 13:48 - 17565848 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2016-05-30 22:09 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{1BCAC893-CFF5-4B9B-B850-44B7676B9E6C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7111D390-46B3-475F-80D1-301F5CDBB677}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A4AB2E0E-53C0-4177-9A3E-20002042C1D7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C4571AB8-9671-4363-B564-69DB43825264}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2FAD3544-A9CF-429F-BBC3-0A9ABF814914}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{36A774A3-45F8-474F-A081-87A5A9C1E404}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5AACE038-93F5-4799-9AE6-F166A1ADCEC0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D17EAD2D-00F5-4473-9873-7CBF0C0914D2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E76E4D58-B87C-4CED-9F5B-711B2906D389}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AC3BC60B-C4A3-4230-BDA5-4AD011A42F8C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{93B56332-F08C-4B6B-93F4-A3F34F9C5A36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{200E9D49-D84B-4235-A117-7685E9F00AD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6867D683-685D-4382-9E43-7C6CDDB4BE9D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{25B354C7-1BA0-4185-B445-EC8D1A210A17}C:\users\thomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E44951C8-D687-4754-8D0B-8AB1B23EF7F4}C:\users\thomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9C60BA12-94B0-4E54-BF18-5AB6F5E4C1F3}] => (Block) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{39537144-DD55-4166-9463-33EF7C683842}] => (Block) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9EDC795F-272A-4EB3-AD00-1A91DCDE93CA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{BBA74933-FA30-4DA3-B21A-25D571817B41}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{B012F289-0C94-4CA8-AB32-1DA7A4B769E8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{0E1C8AF4-9E36-458A-9836-A67DE07796CD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{04A0DEE9-698B-445C-951D-BD6AA2D243AA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{9B4A8547-A8A2-43E3-8D3E-DDFA4F740689}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{4413B138-BB2B-4F17-80EE-0A27F117B626}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{040FD958-5701-424B-97AD-F962EEC8BA2D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{372EBF4E-BDA0-41FF-AD6C-53B78DC18B73}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{38C4DFE6-9166-4F9E-AE16-FF8F0FE2A98D}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{84C52CDD-7C66-403F-BE49-BDEA926B5BF2}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{FC285D08-4A1A-4901-9CC9-CB28AF2F5DF1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{99DFCD0E-F2CD-4A9E-B724-E5E25AFD6C69}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{740FCBC3-A4D3-4A3D-B3CC-5E656DCC5FE9}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{799231B6-3B0E-4909-B188-F152276B6C49}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{A038B329-29C2-4041-A19D-56B47D5FAAA1}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{45A133EC-4E01-4B76-8709-DCCA7F6B7F2A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{3CF14EA0-D892-424E-9C74-BA1EFD3D93D6}C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{902BD277-E7B5-441E-9F6F-C61AF6AF7FA9}C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [TCP Query User{047EECAB-C51C-4DED-BDDF-29B8FB1CA506}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{AD5FA729-B796-401F-BC28-C4ED603C9B9A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{9B9F5C7C-6F5B-4058-BE3C-79408F2C3002}C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Block) C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{7ECDD799-55F7-4B0D-B7FF-8ECB77C4038B}C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Block) C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
==================== Wiederherstellungspunkte =========================
22-05-2016 22:04:55 Windows Update
25-05-2016 17:01:36 Gerätetreiber-Paketinstallation: Advanced Micro Devices, Inc. Grafikkarte
26-05-2016 17:20:16 Windows Update
26-05-2016 17:58:52 Windows Update
30-05-2016 18:51:48 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/31/2016 04:24:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (05/31/2016 04:24:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (05/31/2016 04:24:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (05/31/2016 04:19:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/31/2016 04:18:06 PM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description: ATI EEU Client event error
Error: (05/31/2016 01:48:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (05/31/2016 01:48:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (05/31/2016 01:48:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (05/31/2016 01:44:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/31/2016 01:42:24 PM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description: ATI EEU Client event error
Systemfehler:
=============
Error: (05/31/2016 04:18:05 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 31.05.2016 um 16:05:12 unerwartet heruntergefahren.
Error: (05/30/2016 10:13:32 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (05/30/2016 10:10:02 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (05/30/2016 10:09:34 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (05/30/2016 10:07:19 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (05/30/2016 06:50:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.
Error: (05/29/2016 09:47:48 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.
Error: (05/29/2016 07:20:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.
Error: (05/29/2016 12:27:01 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.
Error: (05/28/2016 08:09:59 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.
CodeIntegrity:
===================================
Date: 2016-05-30 22:09:34.734
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2016-05-30 22:09:34.703
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: AMD FX-8320E Eight-Core Processor
Prozentuale Nutzung des RAM: 19%
Installierter physikalischer RAM: 16350.65 MB
Verfügbarer physikalischer RAM: 13159.19 MB
Summe virtueller Speicher: 32699.48 MB
Verfügbarer virtueller Speicher: 28958.03 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:465.76 GB) (Free:320.67 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 85DD657B)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
01.06.2016, 17:14
| #11 |
| /// TB-Ausbilder /// Anleitungs-Guru | PC führt Programme zT wahllos aus/nicht aus Jetzt bitte Suchscan durchführen: Schritt 1 ESET Online Scanner
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
01.06.2016, 21:15
| #12 |
| | PC führt Programme zT wahllos aus/nicht ausCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=081b7b8b569ba142843906a309371537
# end=init
# utc_time=2016-06-01 07:19:56
# local_time=2016-06-01 09:19:56 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 29663
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=081b7b8b569ba142843906a309371537
# end=updated
# utc_time=2016-06-01 07:24:42
# local_time=2016-06-01 09:24:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=081b7b8b569ba142843906a309371537
# engine=29663
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-06-01 08:11:49
# local_time=2016-06-01 10:11:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 4774473 87795903 0 0
# scanned=189366
# found=2
# cleaned=0
# scan_time=2826
sh=552464E3A61B57248E7ABBB9E78047923105E150 ft=1 fh=8e19f37ab9b5e3fe vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Thomas\Downloads\PDFCreator-2_3_0-Setup.exe"
sh=EF0D95CF84D486678CAA0D206D92A2609F7E316A ft=0 fh=0000000000000000 vn="Variante von Android/TrojanSMS.Agent.AFO Trojaner" ac=I fn="C:\Users\Thomas\Dropbox\.dropbox.cache\2015-09-09\DHL (deleted 1d503688f8133ecab530754041072695).apk"
|
|
02.06.2016, 11:02
| #13 |
| /// TB-Ausbilder /// Anleitungs-Guru | PC führt Programme zT wahllos aus/nicht ausGibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
02.06.2016, 16:46
| #14 |
| | PC führt Programme zT wahllos aus/nicht aus Die Probleme haben sich gelegt. |
|
02.06.2016, 18:13
| #15 |
| /// TB-Ausbilder /// Anleitungs-Guru | PC führt Programme zT wahllos aus/nicht aus OK, bitte noch ein frisches Log... Schritt 1 Bitte starte FRST erneut, und drücke auf Untersuchen. Bitte poste mir den Inhalt des Logs.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
| Themen zu PC führt Programme zT wahllos aus/nicht aus |
| administrator, cs:go, defender, desktop, dnsapi.dll, explorer, firefox, firewall, flash player, homepage, langsam, mozilla, mp3, office 365, programme, prozesse, registry, scan, security, services.exe, svchost.exe, system, taskleiste, teamspeak, udp, updates, windows, winlogon.exe |
Linear-Darstellung
