| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trotux.com redirect Virus eingefangenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
05.09.2016, 22:52
| #1 |
| |  Trotux.com redirect Virus eingefangen Hallo, ich habe mir vor ca. 3Std die Toolbar Trotux.com durch versehentliches drücken des falschen download Buttons installiert. Jetzt staret Firefox immer mit der Toolbar und Russischer Werbung  Ein GameLauncher mit einem bunten Würfel als icon wurde ebenfalls intalliert, jedoch ließ sich der Launcher normal deinstallieren. Bis jetzt habe ich: -Den Win10 Defender durchlaufen lassen (was nichts gebracht hat) -Den Autostart von 6 unbekannten Programmen deaktiviert (alle haben dasselbe Installaionsdatum) -4 Dateien über den Taskmanager gefunden -4 Programme versucht zu deinstallieren wovon eins sich nicht deinstallieren lässt -Mal die Anleitung ,Trotux.com redirect Virus entfernen´ überflogen -FRST.txt und Addition.txt erstellt Der Pfad der neuen Dateien die ich gefunden hab: C:\Users\Rechenknecht\AppData\Roaming\GameLauncher\Seviler C:\Users\MS.Default\Helper.3 C:\Users\MS.Default\Helper.4 C:\Users\MS.Default\Helper.5 Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
durchgeführt von Rechenknecht (Administrator) auf DESKTOP-ED2S725 (05-09-2016 23:38:34)
Gestartet von C:\Users\Rechenknecht\Desktop
Geladene Profile: Rechenknecht (Verfügbare Profile: Rechenknecht)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(VMware, Inc.) C:\Windows\syswow64\vmnetdhcp.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(VMware, Inc.) C:\Windows\syswow64\vmnat.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\SOEasy.3\SSoEasyySvc3.exe
() C:\Program Files (x86)\SOEasy.4\SSoEasyySvc4.exe
() C:\Program Files (x86)\SOEasy.5\SSoEasyySvc5.exe
() C:\Users\MS.Default\Helper.3\Helper33.exe
() C:\Users\MS.Default\Helper.4\Helper44.exe
() C:\Users\MS.Default\Helper.5\Helper55.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
() C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(AddGadgets) C:\Users\Rechenknecht\AppData\Local\Temp\PCMeter\PCMeterV4\PCMeterV0.4.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Windows\syswow64\HsMgr.exe
(CMedia) C:\Program Files\ASUS Xonar DGX Audio\Customapp\AsusAudioCenter.exe
() C:\Windows\System\HsMgr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Spotify Ltd) C:\Users\Rechenknecht\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\syswow64\rundll32.exe
(Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Gold Click Ltd) C:\Users\Rechenknecht\AppData\Roaming\ProxyGate\Cloud.exe
(Gold Click Ltd) C:\Users\Rechenknecht\AppData\Roaming\ProxyGate\PGChk.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(Microsoft Corporation) C:\Windows\syswow64\wbem\WmiPrvSE.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer64.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Farbar) C:\Users\Rechenknecht\Desktop\FRST64(1).exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248 2015-12-17] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-12-17] (Realtek Semiconductor)
HKLM\...\Run: [Cmaudio8788] => C:\WINDOWS\Syswow64\cmicnfgp.dll [13463552 2014-03-11] (C-Media Corporation)
HKLM\...\Run: [Cmaudio8788GX] => C:\WINDOWS\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\WINDOWS\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [14885552 2016-03-23] (Corsair Components, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25197248 2016-08-30] (Dropbox, Inc.)
HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\Run: [Spotify Web Helper] => C:\Users\Rechenknecht\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1555056 2016-08-07] (Spotify Ltd)
HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\Run: [Spotify] => C:\Users\Rechenknecht\AppData\Roaming\Spotify\Spotify.exe [6937200 2016-08-07] (Spotify Ltd)
HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\Run: [ProxyGate] => C:\Users\Rechenknecht\AppData\Roaming\ProxyGate\MainService.exe [1142880 2016-01-10] (Gold Click Ltd)
HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\Run: [iklado] => C:\Users\Rechenknecht\AppData\Local\iklado.dll [233984 2016-09-05] () <===== ACHTUNG
HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\RunOnce: [Uninstall C:\Users\Rechenknecht\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rechenknecht\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.)
Startup: C:\Users\Rechenknecht\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar170.lnk [2016-09-05]
ShortcutTarget: Sidebar170.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 80.69.96.12 81.210.129.4
Tcpip\..\Interfaces\{15b81e0a-651f-43bb-9e8a-cdc94c751aa2}: [DhcpNameServer] 80.69.96.12 81.210.129.4
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-09-05] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Rechenknecht\AppData\Roaming\Profiles\mz6aizdp.default
FF NewTab: hxxp://www.trotux.com/?z=a50d4b78833480512c22624g6z1m7c8g8ecg3zaq2e&from=isr&uid=ST1000DM003-1ER162_S4Y04G2PXXXXS4Y04G2P&type=hp
FF DefaultSearchEngine: trotux
FF DefaultSearchEngine.US: data:text/plain,browser.search.defaultenginename.US=trotux
FF SelectedSearchEngine: trotux
FF Homepage: hxxp://www.trotux.com/?z=a50d4b78833480512c22624g6z1m7c8g8ecg3zaq2e&from=isr&uid=ST1000DM003-1ER162_S4Y04G2PXXXXS4Y04G2P&type=hp
FF Keyword.URL: hxxp://www.trotux.com/search/?z=a50d4b78833480512c22624g6z1m7c8g8ecg3zaq2e&from=isr&uid=ST1000DM003-1ER162_S4Y04G2PXXXXS4Y04G2P&type=sp&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-09-05] (Microsoft Corporation)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF SearchPlugin: C:\Users\Rechenknecht\AppData\Roaming\Profiles\mz6aizdp.default\searchplugins\p9hat3gy.xml [2016-09-05]
FF Extension: (Personas Plus) - C:\Users\Rechenknecht\AppData\Roaming\Mozilla\Firefox\Profiles\x55snbvs.default\Extensions\personas@christopher.beard.xpi [2016-07-29]
FF Extension: (ProxTube - Gesperrte YouTube Videos entsperren) - C:\Users\Rechenknecht\AppData\Roaming\Mozilla\Firefox\Profiles\x55snbvs.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2016-08-17]
FF Extension: (Adblock Plus) - C:\Users\Rechenknecht\AppData\Roaming\Mozilla\Firefox\Profiles\x55snbvs.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-29]
FF Extension: (GsearchFinder) - C:\Users\Rechenknecht\AppData\Roaming\Profiles\mz6aizdp.default\Extensions\@90B817C8-8A5C-413B-9DDD-B2C61ED6E79A.xpi [2016-09-05]
FF Extension: (Personas Plus) - C:\Users\Rechenknecht\AppData\Roaming\Profiles\mz6aizdp.default\Extensions\personas@christopher.beard.xpi [2016-07-29]
FF Extension: (ProxTube - Gesperrte YouTube Videos entsperren) - C:\Users\Rechenknecht\AppData\Roaming\Profiles\mz6aizdp.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2016-08-17]
FF Extension: (Adblock Plus) - C:\Users\Rechenknecht\AppData\Roaming\Profiles\mz6aizdp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-29]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-24] () [Datei ist nicht signiert]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2014-03-13] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2014-03-13] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2014-03-13] (ASUSTeK Computer Inc.) [Datei ist nicht signiert]
R4 BSSoEasySvc3; C:\Program Files (x86)\SOEasy.3\SSoEasyySvc3.exe [179204 2016-09-05] () [Datei ist nicht signiert]
R4 BSSoEasySvc4; C:\Program Files (x86)\SOEasy.4\SSoEasyySvc4.exe [179204 2016-09-05] () [Datei ist nicht signiert]
R4 BSSoEasySvc5; C:\Program Files (x86)\SOEasy.5\SSoEasyySvc5.exe [179204 2016-09-05] () [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2981056 2016-08-11] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-04] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-04] (Dropbox, Inc.)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [249320 2015-12-17] (DTS, Inc)
S4 GohghwuersCldcmn.exe; C:\Program Files (x86)\Vurationrirole\GohghwuersCldcmn.exe [375384 2016-09-05] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-09] (Electronic Arts)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [652240 2016-07-14] (Wacom Technology, Corp.)
R4 ZSHelper33; C:\Users\MS.Default\Helper.3\Helper33.exe [179204 2016-09-05] () [Datei ist nicht signiert]
R4 ZSHelper44; C:\Users\MS.Default\Helper.4\Helper44.exe [179204 2016-09-05] () [Datei ist nicht signiert]
R4 ZSHelper55; C:\Users\MS.Default\Helper.5\Helper55.exe [179204 2016-09-05] () [Datei ist nicht signiert]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [23240 2016-05-20] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R0 asstor64; C:\Windows\System32\drivers\asstor64.sys [83792 2015-09-28] (Asmedia Technology)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-01-15] ()
R3 ASUSfilter; C:\Windows\System32\drivers\ASUSfilter.sys [48384 2014-08-18] (MCCI Corporation)
S3 ASUSstpt; C:\Windows\System32\drivers\ASUSstpt.sys [27392 2014-08-18] (MCCI Corporation)
S3 ASUSumsc; C:\Windows\System32\drivers\ASUSumsc.sys [151808 2014-08-18] (MCCI Corporation)
S3 ASUSxpsp; C:\Windows\System32\drivers\ASUSxpsp.sys [28416 2014-08-18] (MCCI Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [101376 2016-05-20] (Advanced Micro Devices)
R3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2015-06-02] (C-Media Inc)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2015-12-17] (Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2015-12-17] (Corsair)
S3 dg_ssudbus; C:\Windows\System32\drivers\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-11-14] (Disc Soft Ltd)
S3 FlashUSB; C:\Windows\System32\drivers\FlashUSB.sys [19968 2014-10-13] (Intel Mobile Communications)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-09] ()
S3 shspusb; C:\Windows\System32\drivers\HSPUSB.sys [24064 2014-10-13] (MobileTop)
S3 sscdserd; C:\Windows\System32\drivers\sscdserd.sys [158024 2014-10-13] (MCCI Corporation)
S3 ssceserd; C:\Windows\System32\drivers\ssceserd.sys [158024 2014-10-13] (MCCI Corporation)
S3 ssdudfu; C:\Windows\System32\drivers\ssdudfu.sys [101960 2014-10-13] (MCCI)
S3 ssm_bus; C:\Windows\System32\drivers\ssm_bus.sys [136192 2014-10-13] (MCCI Corporation)
S3 ssm_mdm; C:\Windows\System32\drivers\ssm_mdm.sys [172032 2014-10-13] (MCCI Corporation)
S3 ssuddmgr; C:\Windows\System32\drivers\ssuddmgr.sys [206080 2014-10-13] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 ssudobex; C:\Windows\System32\drivers\ssudobex.sys [206080 2014-10-13] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\Windows\System32\drivers\ssudqcfilter.sys [57648 2015-12-08] (QUALCOMM Incorporated)
S3 ssudrmnet; C:\Windows\System32\drivers\ssudrmnet.sys [70400 2014-10-13] (DEVGURU Co., LTD.)
S3 ssudserd; C:\Windows\System32\drivers\ssudserd.sys [206080 2014-10-13] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_bserd; C:\Windows\System32\drivers\ss_bserd.sys [128000 2014-10-13] (MCCI Corporation)
S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-10-13] (DEVGURU Co., LTD.)
S3 t_mouse.sys; C:\Windows\System32\drivers\t_mouse.sys [6144 2012-12-19] ()
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-11-05] (VMware, Inc.)
S3 WacHidRouterPro; C:\Windows\System32\drivers\wachidrouter.sys [102864 2016-03-03] (Wacom Technology)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Users\Rechenknecht\AppData\Local\Temp\tmp3492.tmp [14544 2016-05-29] (OpenLibSys.org)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-05 23:38 - 2016-09-05 23:38 - 02397696 _____ (Farbar) C:\Users\Rechenknecht\Desktop\FRST64(1).exe
2016-09-05 23:38 - 2016-09-05 23:38 - 00022546 _____ C:\Users\Rechenknecht\Desktop\FRST.txt
2016-09-05 23:30 - 2016-09-05 23:30 - 00000306 __RSH C:\Users\Rechenknecht\ntuser.pol
2016-09-05 23:26 - 2016-09-05 23:27 - 00000771 _____ C:\Users\Rechenknecht\Desktop\TB.txt
2016-09-05 23:13 - 2016-09-05 23:13 - 00055456 _____ C:\Users\Rechenknecht\Downloads\Addition.txt
2016-09-05 23:12 - 2016-09-05 23:13 - 00062474 _____ C:\Users\Rechenknecht\Downloads\FRST.txt
2016-09-05 22:41 - 2016-09-05 23:38 - 00000000 ____D C:\FRST
2016-09-05 22:40 - 2016-09-05 22:40 - 02397696 _____ (Farbar) C:\Users\Rechenknecht\Downloads\FRST64.exe
2016-09-05 22:04 - 2016-09-05 22:07 - 00000148 _____ C:\Users\Rechenknecht\Desktop\Orte vom shit.txt
2016-09-05 20:53 - 2016-09-05 20:53 - 00001630 __RSH C:\ProgramData\ntuser.pol
2016-09-05 20:52 - 2016-09-05 22:11 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\GameLauncher
2016-09-05 20:52 - 2016-09-05 20:52 - 00233984 _____ C:\Users\Rechenknecht\AppData\Local\iklado.dll
2016-09-05 20:52 - 2016-09-05 20:52 - 00002560 _____ C:\Users\Rechenknecht\AppData\Local\uninstallssl.exe
2016-09-05 20:51 - 2016-09-05 20:52 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\ProxyGate
2016-09-05 20:51 - 2016-09-05 20:51 - 00009062 _____ C:\WINDOWS\System32\Tasks\Gohghwuers Cloud
2016-09-05 20:51 - 2016-09-05 20:51 - 00003484 _____ C:\WINDOWS\System32\Tasks\f9c38018558b45909ae7861f48cbcb4c
2016-09-05 20:51 - 2016-09-05 20:51 - 00000000 ___HD C:\Users\MS.Default\Helper.5
2016-09-05 20:51 - 2016-09-05 20:51 - 00000000 ___HD C:\Users\MS.Default\Helper.4
2016-09-05 20:51 - 2016-09-05 20:51 - 00000000 ___HD C:\Users\MS.Default\Helper.3
2016-09-05 20:51 - 2016-09-05 20:51 - 00000000 ___HD C:\Users\MS.Default
2016-09-05 20:51 - 2016-09-05 20:51 - 00000000 ___HD C:\Program Files (x86)\wdq967
2016-09-05 20:51 - 2016-09-05 20:51 - 00000000 ___HD C:\Program Files (x86)\SOEasy.5
2016-09-05 20:51 - 2016-09-05 20:51 - 00000000 ___HD C:\Program Files (x86)\SOEasy.4
2016-09-05 20:51 - 2016-09-05 20:51 - 00000000 ___HD C:\Program Files (x86)\SOEasy.3
2016-09-05 20:51 - 2016-09-05 20:51 - 00000000 ____D C:\ProgramData\Avg
2016-09-05 20:51 - 2016-09-05 20:51 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-05 20:50 - 2016-09-05 22:10 - 00000000 ____D C:\Program Files (x86)\Vurationrirole
2016-09-05 20:43 - 2016-09-05 20:43 - 00002583 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-09-05 20:43 - 2016-09-05 20:43 - 00002579 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-09-05 20:43 - 2016-09-05 20:43 - 00002558 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-09-05 20:43 - 2016-09-05 20:43 - 00002533 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-09-05 20:43 - 2016-09-05 20:43 - 00002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-09-05 20:43 - 2016-09-05 20:43 - 00002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-09-05 20:43 - 2016-09-05 20:43 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-09-05 20:43 - 2016-09-05 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2016-09-05 20:40 - 2016-09-05 20:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-05 20:40 - 2016-09-05 20:40 - 03786432 _____ (Microsoft Corporation) C:\Users\Rechenknecht\Downloads\Setup.X86.de-DE_O365HomePremRetail_0981a43f-391f-4b51-a065-13c3a942e757_TX_DB_.exe
2016-09-05 20:40 - 2016-09-05 20:40 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-09-04 22:16 - 2016-09-05 23:31 - 00000000 ___RD C:\Users\Rechenknecht\Dropbox
2016-09-04 22:16 - 2016-09-04 22:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-09-04 22:15 - 2016-09-05 23:30 - 00001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-09-04 22:15 - 2016-09-05 23:20 - 00001258 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-09-04 22:15 - 2016-09-04 22:16 - 00000000 ____D C:\Users\Rechenknecht\AppData\Local\Dropbox
2016-09-04 22:15 - 2016-09-04 22:16 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-09-04 22:15 - 2016-09-04 22:15 - 00690072 _____ (Dropbox, Inc.) C:\Users\Rechenknecht\Downloads\DropboxInstaller.exe
2016-09-04 22:15 - 2016-09-04 22:15 - 00004318 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2016-09-04 22:15 - 2016-09-04 22:15 - 00004086 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2016-09-04 22:15 - 2016-09-04 22:15 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\Dropbox
2016-09-04 22:15 - 2016-09-04 22:15 - 00000000 ____D C:\ProgramData\Dropbox
2016-09-04 22:08 - 2016-09-04 22:08 - 00003370 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-09-04 22:07 - 2016-09-04 22:07 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\Skype
2016-09-01 13:46 - 2009-06-02 18:00 - 00039632 ____R (www.winchiphead.com) C:\WINDOWS\SysWOW64\Drivers\CH341SER.SYS
2016-09-01 13:46 - 2008-12-17 18:00 - 00020089 ____R C:\WINDOWS\SysWOW64\CH341SER.VXD
2016-09-01 13:46 - 2007-06-11 18:00 - 00019680 ____R (www.winchiphead.com) C:\WINDOWS\SysWOW64\Drivers\CH341S98.SYS
2016-09-01 13:46 - 2005-07-29 18:00 - 00006712 ____R (www.winchiphead.com) C:\WINDOWS\SysWOW64\CH341PT.DLL
2016-08-31 22:58 - 2016-08-31 23:00 - 00000000 ____D C:\Users\Rechenknecht\Desktop\DCX-2496
2016-08-31 22:46 - 2016-08-31 22:46 - 00000000 ____D C:\Program Files (x86)\Prolific
2016-08-31 22:46 - 2016-08-02 04:13 - 00196864 _____ (Prolific Technology Inc.) C:\WINDOWS\system32\Drivers\ser2pl64.sys
2016-08-26 15:52 - 2004-08-31 08:47 - 05292044 _____ C:\Users\Rechenknecht\Desktop\rauschen_pinknoise_30sec.wav
2016-08-26 14:13 - 2016-08-26 14:13 - 00075759 _____ C:\Users\Rechenknecht\Downloads\DERTG1FS00001_DERTG1PR10001_3107_001.pdf
2016-08-25 15:28 - 2016-09-01 12:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-21 23:06 - 2016-08-21 23:06 - 00280748 _____ C:\WINDOWS\Minidump\082116-31437-01.dmp
2016-08-21 22:50 - 2016-08-21 22:50 - 00258092 _____ C:\WINDOWS\Minidump\082116-20343-01.dmp
2016-08-17 13:54 - 2016-08-17 13:54 - 00000000 ____D C:\ProgramData\AMD
2016-08-16 15:10 - 2016-08-16 15:10 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett
2016-08-16 03:18 - 2016-08-16 03:18 - 00159936 _____ (MBB) C:\WINDOWS\system32\Drivers\usb2ser.sys
2016-08-16 03:13 - 2016-08-16 03:13 - 04713984 _____ (Geza Kovacs) C:\Users\Rechenknecht\Downloads\unetbootin-windows-625.exe
2016-08-16 02:42 - 2016-08-16 03:04 - 4285749248 _____ C:\Users\Rechenknecht\Desktop\Win10_1607_German_x64.iso
2016-08-13 16:12 - 2016-08-13 16:12 - 00000146 _____ C:\Users\Rechenknecht\Desktop\Sound.lnk
2016-08-12 19:11 - 2016-08-12 19:11 - 00000000 ____D C:\Program Files\ATI Technologies
2016-08-12 19:10 - 2016-08-16 15:11 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-08-12 01:07 - 2016-08-12 01:07 - 09340136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 08892696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 08738920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 07258160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 07115928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00479368 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00164280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00159088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00154920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00138688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00138176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00137224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00123120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00123104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00105344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00105344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 48819200 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 38266368 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 32555512 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 27489280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 26639360 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 21641216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 15729152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 14320128 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 08830456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 08627704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 07076352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 06956032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 02376704 _____ C:\WINDOWS\system32\amdoclvp9lib64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 02286584 _____ C:\WINDOWS\SysWOW64\amdoclvp9lib32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 02147328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 01837568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00991232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00883192 _____ (AMD) C:\WINDOWS\system32\coinst_16.30.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00751616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00627192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00459776 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00402944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00350208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00292352 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00287744 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00275968 _____ C:\WINDOWS\system32\GameManager64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00270336 _____ C:\WINDOWS\system32\clinfo.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00268792 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00249336 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00241152 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00234496 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00231424 _____ C:\WINDOWS\system32\atieah64.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00222208 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00209408 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00202744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00201728 _____ C:\WINDOWS\system32\amdhdl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00181760 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00176640 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00159736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00137208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00135168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00130560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00123896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00118784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00113664 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00111616 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00109568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00108544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00108544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00104448 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00083960 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00079864 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00073216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00069632 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00068608 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00068096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00067584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00066560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00060920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00055800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00021496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2016-08-11 13:52 - 2016-08-11 13:52 - 00635112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll
2016-08-11 13:51 - 2016-08-11 13:51 - 00439536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll
2016-08-11 13:51 - 2016-08-11 13:51 - 00390400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll
2016-08-11 13:51 - 2016-08-11 13:51 - 00267008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll
2016-08-11 13:50 - 2016-08-11 13:50 - 00333072 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll
2016-08-11 13:50 - 2016-08-11 13:50 - 00243480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll
2016-08-11 13:50 - 2016-08-11 13:50 - 00088816 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll
2016-08-11 13:50 - 2016-08-11 13:50 - 00085232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll
2016-08-11 01:42 - 2016-08-11 01:42 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\D-BOX
2016-08-11 01:05 - 2016-08-21 23:06 - 606990304 _____ C:\WINDOWS\MEMORY.DMP
2016-08-11 01:05 - 2016-08-21 23:06 - 00000000 ____D C:\WINDOWS\Minidump
2016-08-09 21:16 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-09 21:16 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-09 21:16 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-09 21:16 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-09 21:16 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-09 21:16 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-09 21:16 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-09 21:16 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-09 21:16 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-09 21:16 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-09 21:16 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-09 21:16 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-09 21:16 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-09 21:16 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-09 21:16 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-09 21:16 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-09 21:16 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-09 21:16 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-09 21:16 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-09 21:16 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-09 21:16 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-09 21:16 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-09 21:16 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-09 21:16 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-09 21:16 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-09 21:16 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-09 21:16 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-09 21:16 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-09 21:16 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-09 21:16 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-09 21:16 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-09 21:16 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-09 21:16 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-09 21:16 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-09 21:16 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-09 21:16 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-09 21:16 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-09 21:16 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-09 21:16 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-09 21:16 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-09 21:16 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-09 21:16 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-09 21:16 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-09 21:16 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-09 21:16 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-09 21:16 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-09 21:16 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-09 21:16 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-09 21:16 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-09 21:16 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-09 21:16 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-09 21:16 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-09 21:16 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-09 21:16 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-09 21:16 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-09 21:16 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-09 21:16 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-09 21:16 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-09 21:16 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-09 21:16 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-09 21:16 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-09 21:16 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-09 21:16 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-09 21:16 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-09 21:16 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-09 21:16 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-09 21:16 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-09 21:16 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-09 21:16 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-09 21:16 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-09 21:16 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-09 21:16 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-09 21:16 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-09 21:16 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-09 21:16 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-09 21:16 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-09 21:16 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-09 21:16 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-09 21:16 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-09 21:16 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-09 21:16 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-09 21:16 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-09 21:16 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-09 21:16 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-09 21:16 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-09 21:16 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-09 21:16 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-09 21:16 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-09 21:16 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-09 21:16 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-09 21:16 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-09 21:16 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-09 21:16 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-09 21:16 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-09 21:16 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-09 21:16 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-09 21:16 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-09 21:16 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-09 21:16 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-09 21:16 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-09 21:16 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-09 21:16 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-09 21:16 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-09 21:16 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-09 21:16 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-09 21:16 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-09 21:16 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-09 21:16 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-09 21:16 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-09 21:16 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-09 21:16 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-09 21:16 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-09 21:16 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-09 21:16 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-09 21:16 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-09 21:16 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-09 21:16 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-09 21:16 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-09 21:16 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-09 21:16 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-09 21:16 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-09 21:16 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-09 21:16 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-09 21:16 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-09 21:16 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-09 21:16 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-09 21:16 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-09 21:16 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-09 21:16 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-05 23:33 - 2016-05-28 20:15 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-09-05 23:31 - 2016-05-29 04:01 - 00000000 ____D C:\Users\Rechenknecht\AppData\Local\Sidebar7
2016-09-05 23:30 - 2016-05-28 22:05 - 00000000 ____D C:\Users\Rechenknecht
2016-09-05 23:27 - 2016-05-29 04:31 - 00003156 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2016-09-05 23:10 - 2016-06-01 23:04 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-05 20:53 - 2016-05-28 20:15 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-09-05 20:46 - 2016-05-28 20:15 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-05 20:46 - 2016-05-28 20:14 - 00000000 ____D C:\WINDOWS\INF
2016-09-05 20:40 - 2016-05-28 20:15 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-09-05 16:21 - 2016-05-28 22:04 - 01807284 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-05 16:21 - 2016-05-28 20:20 - 00778208 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-05 16:21 - 2016-05-28 20:20 - 00156548 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-05 16:16 - 2016-05-28 20:15 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-05 16:15 - 2016-07-04 22:17 - 00000000 ____D C:\ProgramData\VMware
2016-09-05 16:15 - 2016-05-29 06:54 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-04 22:08 - 2016-05-28 22:07 - 00002408 _____ C:\Users\Rechenknecht\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-04 22:08 - 2016-05-28 22:07 - 00000000 ___RD C:\Users\Rechenknecht\OneDrive
2016-09-04 13:03 - 2016-05-28 20:25 - 00000000 ___DC C:\WINDOWS\Panther
2016-09-04 13:00 - 2016-07-17 01:55 - 00000000 ___HD C:\$WINDOWS.~BT
2016-09-04 12:35 - 2016-05-28 20:15 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-01 13:09 - 2016-05-28 20:15 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-01 13:09 - 2016-05-28 20:06 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-01 12:58 - 2016-05-28 22:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-31 22:46 - 2016-05-30 00:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-08-29 00:30 - 2016-05-29 19:08 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\TS3Client
2016-08-24 15:38 - 2016-05-29 00:32 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-21 23:08 - 2016-05-29 04:26 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2016-08-18 04:28 - 2016-06-26 22:56 - 00000000 ____D C:\Users\Rechenknecht\AppData\Local\Spotify
2016-08-18 02:09 - 2016-06-26 22:55 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\Spotify
2016-08-17 00:43 - 2016-07-02 17:24 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-08-17 00:43 - 2016-07-02 17:11 - 00000000 ____D C:\Program Files\Rockstar Games
2016-08-16 15:20 - 2016-05-29 00:29 - 00000000 ____D C:\Program Files (x86)\osu!
2016-08-16 15:11 - 2016-05-28 20:03 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-08-16 15:10 - 2016-05-29 21:52 - 00000000 ____D C:\Program Files\Tablet
2016-08-16 15:08 - 2016-05-29 23:40 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\WTablet
2016-08-14 22:58 - 2016-05-29 20:41 - 00000000 ____D C:\ProgramData\Origin
2016-08-12 19:11 - 2016-05-29 06:49 - 00000000 ____D C:\Program Files\AMD
2016-08-12 19:10 - 2016-05-29 02:18 - 00000000 ____D C:\AMD
2016-08-12 01:07 - 2016-02-03 18:13 - 00183952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2016-08-12 01:07 - 2016-02-03 18:12 - 10995344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2016-08-12 01:07 - 2016-02-03 18:12 - 10317568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2016-08-12 01:07 - 2016-02-03 18:12 - 09131736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2016-08-12 01:07 - 2016-02-03 18:12 - 01547544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-08-12 01:07 - 2016-02-03 18:12 - 01273928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-08-12 01:07 - 2016-02-03 18:12 - 00152800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2016-08-12 01:06 - 2016-06-02 22:30 - 00521728 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-08-12 01:06 - 2016-06-02 22:30 - 00287232 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2016-08-12 01:06 - 2016-05-20 22:57 - 01323008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2016-08-12 01:06 - 2016-05-20 22:57 - 00991232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-08-12 01:06 - 2016-02-03 18:06 - 26706432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2016-08-12 01:06 - 2016-02-03 17:10 - 00518656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2016-08-11 01:06 - 2016-05-29 19:08 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-08-10 15:51 - 2016-05-28 20:15 - 00000000 ____D C:\WINDOWS\rescache
2016-08-10 15:15 - 2016-05-28 22:05 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-10 04:14 - 2016-05-28 20:15 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-10 04:14 - 2016-05-28 20:15 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-10 03:01 - 2016-05-29 00:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 03:01 - 2016-05-28 20:15 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 02:59 - 2016-05-29 00:09 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-08 00:03 - 2016-05-28 20:15 - 00000000 ____D C:\WINDOWS\addins
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-05-29 04:02 - 2016-06-17 13:17 - 0000626 _____ () C:\Users\Rechenknecht\AppData\Roaming\All CPU MeterV3_Settings.ini
2016-05-29 04:14 - 2016-05-29 04:14 - 0000283 _____ () C:\Users\Rechenknecht\AppData\Roaming\GPU MeterV2_Settings.ini
2016-05-29 04:06 - 2016-05-29 04:06 - 0000120 _____ () C:\Users\Rechenknecht\AppData\Roaming\System Monitor II_UptimeRecord.ini
2016-09-05 20:52 - 2016-09-05 20:52 - 0233984 _____ () C:\Users\Rechenknecht\AppData\Local\iklado.dll
2016-09-05 20:52 - 2016-09-05 20:52 - 0002560 _____ () C:\Users\Rechenknecht\AppData\Local\uninstallssl.exe
2016-05-29 06:50 - 2016-05-29 06:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Rechenknecht\AppData\Local\iklado.dll
Einige Dateien in TEMP:
====================
C:\Users\Rechenknecht\AppData\Local\Temp\GTA_V_Patch_1_0_791_2.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-08-29 00:35
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgeführt von Rechenknecht (05-09-2016 23:39:22)
Gestartet von C:\Users\Rechenknecht\Desktop
Windows 10 Pro Version 1511 (X64) (2016-05-28 20:00:49)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2797355107-3117587174-2617422478-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2797355107-3117587174-2617422478-503 - Limited - Disabled)
Gast (S-1-5-21-2797355107-3117587174-2617422478-501 - Limited - Disabled)
Rechenknecht (S-1-5-21-2797355107-3117587174-2617422478-1001 - Administrator - Enabled) => C:\Users\Rechenknecht
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
8GadgetPack (HKLM-x32\...\{D0BD6EC7-ADBC-4127-815A-77E2336873EA}) (Version: 17.0.0 - Helmut Buhler)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
ASUS Xonar DGX Audio (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392008788}) (Version: - ASUSTeK Computer Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Corsair Utility Engine (HKLM-x32\...\{46A3EEB3-8F6F-4BC4-9A53-CDE33D089D08}) (Version: 1.16.42 - Corsair)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.76 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 9.4.49 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.47.1 - Dropbox, Inc.) Hidden
Geeks3D FurMark 1.17.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7167.2040 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
Need for Speed™ (HKLM-x32\...\{F8643E83-A868-4EE8-A0B9-389386830453}) (Version: 1.3.0.0 - Electronic Arts)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{3027b1a8-658f-434a-963c-7ed83f5fa117}) (Version: latest - ppy Pty Ltd)
PL-2303 Vista Driver Installer (HKLM-x32\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.2.0.0 - Prolific)
ProxyGate version 3.0.0.1176 (HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\{1EC095EE-8CA3-43D6-B9F5-0C55B82ED3D7}}_is1) (Version: 3.0.0.1176 - Gold Click Ltd) <==== ACHTUNG
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7634 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
Spotify (HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\Spotify) (Version: 1.0.34.146.g28f9eda2 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
VMware Player (HKLM\...\{537B7F85-2B95-44ED-8D90-765F6F36D666}) (Version: 12.1.1 - VMware, Inc.)
Vulkan Run Time Libraries 1.0.11.0 (HKLM\...\VulkanRT1.0.11.0-2) (Version: 1.0.11.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.11.0 (Version: 1.0.11.0 - LunarG, Inc.) Hidden
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.17-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinISD Pro [alpha] (HKLM-x32\...\WinISD Pro [alpha]) (Version: - )
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2797355107-3117587174-2617422478-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Rechenknecht\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2797355107-3117587174-2617422478-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Rechenknecht\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2797355107-3117587174-2617422478-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Rechenknecht\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {053213EB-4166-4664-A4BD-C2B77136B607} - System32\Tasks\f9c38018558b45909ae7861f48cbcb4c => C:\Program Files (x86)\wdq967\5l9977.bat [2016-09-05] () <==== ACHTUNG
Task: {085EE8D3-2444-4227-A6D2-A2B1E552A1B8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-08-11] (Microsoft Corporation)
Task: {1AFF0A7D-5E88-492C-A0C9-821B038A8141} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-08-11] (Microsoft Corporation)
Task: {2C6C2DA8-BFEA-4511-8D0C-D86777E62142} - System32\Tasks\PCMeter\Startup => C:\Users\Rechenknecht\AppData\Local\Temp\PCMeter\PCMeterV4\PCMeterV0.4.exe [2016-05-29] (AddGadgets) <==== ACHTUNG
Task: {53EE33B7-8F67-49E7-96ED-91824711983A} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-06-02] (Advanced Micro Devices, Inc.)
Task: {752E5AEF-F873-4606-A9D4-0562CD2CE780} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {7E5A649D-2810-44F5-BE66-B9A81F594AD2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-04] (Dropbox, Inc.)
Task: {7F1BB600-D24E-419C-AF8A-2FB26707CC8A} - System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe [2013-10-18] ()
Task: {7F94E826-7983-42D5-A8AE-E4C0B8F4B480} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-12-09] ()
Task: {8BC95C62-64D3-419B-9620-B57C04F12BFC} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2013-01-14] (ASUSTeK Computer Inc.)
Task: {9DFDD6D6-1D3C-47D3-836B-66558B04F0AC} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {BC343CEC-5F5E-4F05-8648-5A095A52CAB0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-04] (Dropbox, Inc.)
Task: {C248AA5F-7AE5-4C20-9584-B57DA1647B5C} - System32\Tasks\Gohghwuers Cloud => C:\Program Files (x86)\Vurationrirole\GohghwuersCldcrr.exe [2016-09-05] ()
Task: {E1D40412-2C06-490E-BEA1-52824CD21E61} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Rechenknecht\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-09-04] (Microsoft Corporation)
Task: {F04A0416-D668-4D7B-9799-B8AC1A95DE21} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-05-30 00:08 - 2014-03-13 11:11 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2016-06-24 12:51 - 2016-06-24 12:51 - 00138752 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2016-09-05 20:51 - 2016-09-05 20:51 - 00179204 _____ () C:\Program Files (x86)\SOEasy.3\SSoEasyySvc3.exe
2016-09-05 20:51 - 2016-09-05 20:51 - 00179204 _____ () C:\Program Files (x86)\SOEasy.4\SSoEasyySvc4.exe
2016-09-05 20:51 - 2016-09-05 20:51 - 00179204 _____ () C:\Program Files (x86)\SOEasy.5\SSoEasyySvc5.exe
2016-09-05 20:51 - 2016-09-05 20:51 - 00179204 _____ () C:\Users\MS.Default\Helper.3\Helper33.exe
2016-09-05 20:51 - 2016-09-05 20:51 - 00179204 _____ () C:\Users\MS.Default\Helper.4\Helper44.exe
2016-09-05 20:51 - 2016-09-05 20:51 - 00179204 _____ () C:\Users\MS.Default\Helper.5\Helper55.exe
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-11-23 18:44 - 2015-11-23 18:44 - 00403456 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
2016-07-13 17:28 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-30 00:09 - 2013-10-18 18:04 - 01426232 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
2015-12-09 09:59 - 2015-12-09 09:59 - 00580296 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2016-05-29 21:52 - 2016-07-14 22:45 - 01661392 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2016-07-13 17:28 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-09-04 22:07 - 2016-09-04 22:07 - 01864384 _____ () C:\Users\Rechenknecht\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-02-24 20:44 - 2016-02-24 20:44 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 17:29 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-13 17:28 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 17:28 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-13 17:28 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 17:28 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-30 00:13 - 2008-07-11 15:04 - 00200704 ____N () C:\Windows\syswow64\HsMgr.exe
2016-05-30 00:13 - 2008-07-11 15:03 - 00282112 ____N () C:\Windows\System\HsMgr64.exe
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-05-29 04:01 - 2013-06-06 20:16 - 00012520 _____ () C:\Users\Rechenknecht\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\CoreTempReader.dll
2016-05-29 04:01 - 2013-06-06 20:16 - 00015080 _____ () C:\Users\Rechenknecht\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\GetCoreTempInfoNET.dll
2016-05-29 04:01 - 2013-06-06 20:16 - 00014056 _____ () C:\Users\Rechenknecht\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\SystemInfo.dll
2015-12-02 11:19 - 2015-12-02 11:19 - 00205000 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
2015-11-23 18:43 - 2015-11-23 18:43 - 00031232 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer64.exe
2015-11-23 18:44 - 2015-11-23 18:44 - 00088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
2016-05-28 22:43 - 2016-05-28 22:43 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-04-14 17:17 - 2016-04-14 17:17 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2016-05-30 00:08 - 2016-09-05 16:15 - 00035840 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2016-05-30 00:08 - 2010-06-29 10:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2016-05-30 00:09 - 2013-10-18 18:04 - 05777616 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzULIB.dll
2016-05-30 00:09 - 2013-05-08 16:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\ImageHelper.dll
2015-11-23 18:43 - 2015-11-23 18:43 - 00356864 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll
2015-12-07 18:43 - 2015-12-07 18:43 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2015-12-07 18:44 - 2015-12-07 18:44 - 00225792 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2015-12-07 18:43 - 2015-12-07 18:43 - 00057856 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2015-12-07 18:43 - 2015-12-07 18:43 - 00357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2015-12-07 18:44 - 2015-12-07 18:44 - 00657408 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2016-05-30 00:13 - 2012-06-06 09:56 - 00143360 ____N () C:\Program Files\ASUS Xonar DGX Audio\Customapp\VmixP8.dll
2016-09-05 20:52 - 2016-09-05 20:52 - 00233984 _____ () C:\Users\Rechenknecht\AppData\Local\iklado.dll
2016-03-23 11:04 - 2016-03-23 11:04 - 00091136 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\LuaQtWrapperLibrary.dll
2016-03-23 11:02 - 2016-03-23 11:02 - 00224256 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
2016-03-23 11:02 - 2016-03-23 11:02 - 00200704 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\lua52.dll
2016-09-04 22:16 - 2016-08-06 05:21 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-09-04 22:15 - 2016-08-06 05:21 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-09-04 22:15 - 2016-08-06 05:22 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-09-04 22:15 - 2016-08-06 05:21 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-09-04 22:16 - 2016-08-06 05:21 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-09-04 22:16 - 2016-08-06 05:21 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-09-04 22:16 - 2016-08-06 05:21 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-09-04 22:16 - 2016-08-06 05:22 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-09-04 22:15 - 2016-08-06 05:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-09-04 22:15 - 2016-08-06 05:24 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-09-04 22:16 - 2016-08-06 05:25 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-09-04 22:16 - 2016-08-06 05:21 - 00144848 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-09-04 22:16 - 2016-08-06 05:22 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-09-04 22:16 - 2016-08-06 05:25 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-09-04 22:15 - 2016-08-06 05:18 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-09-04 22:15 - 2016-08-30 23:38 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-09-04 22:15 - 2016-08-30 23:13 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-09-04 22:15 - 2016-08-30 23:38 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-09-04 22:15 - 2016-08-30 23:38 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-09-04 22:16 - 2016-08-06 05:22 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00037192 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00168760 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-05-30 00:10 - 2013-08-19 17:23 - 00043520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2016-05-30 00:10 - 2013-08-19 17:21 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2016-05-30 00:09 - 2011-07-12 19:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2016-05-30 00:09 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2016-05-30 00:09 - 2012-10-08 17:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2016-05-30 00:09 - 2013-05-08 16:22 - 01040896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2016-05-30 00:10 - 2012-07-20 09:39 - 01047040 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2016-05-30 00:09 - 2013-04-15 14:19 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2016-05-30 00:09 - 2012-05-28 21:27 - 01622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2016-05-30 00:09 - 2011-09-19 20:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2016-05-30 00:09 - 2011-07-21 09:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2016-05-30 00:09 - 2012-08-29 18:09 - 00875520 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2016-05-30 00:08 - 2010-08-23 10:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2016-05-30 00:09 - 2010-10-05 08:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2015-11-23 18:43 - 2015-11-23 18:43 - 00056832 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2015-11-23 18:43 - 2015-11-23 18:43 - 00353792 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2015-11-23 18:43 - 2015-11-23 18:43 - 00071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2016-05-30 00:09 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2016-05-28 22:43 - 2016-05-28 22:43 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-05-28 22:43 - 2016-05-28 22:43 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-05-28 20:16 - 2016-05-28 20:13 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rechenknecht\Desktop\Arno's Zeug\Wallpaper\The_Z_Machine_(8056998596).jpg
DNS Servers: 80.69.96.12 - 81.210.129.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: BSSoEasySvc3 => 2
MSCONFIG\Services: BSSoEasySvc4 => 2
MSCONFIG\Services: BSSoEasySvc5 => 2
MSCONFIG\Services: GohghwuersCldcmn.exe => 2
MSCONFIG\Services: ZSHelper33 => 2
MSCONFIG\Services: ZSHelper44 => 2
MSCONFIG\Services: ZSHelper55 => 2
HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\StartupApproved\Run: => "Seviler"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{D30397FE-7D70-449B-AB01-1BF3956AECF7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E1CDFD26-871F-4B86-9C74-971AB6B60F9E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E2ECCDC2-D6E7-4346-9F45-4DCE5EE4C23F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{43FEA9D7-6942-458F-A236-8761D480DDE9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{8EBD17FD-3C67-47F7-B7C8-9D0E4D8B8F80}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C57531CB-A9EC-48D4-BD80-9241D5ABED06}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{20D23F4D-EA2F-44A0-98DF-CBE5B05E835C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EF02F3EB-2C97-4C21-9A6C-2A7993354D5E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A2570588-5162-410F-9556-BA48665329E6}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{13EDA027-4A5D-4751-A591-8B09FD1EC47E}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{D8B30EEE-F6FF-40A1-8033-7A3C525D7F5D}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed\NFS16.exe
FirewallRules: [{7329011D-5F09-4DEB-AA13-54BB421C5CF5}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed\NFS16.exe
FirewallRules: [{E90C3477-3D09-482B-96E8-3F5C86F727D5}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed\NFS16_trial.exe
FirewallRules: [{C34EB995-625F-4AB2-9421-E5E6C9CB16E0}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed\NFS16_trial.exe
FirewallRules: [TCP Query User{AECA3DFE-1390-4F5F-925E-31CB1BCE90CF}C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C8D1DF86-D254-45A1-B8C0-0E0C331E7F2C}C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe
FirewallRules: [{B6CADC2D-A853-44C9-BA42-5FE7BDBD74C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{FC5E1650-DDF2-48A4-81B8-8F30B7E1C685}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{1699DA6F-073E-4765-9C6E-6A6305262780}C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6C8EA0C2-57B6-45A8-B323-89366A9E742A}C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe
FirewallRules: [{69897DD4-DDC0-403B-9457-90E6490A5C72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{AB937881-AFED-45D0-957D-DEEDF3C8978B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{BD7027A6-33FF-4F06-B574-182306E7E291}] => (Allow) C:\Program Files\Rockstar Games\GTA V\GTA5.exe
FirewallRules: [{1128B124-D99F-42FD-8D8C-E0C349057144}] => (Allow) C:\Program Files\Rockstar Games\GTA V\GTA5.exe
FirewallRules: [{235F9128-E220-4676-9D9C-0DDE8C6FC893}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{966DB32F-34DA-444C-BE7F-C202F22B99E1}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{AA28934F-D5B0-48B1-914C-CB47E72487A5}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{7842707A-4275-484D-B78F-CD9D9C235380}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{33498444-F3A7-40BD-AEEA-0278D97BBD0A}] => (Allow) C:\WINDOWS\system32\rundll32.exe
==================== Wiederherstellungspunkte =========================
20-08-2016 12:31:34 Geplanter Prüfpunkt
29-08-2016 22:03:18 Geplanter Prüfpunkt
31-08-2016 22:46:07 Installed PL-2303 Vista Driver Installer
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/05/2016 11:30:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ED2S725)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/05/2016 11:28:35 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (09/05/2016 11:27:56 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
Error: (09/05/2016 08:51:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 48.0.2.6079, Zeitstempel: 0x57bd3628
Name des fehlerhaften Moduls: mozglue.dll, Version: 48.0.2.6079, Zeitstempel: 0x57bd2857
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000efe5
ID des fehlerhaften Prozesses: 0x1620
Startzeit der fehlerhaften Anwendung: 0x01d207a67423e772
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
Berichtskennung: ba8782cf-5bea-490d-9596-122bace371f6
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/04/2016 04:04:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AI Suite II.exe, Version: 2.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.494, Zeitstempel: 0x5775e78b
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x000bdae8
ID des fehlerhaften Prozesses: 0x15a8
Startzeit der fehlerhaften Anwendung: 0x01d206b50d8f9ff4
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\KERNELBASE.dll
Berichtskennung: bfe0ce88-3e95-4f64-bb10-bbeadced3078
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/04/2016 04:04:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EPUHelp.exe, Version: 1.0.0.31, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.494, Zeitstempel: 0x5775e78b
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x000bdae8
ID des fehlerhaften Prozesses: 0x330
Startzeit der fehlerhaften Anwendung: 0x01d206b50a8948aa
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\KERNELBASE.dll
Berichtskennung: 6f7deb7c-a5d7-4cd6-8fa5-527ecd70fef1
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/04/2016 04:03:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: TurboVHelp.exe, Version: 1.0.1.36, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.494, Zeitstempel: 0x5775e78b
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x000bdae8
ID des fehlerhaften Prozesses: 0x1558
Startzeit der fehlerhaften Anwendung: 0x01d206b5077f62fe
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\KERNELBASE.dll
Berichtskennung: 59effedb-4450-414b-bbe0-771b057f49b2
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/04/2016 04:03:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PowerControlHelp.exe, Version: 1.0.0.11, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.494, Zeitstempel: 0x5775e78b
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x000bdae8
ID des fehlerhaften Prozesses: 0x128c
Startzeit der fehlerhaften Anwendung: 0x01d206b4f9dce7a1
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\KERNELBASE.dll
Berichtskennung: 361caa97-39e9-4033-a9d2-5fcb7c9bcb17
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/04/2016 04:03:02 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0x80072EE7
Befehlszeilenargumente:
RuleId=3482d82e-ca2c-4e1f-8864-da0267b484b2;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (09/04/2016 04:02:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AsusFanControlService.exe, Version: 1.0.1.4, Zeitstempel: 0x509cb5e8
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.494, Zeitstempel: 0x5775e78b
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x000bdae8
ID des fehlerhaften Prozesses: 0x84c
Startzeit der fehlerhaften Anwendung: 0x01d206b4e5555ad5
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\KERNELBASE.dll
Berichtskennung: 5f53d4fc-17a4-4b6d-829b-0e082cdce612
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (09/05/2016 11:30:54 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-ED2S725)
Description: Der Server "App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/05/2016 11:28:37 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5
Error: (09/05/2016 11:28:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_3824d erreicht.
Error: (09/05/2016 11:28:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _3824d erreicht.
Error: (09/05/2016 11:27:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_3824d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/05/2016 11:27:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _3824d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/05/2016 11:27:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_3824d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/05/2016 11:27:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_3824d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/05/2016 11:13:41 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-ED2S725)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-ED2S725\Rechenknecht" (SID: S-1-5-21-2797355107-3117587174-2617422478-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/05/2016 11:13:41 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-ED2S725)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-ED2S725\Rechenknecht" (SID: S-1-5-21-2797355107-3117587174-2617422478-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2016-09-05 20:43:26.606
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-09-01 14:42:57.079
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-10 15:15:24.598
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-25 00:16:17.612
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-15 12:10:48.783
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-14 12:45:46.422
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-19 12:20:45.596
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-18 14:29:46.070
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-17 13:02:38.735
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-16 12:08:33.439
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: AMD FX(tm)-6300 Six-Core Processor
Prozentuale Nutzung des RAM: 36%
Installierter physikalischer RAM: 8088.69 MB
Verfügbarer physikalischer RAM: 5153.48 MB
Summe virtueller Speicher: 9368.69 MB
Verfügbarer virtueller Speicher: 6432.39 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:930.97 GB) (Free:601.13 GB) NTFS
Drive d: (DRIVER) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C32E3EAD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)
==================== Ende von Addition.txt ============================
 Mfg Arno |
|
06.09.2016, 09:48
| #2 |
| /// TB-Senior    | Trotux.com redirect Virus eingefangen Ich habe dein Thema in Arbeit und melde mich so schnell als möglich mit weiteren Anweisungen. Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Dies garantiert, dass Du Hilfe von einem ausgebildeten Helfer bekommst. Ich bedanke mich für deine Geduld 
__________________ |
|
06.09.2016, 12:54
| #3 |
| /// TB-Senior | Trotux.com redirect Virus eingefangenMein Name ist Ruth und ich werde dir bei der Bereinigung deines Systems helfen. 
Du hast da schon die richtigen Sachen auf dem Kieker. Bloß die haben sich mehrfach "abgesichert". Schritt 1: Malwarebytes Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 2: AdwareCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 3: frisches FRST-Log
__________________ |
|
06.09.2016, 16:43
| #4 |
| | Trotux.com redirect Virus eingefangen Hab die Anleitung umgesetzt und die adware ist schonmal verschwunden  (den GameLauncher hatte ich ja normal deinstalliert, deswegen weiss ich nicht ob der noch irgendwo existiert).Ich hab übrigens Zeit also bloß keine Eile Log Dateien: MBAM Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 06.09.2016 Suchlaufzeit: 15:50 Protokolldatei: mbamlog.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.09.06.05 Rootkit-Datenbank: v2016.08.15.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Rechenknecht Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 308147 Abgelaufene Zeit: 8 Min., 1 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 1 PUP.Optional.GoldClick, C:\Users\Rechenknecht\AppData\Roaming\ProxyGate\PGCommon.dll, Löschen bei Neustart, [8964c5a97426280ead7ce7832ad741bf], Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 4 PUP.Optional.Elex.Generic, C:\Program Files (x86)\SOEasy.4, Löschen bei Neustart, [6c81046a5e3c46f0ff2a54903fc58878], PUP.Optional.Elex.Generic, C:\Program Files (x86)\SOEasy.5, Löschen bei Neustart, [33bae9852a7062d450d9c91b82825ba5], PUP.Optional.GsearchFinder, C:\Users\Rechenknecht\AppData\Roaming\Profiles\mz6aizdp.default\YourGSearchFinder_br, In Quarantäne, [31bcc5a92476e056442e2b9da0626997], PUP.Optional.Elex, C:\Users\Rechenknecht\AppData\Roaming\GameLauncher\Seviler, In Quarantäne, [0ae3c4aa1585f541c2758d48af557b85], Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v6.010 - Bericht erstellt am 06/09/2016 um 16:57:43
# Aktualisiert am 12/08/2016 von ToolsLib
# Datenbank : 2016-09-06.1 [Server]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : Rechenknecht - DESKTOP-ED2S725
# Gestartet von : C:\Users\Rechenknecht\Downloads\AdwCleaner_6.010.exe
# Modus: Löschen
# Unterstützung : https://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\Rechenknecht\AppData\LocalLow\Youtube AdBlock
[-] Ordner gelöscht: C:\Program Files (x86)\Youtube AdBlock
[#] Ordner mit Neustart gelöscht: C:\Users\Rechenknecht\AppData\LocalLow\Youtube AdBlock
[#] Ordner mit Neustart gelöscht: C:\Program Files (x86)\Youtube AdBlock
[-] Ordner gelöscht: C:\users\MS.Default\Helper.5
[-] Ordner gelöscht: C:\users\MS.Default\Helper.4
[-] Ordner gelöscht: C:\users\MS.Default\Helper.3
[-] Ordner gelöscht: C:\Users\Rechenknecht\AppData\Roaming\Mozilla\Firefox\..\..\Profiles\mz6aizdp.default
***** [ Dateien ] *****
[-] Datei gelöscht: C:\Users\Rechenknecht\AppData\Local\uninstallssl.exe
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{D42C3A49-ABAF-464B-BBCE-991C3DD395E8}
[#] Schlüssel mit Neustart gelöscht: {38DD0B4A-E4E0-4A57-99EE-DCCB185B4728}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\ZSHelper55
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\ZSHelper44
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\ZSHelper33
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\BSSoEasySvc5
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\BSSoEasySvc4
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\BSSoEasySvc3
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Classes\CLSID\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B}
[#] Schlüssel mit Neustart gelöscht: HKLM\SOFTWARE\Classes\CLSID\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B}
[-] Schlüssel gelöscht: HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\Software\IM
[-] Schlüssel gelöscht: HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\Software\OCS
[-] Schlüssel gelöscht: HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1EC095EE-8CA3-43D6-B9F5-0C55B82ED3D7}}_is1
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\IM
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\OCS
[-] Schlüssel gelöscht: HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1EC095EE-8CA3-43D6-B9F5-0C55B82ED3D7}}_is1
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Wert gelöscht: HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [ProxyGate]
[-] Wert gelöscht: HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Seviler]
***** [ Browser ] *****
[-] Firefox Profil bereinigt: Profile1
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [4164 Bytes] - [06/09/2016 16:57:43]
C:\AdwCleaner\AdwCleaner[S0].txt - [6737 Bytes] - [06/09/2016 16:56:30]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4310 Bytes] ##########
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016 durchgeführt von Rechenknecht (Administrator) auf DESKTOP-ED2S725 (06-09-2016 17:04:37) Gestartet von C:\Users\Rechenknecht\Desktop Geladene Profile: Rechenknecht (Verfügbare Profile: Rechenknecht) Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe (DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe (VMware, Inc.) C:\Windows\syswow64\vmnat.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (VMware, Inc.) C:\Windows\syswow64\vmnetdhcp.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe (AddGadgets) C:\Users\Rechenknecht\AppData\Local\Temp\PCMeter\PCMeterV4\PCMeterV0.4.exe () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe (Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe () C:\Windows\syswow64\HsMgr.exe () C:\Windows\System\HsMgr64.exe (CMedia) C:\Program Files\ASUS Xonar DGX Audio\Customapp\AsusAudioCenter.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Spotify Ltd) C:\Users\Rechenknecht\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\syswow64\rundll32.exe (Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Microsoft Corporation) C:\Windows\syswow64\wbem\WmiPrvSE.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer64.exe () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe () C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248 2015-12-17] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-12-17] (Realtek Semiconductor) HKLM\...\Run: [Cmaudio8788] => C:\WINDOWS\Syswow64\cmicnfgp.dll [13463552 2014-03-11] (C-Media Corporation) HKLM\...\Run: [Cmaudio8788GX] => C:\WINDOWS\syswow64\HsMgr.exe [200704 2008-07-11] () HKLM\...\Run: [Cmaudio8788GX64] => C:\WINDOWS\system\HsMgr64.exe [282112 2008-07-11] () HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-24] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [14885552 2016-03-23] (Corsair Components, Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25197248 2016-08-30] (Dropbox, Inc.) HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation) HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\Run: [Spotify Web Helper] => C:\Users\Rechenknecht\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1555056 2016-08-07] (Spotify Ltd) HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\Run: [Spotify] => C:\Users\Rechenknecht\AppData\Roaming\Spotify\Spotify.exe [6937200 2016-08-07] (Spotify Ltd) HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\Run: [iklado] => C:\Users\Rechenknecht\AppData\Local\iklado.dll [233984 2016-09-05] () <===== ACHTUNG HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\RunOnce: [Uninstall C:\Users\Rechenknecht\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rechenknecht\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) Startup: C:\Users\Rechenknecht\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar630.lnk [2016-09-06] ShortcutTarget: Sidebar630.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\..\Interfaces\{15b81e0a-651f-43bb-9e8a-cdc94c751aa2}: [DhcpNameServer] 80.69.96.12 81.210.129.4 ManualProxies: Internet Explorer: ================== BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-09-05] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation) FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] () FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] () FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-09-05] (Microsoft Corporation) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-24] () [Datei ist nicht signiert] R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2014-03-13] () R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2014-03-13] (ASUSTeK Computer Inc.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.) R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2014-03-13] (ASUSTeK Computer Inc.) [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2981056 2016-08-11] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-04] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-04] (Dropbox, Inc.) R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [249320 2015-12-17] (DTS, Inc) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-09] (Electronic Arts) S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation) R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [652240 2016-07-14] (Wacom Technology, Corp.) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [23240 2016-05-20] (Advanced Micro Devices, Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] () R0 asstor64; C:\Windows\System32\drivers\asstor64.sys [83792 2015-09-28] (Asmedia Technology) R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-01-15] () R3 ASUSfilter; C:\Windows\System32\drivers\ASUSfilter.sys [48384 2014-08-18] (MCCI Corporation) S3 ASUSstpt; C:\Windows\System32\drivers\ASUSstpt.sys [27392 2014-08-18] (MCCI Corporation) S3 ASUSumsc; C:\Windows\System32\drivers\ASUSumsc.sys [151808 2014-08-18] (MCCI Corporation) S3 ASUSxpsp; C:\Windows\System32\drivers\ASUSxpsp.sys [28416 2014-08-18] (MCCI Corporation) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [101376 2016-05-20] (Advanced Micro Devices) R3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2015-06-02] (C-Media Inc) R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2015-12-17] (Corsair) R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2015-12-17] (Corsair) S3 dg_ssudbus; C:\Windows\System32\drivers\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.) S3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-11-14] (Disc Soft Ltd) S3 FlashUSB; C:\Windows\System32\drivers\FlashUSB.sys [19968 2014-10-13] (Intel Mobile Communications) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-06] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-09] () S3 shspusb; C:\Windows\System32\drivers\HSPUSB.sys [24064 2014-10-13] (MobileTop) S3 sscdserd; C:\Windows\System32\drivers\sscdserd.sys [158024 2014-10-13] (MCCI Corporation) S3 ssceserd; C:\Windows\System32\drivers\ssceserd.sys [158024 2014-10-13] (MCCI Corporation) S3 ssdudfu; C:\Windows\System32\drivers\ssdudfu.sys [101960 2014-10-13] (MCCI) S3 ssm_bus; C:\Windows\System32\drivers\ssm_bus.sys [136192 2014-10-13] (MCCI Corporation) S3 ssm_mdm; C:\Windows\System32\drivers\ssm_mdm.sys [172032 2014-10-13] (MCCI Corporation) S3 ssuddmgr; C:\Windows\System32\drivers\ssuddmgr.sys [206080 2014-10-13] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.) S3 ssudobex; C:\Windows\System32\drivers\ssudobex.sys [206080 2014-10-13] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssudqcfilter; C:\Windows\System32\drivers\ssudqcfilter.sys [57648 2015-12-08] (QUALCOMM Incorporated) S3 ssudrmnet; C:\Windows\System32\drivers\ssudrmnet.sys [70400 2014-10-13] (DEVGURU Co., LTD.) S3 ssudserd; C:\Windows\System32\drivers\ssudserd.sys [206080 2014-10-13] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ss_bserd; C:\Windows\System32\drivers\ss_bserd.sys [128000 2014-10-13] (MCCI Corporation) S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-10-13] (DEVGURU Co., LTD.) S3 t_mouse.sys; C:\Windows\System32\drivers\t_mouse.sys [6144 2012-12-19] () R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-11-05] (VMware, Inc.) S3 WacHidRouterPro; C:\Windows\System32\drivers\wachidrouter.sys [102864 2016-03-03] (Wacom Technology) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) R3 WinRing0_1_2_0; C:\Users\Rechenknecht\AppData\Local\Temp\tmp3492.tmp [14544 2016-05-29] (OpenLibSys.org) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-09-06 17:04 - 2016-09-06 17:05 - 00019775 _____ C:\Users\Rechenknecht\Desktop\FRST.txt 2016-09-06 16:54 - 2016-09-06 16:57 - 00000000 ____D C:\AdwCleaner 2016-09-06 16:51 - 2016-09-06 16:51 - 03826240 _____ C:\Users\Rechenknecht\Desktop\AdwCleaner_6.010.exe 2016-09-06 16:45 - 2016-09-06 16:45 - 00001804 _____ C:\Users\Rechenknecht\Desktop\mbamlog.txt 2016-09-06 15:49 - 2016-09-06 16:59 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-09-06 15:49 - 2016-09-06 15:49 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-09-06 15:49 - 2016-09-06 15:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-09-06 15:49 - 2016-09-06 15:49 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-09-06 15:49 - 2016-09-06 15:49 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-09-06 15:49 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-09-06 15:49 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-09-06 15:49 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-09-06 15:43 - 2016-09-06 15:44 - 22851472 _____ (Malwarebytes ) C:\Users\Rechenknecht\Downloads\mbam-setup-2.2.1.1043.exe 2016-09-06 00:51 - 2016-09-06 00:51 - 00142336 ____H C:\Program Files (x86)\local64spl.dll 2016-09-06 00:51 - 2016-09-06 00:51 - 00000020 ____H C:\Program Files (x86)\local64spl.dll.ini 2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\WINDOWS\Temp_ 2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\Users\Rechenknecht\AppData\LocalLow\Youtube AdBlock_ 2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\Users\Rechenknecht\AppData\Local\Temp_ 2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\Users\MS.Default\Helper.5_ 2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\Users\MS.Default\Helper.4_ 2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\Users\MS.Default\Helper.3_ 2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\Program Files (x86)_ 2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\Program Files (x86)\Youtube AdBlock_ 2016-09-05 23:38 - 2016-09-05 23:38 - 02397696 _____ (Farbar) C:\Users\Rechenknecht\Desktop\FRST64.exe 2016-09-05 23:30 - 2016-09-06 16:57 - 00000008 __RSH C:\Users\Rechenknecht\ntuser.pol 2016-09-05 23:13 - 2016-09-05 23:13 - 00055456 _____ C:\Users\Rechenknecht\Downloads\Addition.txt 2016-09-05 23:12 - 2016-09-05 23:13 - 00062474 _____ C:\Users\Rechenknecht\Downloads\FRST.txt 2016-09-05 22:41 - 2016-09-06 17:04 - 00000000 ____D C:\FRST 2016-09-05 22:40 - 2016-09-05 22:40 - 02397696 _____ (Farbar) C:\Users\Rechenknecht\Downloads\FRST64.exe 2016-09-05 20:53 - 2016-09-06 16:57 - 00000008 __RSH C:\ProgramData\ntuser.pol 2016-09-05 20:52 - 2016-09-06 16:44 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\GameLauncher 2016-09-05 20:52 - 2016-09-05 20:52 - 00233984 _____ C:\Users\Rechenknecht\AppData\Local\iklado.dll 2016-09-05 20:51 - 2016-09-06 16:57 - 00000000 ___HD C:\Users\MS.Default 2016-09-05 20:51 - 2016-09-06 16:46 - 00000000 ___HD C:\Program Files (x86)\wdq967 2016-09-05 20:51 - 2016-09-05 20:51 - 00009062 _____ C:\WINDOWS\System32\Tasks\Gohghwuers Cloud 2016-09-05 20:51 - 2016-09-05 20:51 - 00000000 ____D C:\ProgramData\Avg 2016-09-05 20:51 - 2016-09-05 20:51 - 00000000 ____D C:\ProgramData\AVAST Software 2016-09-05 20:50 - 2016-09-06 16:46 - 00000000 ____D C:\Program Files (x86)\Vurationrirole 2016-09-05 20:43 - 2016-09-05 20:43 - 00002583 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2016-09-05 20:43 - 2016-09-05 20:43 - 00002579 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2016-09-05 20:43 - 2016-09-05 20:43 - 00002558 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk 2016-09-05 20:43 - 2016-09-05 20:43 - 00002533 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2016-09-05 20:43 - 2016-09-05 20:43 - 00002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2016-09-05 20:43 - 2016-09-05 20:43 - 00002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2016-09-05 20:43 - 2016-09-05 20:43 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2016-09-05 20:43 - 2016-09-05 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools 2016-09-05 20:40 - 2016-09-06 15:44 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-09-05 20:40 - 2016-09-05 20:40 - 03786432 _____ (Microsoft Corporation) C:\Users\Rechenknecht\Downloads\Setup.X86.de-DE_O365HomePremRetail_0981a43f-391f-4b51-a065-13c3a942e757_TX_DB_.exe 2016-09-05 20:40 - 2016-09-05 20:40 - 00000000 ____D C:\Program Files\Microsoft Office 15 2016-09-04 22:16 - 2016-09-06 17:00 - 00000000 ___RD C:\Users\Rechenknecht\Dropbox 2016-09-04 22:16 - 2016-09-04 22:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-09-04 22:15 - 2016-09-06 16:59 - 00001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2016-09-04 22:15 - 2016-09-06 16:20 - 00001258 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2016-09-04 22:15 - 2016-09-04 22:16 - 00000000 ____D C:\Users\Rechenknecht\AppData\Local\Dropbox 2016-09-04 22:15 - 2016-09-04 22:16 - 00000000 ____D C:\Program Files (x86)\Dropbox 2016-09-04 22:15 - 2016-09-04 22:15 - 00690072 _____ (Dropbox, Inc.) C:\Users\Rechenknecht\Downloads\DropboxInstaller.exe 2016-09-04 22:15 - 2016-09-04 22:15 - 00004318 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA 2016-09-04 22:15 - 2016-09-04 22:15 - 00004086 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore 2016-09-04 22:15 - 2016-09-04 22:15 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\Dropbox 2016-09-04 22:15 - 2016-09-04 22:15 - 00000000 ____D C:\ProgramData\Dropbox 2016-09-04 22:08 - 2016-09-04 22:08 - 00003370 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task 2016-09-04 22:07 - 2016-09-04 22:07 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\Skype 2016-09-01 13:46 - 2009-06-02 18:00 - 00039632 ____R (www.winchiphead.com) C:\WINDOWS\SysWOW64\Drivers\CH341SER.SYS 2016-09-01 13:46 - 2008-12-17 18:00 - 00020089 ____R C:\WINDOWS\SysWOW64\CH341SER.VXD 2016-09-01 13:46 - 2007-06-11 18:00 - 00019680 ____R (www.winchiphead.com) C:\WINDOWS\SysWOW64\Drivers\CH341S98.SYS 2016-09-01 13:46 - 2005-07-29 18:00 - 00006712 ____R (www.winchiphead.com) C:\WINDOWS\SysWOW64\CH341PT.DLL 2016-08-31 22:58 - 2016-08-31 23:00 - 00000000 ____D C:\Users\Rechenknecht\Desktop\DCX-2496 2016-08-31 22:46 - 2016-08-31 22:46 - 00000000 ____D C:\Program Files (x86)\Prolific 2016-08-31 22:46 - 2016-08-02 04:13 - 00196864 _____ (Prolific Technology Inc.) C:\WINDOWS\system32\Drivers\ser2pl64.sys 2016-08-26 15:52 - 2004-08-31 08:47 - 05292044 _____ C:\Users\Rechenknecht\Desktop\rauschen_pinknoise_30sec.wav 2016-08-26 14:13 - 2016-08-26 14:13 - 00075759 _____ C:\Users\Rechenknecht\Downloads\DERTG1FS00001_DERTG1PR10001_3107_001.pdf 2016-08-25 15:28 - 2016-09-01 12:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-08-21 23:06 - 2016-08-21 23:06 - 00280748 _____ C:\WINDOWS\Minidump\082116-31437-01.dmp 2016-08-21 22:50 - 2016-08-21 22:50 - 00258092 _____ C:\WINDOWS\Minidump\082116-20343-01.dmp 2016-08-17 13:54 - 2016-08-17 13:54 - 00000000 ____D C:\ProgramData\AMD 2016-08-16 15:10 - 2016-08-16 15:10 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett 2016-08-16 03:18 - 2016-08-16 03:18 - 00159936 _____ (MBB) C:\WINDOWS\system32\Drivers\usb2ser.sys 2016-08-16 03:13 - 2016-08-16 03:13 - 04713984 _____ (Geza Kovacs) C:\Users\Rechenknecht\Downloads\unetbootin-windows-625.exe 2016-08-16 02:42 - 2016-08-16 03:04 - 4285749248 _____ C:\Users\Rechenknecht\Desktop\Win10_1607_German_x64.iso 2016-08-13 16:12 - 2016-08-13 16:12 - 00000146 _____ C:\Users\Rechenknecht\Desktop\Sound.lnk 2016-08-12 19:11 - 2016-08-12 19:11 - 00000000 ____D C:\Program Files\ATI Technologies 2016-08-12 19:10 - 2016-09-06 16:58 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin 2016-08-12 01:07 - 2016-08-12 01:07 - 09340136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 08892696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 08738920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 07258160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 07115928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00479368 _____ C:\WINDOWS\system32\amdmiracast.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00164280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00159088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00154920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00138688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00138176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00137224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00123120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00123104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00105344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00105344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 48819200 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 38266368 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 32555512 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 27489280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 26639360 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 21641216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 15729152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 14320128 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 08830456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 08627704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 07076352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 06956032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 02376704 _____ C:\WINDOWS\system32\amdoclvp9lib64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 02286584 _____ C:\WINDOWS\SysWOW64\amdoclvp9lib32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 02147328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 01837568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00991232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00883192 _____ (AMD) C:\WINDOWS\system32\coinst_16.30.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00751616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00627192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00459776 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00402944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe 2016-08-12 01:06 - 2016-08-12 01:06 - 00350208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe 2016-08-12 01:06 - 2016-08-12 01:06 - 00292352 _____ C:\WINDOWS\system32\dgtrayicon.exe 2016-08-12 01:06 - 2016-08-12 01:06 - 00287744 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00275968 _____ C:\WINDOWS\system32\GameManager64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00270336 _____ C:\WINDOWS\system32\clinfo.exe 2016-08-12 01:06 - 2016-08-12 01:06 - 00268792 _____ C:\WINDOWS\system32\hsa-thunk64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00249336 _____ C:\WINDOWS\system32\amdgfxinfo64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00241152 _____ C:\WINDOWS\SysWOW64\GameManager32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00234496 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00231424 _____ C:\WINDOWS\system32\atieah64.exe 2016-08-12 01:06 - 2016-08-12 01:06 - 00222208 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00209408 _____ C:\WINDOWS\SysWOW64\atieah32.exe 2016-08-12 01:06 - 2016-08-12 01:06 - 00202744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00201728 _____ C:\WINDOWS\system32\amdhdl64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00181760 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00176640 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00159736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00137208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00135168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00130560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00123896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00118784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00113664 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00111616 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00109568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00108544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00108544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00104448 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00083960 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00079864 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00073216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00069632 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00068608 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe 2016-08-12 01:06 - 2016-08-12 01:06 - 00068096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00067584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00066560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00060920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00055800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00021496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll 2016-08-11 13:52 - 2016-08-11 13:52 - 00635112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll 2016-08-11 13:51 - 2016-08-11 13:51 - 00439536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll 2016-08-11 13:51 - 2016-08-11 13:51 - 00390400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll 2016-08-11 13:51 - 2016-08-11 13:51 - 00267008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll 2016-08-11 13:50 - 2016-08-11 13:50 - 00333072 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll 2016-08-11 13:50 - 2016-08-11 13:50 - 00243480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll 2016-08-11 13:50 - 2016-08-11 13:50 - 00088816 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll 2016-08-11 13:50 - 2016-08-11 13:50 - 00085232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll 2016-08-11 01:42 - 2016-08-11 01:42 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\D-BOX 2016-08-11 01:05 - 2016-08-21 23:06 - 606990304 _____ C:\WINDOWS\MEMORY.DMP 2016-08-11 01:05 - 2016-08-21 23:06 - 00000000 ____D C:\WINDOWS\Minidump 2016-08-09 21:16 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-08-09 21:16 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-08-09 21:16 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-08-09 21:16 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-08-09 21:16 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2016-08-09 21:16 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2016-08-09 21:16 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2016-08-09 21:16 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-08-09 21:16 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2016-08-09 21:16 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-08-09 21:16 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-08-09 21:16 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2016-08-09 21:16 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2016-08-09 21:16 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll 2016-08-09 21:16 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-08-09 21:16 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-08-09 21:16 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2016-08-09 21:16 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-08-09 21:16 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2016-08-09 21:16 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2016-08-09 21:16 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-08-09 21:16 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-08-09 21:16 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-08-09 21:16 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-08-09 21:16 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-08-09 21:16 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2016-08-09 21:16 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe 2016-08-09 21:16 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2016-08-09 21:16 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-08-09 21:16 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-08-09 21:16 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll 2016-08-09 21:16 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2016-08-09 21:16 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-08-09 21:16 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2016-08-09 21:16 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2016-08-09 21:16 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll 2016-08-09 21:16 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll 2016-08-09 21:16 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2016-08-09 21:16 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2016-08-09 21:16 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-08-09 21:16 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll 2016-08-09 21:16 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-08-09 21:16 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2016-08-09 21:16 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll 2016-08-09 21:16 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-08-09 21:16 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-08-09 21:16 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2016-08-09 21:16 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-08-09 21:16 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll 2016-08-09 21:16 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-08-09 21:16 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2016-08-09 21:16 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2016-08-09 21:16 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2016-08-09 21:16 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2016-08-09 21:16 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe 2016-08-09 21:16 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-08-09 21:16 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-08-09 21:16 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2016-08-09 21:16 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-08-09 21:16 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-08-09 21:16 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2016-08-09 21:16 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-08-09 21:16 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-08-09 21:16 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-08-09 21:16 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2016-08-09 21:16 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2016-08-09 21:16 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2016-08-09 21:16 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-08-09 21:16 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2016-08-09 21:16 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-08-09 21:16 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-08-09 21:16 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-08-09 21:16 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-08-09 21:16 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-08-09 21:16 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-08-09 21:16 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2016-08-09 21:16 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-08-09 21:16 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-08-09 21:16 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-08-09 21:16 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-08-09 21:16 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-08-09 21:16 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-08-09 21:16 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-08-09 21:16 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-08-09 21:16 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2016-08-09 21:16 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2016-08-09 21:16 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll 2016-08-09 21:16 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-08-09 21:16 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-08-09 21:16 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll 2016-08-09 21:16 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-08-09 21:16 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-08-09 21:16 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-08-09 21:16 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-08-09 21:16 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-08-09 21:16 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-08-09 21:16 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe 2016-08-09 21:16 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll 2016-08-09 21:16 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-08-09 21:16 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2016-08-09 21:16 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll 2016-08-09 21:16 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll 2016-08-09 21:16 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll 2016-08-09 21:16 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-08-09 21:16 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-08-09 21:16 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-08-09 21:16 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2016-08-09 21:16 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe 2016-08-09 21:16 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-08-09 21:16 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2016-08-09 21:16 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-08-09 21:16 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-08-09 21:16 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-08-09 21:16 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-08-09 21:16 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-08-09 21:16 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2016-08-09 21:16 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2016-08-09 21:16 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2016-08-09 21:16 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2016-08-09 21:16 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-08-09 21:16 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-08-09 21:16 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-08-09 21:16 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2016-08-09 21:16 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-08-09 21:16 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-08-09 21:16 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-08-09 21:16 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-08-09 21:16 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-08-09 21:16 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-09-06 17:05 - 2016-05-28 22:04 - 01807284 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-09-06 17:05 - 2016-05-28 20:20 - 00778208 _____ C:\WINDOWS\system32\perfh007.dat 2016-09-06 17:05 - 2016-05-28 20:20 - 00156548 _____ C:\WINDOWS\system32\perfc007.dat 2016-09-06 17:05 - 2016-05-28 20:14 - 00000000 ____D C:\WINDOWS\INF 2016-09-06 17:00 - 2016-05-29 04:01 - 00000000 ____D C:\Users\Rechenknecht\AppData\Local\Sidebar7 2016-09-06 16:59 - 2016-07-04 22:17 - 00000000 ____D C:\ProgramData\VMware 2016-09-06 16:59 - 2016-05-29 06:54 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-09-06 16:58 - 2016-05-28 20:03 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-09-06 16:57 - 2016-05-28 22:05 - 00000000 ____D C:\Users\Rechenknecht 2016-09-06 16:46 - 2016-05-29 06:46 - 00335424 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-09-06 16:46 - 2016-05-28 20:15 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-09-06 16:45 - 2016-05-29 04:31 - 00003156 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner 2016-09-06 16:10 - 2016-06-01 23:04 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-09-06 15:45 - 2016-05-28 20:15 - 00000000 ___HD C:\Program Files\WindowsApps 2016-09-06 15:45 - 2016-05-28 20:15 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-09-05 20:46 - 2016-05-28 20:15 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-09-05 20:40 - 2016-05-28 20:15 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-09-04 22:08 - 2016-05-28 22:07 - 00002408 _____ C:\Users\Rechenknecht\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-09-04 22:08 - 2016-05-28 22:07 - 00000000 ___RD C:\Users\Rechenknecht\OneDrive 2016-09-04 13:03 - 2016-05-28 20:25 - 00000000 ___DC C:\WINDOWS\Panther 2016-09-04 13:00 - 2016-07-17 01:55 - 00000000 ___HD C:\$WINDOWS.~BT 2016-09-01 13:09 - 2016-05-28 20:15 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-09-01 13:09 - 2016-05-28 20:06 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-09-01 12:58 - 2016-05-28 22:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-08-31 22:46 - 2016-05-30 00:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-08-29 00:30 - 2016-05-29 19:08 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\TS3Client 2016-08-24 15:38 - 2016-05-29 00:32 - 00000000 ____D C:\Program Files (x86)\Steam 2016-08-21 23:08 - 2016-05-29 04:26 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner 2016-08-18 04:28 - 2016-06-26 22:56 - 00000000 ____D C:\Users\Rechenknecht\AppData\Local\Spotify 2016-08-18 02:09 - 2016-06-26 22:55 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\Spotify 2016-08-17 00:43 - 2016-07-02 17:24 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2016-08-17 00:43 - 2016-07-02 17:11 - 00000000 ____D C:\Program Files\Rockstar Games 2016-08-16 15:20 - 2016-05-29 00:29 - 00000000 ____D C:\Program Files (x86)\osu! 2016-08-16 15:10 - 2016-05-29 21:52 - 00000000 ____D C:\Program Files\Tablet 2016-08-16 15:08 - 2016-05-29 23:40 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\WTablet 2016-08-14 22:58 - 2016-05-29 20:41 - 00000000 ____D C:\ProgramData\Origin 2016-08-12 19:11 - 2016-05-29 06:49 - 00000000 ____D C:\Program Files\AMD 2016-08-12 19:10 - 2016-05-29 02:18 - 00000000 ____D C:\AMD 2016-08-12 01:07 - 2016-02-03 18:13 - 00183952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll 2016-08-12 01:07 - 2016-02-03 18:12 - 10995344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll 2016-08-12 01:07 - 2016-02-03 18:12 - 10317568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll 2016-08-12 01:07 - 2016-02-03 18:12 - 09131736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll 2016-08-12 01:07 - 2016-02-03 18:12 - 01547544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll 2016-08-12 01:07 - 2016-02-03 18:12 - 01273928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll 2016-08-12 01:07 - 2016-02-03 18:12 - 00152800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll 2016-08-12 01:06 - 2016-06-02 22:30 - 00521728 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2016-08-12 01:06 - 2016-06-02 22:30 - 00287232 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe 2016-08-12 01:06 - 2016-05-20 22:57 - 01323008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2016-08-12 01:06 - 2016-05-20 22:57 - 00991232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll 2016-08-12 01:06 - 2016-02-03 18:06 - 26706432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys 2016-08-12 01:06 - 2016-02-03 17:10 - 00518656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys 2016-08-11 01:06 - 2016-05-29 19:08 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2016-08-10 15:51 - 2016-05-28 20:15 - 00000000 ____D C:\WINDOWS\rescache 2016-08-10 15:15 - 2016-05-28 22:05 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-08-10 04:14 - 2016-05-28 20:15 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-08-10 04:14 - 2016-05-28 20:15 - 00000000 ____D C:\Program Files\Windows Journal 2016-08-10 03:01 - 2016-05-29 00:10 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-08-10 03:01 - 2016-05-28 20:15 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2016-08-10 02:59 - 2016-05-29 00:09 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-08-08 00:03 - 2016-05-28 20:15 - 00000000 ____D C:\WINDOWS\addins ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-09-06 00:51 - 2016-09-06 00:51 - 0142336 ____H () C:\Program Files (x86)\local64spl.dll 2016-09-06 00:51 - 2016-09-06 00:51 - 0000020 ____H () C:\Program Files (x86)\local64spl.dll.ini 2016-05-29 04:02 - 2016-06-17 13:17 - 0000626 _____ () C:\Users\Rechenknecht\AppData\Roaming\All CPU MeterV3_Settings.ini 2016-05-29 04:14 - 2016-05-29 04:14 - 0000283 _____ () C:\Users\Rechenknecht\AppData\Roaming\GPU MeterV2_Settings.ini 2016-05-29 04:06 - 2016-05-29 04:06 - 0000120 _____ () C:\Users\Rechenknecht\AppData\Roaming\System Monitor II_UptimeRecord.ini 2016-09-05 20:52 - 2016-09-05 20:52 - 0233984 _____ () C:\Users\Rechenknecht\AppData\Local\iklado.dll 2016-05-29 06:50 - 2016-05-29 06:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Rechenknecht\AppData\Local\iklado.dll Einige Dateien in TEMP: ==================== C:\Users\Rechenknecht\AppData\Local\Temp\GTA_V_Patch_1_0_791_2.exe C:\Users\Rechenknecht\AppData\Local\Temp\libeay32.dll C:\Users\Rechenknecht\AppData\Local\Temp\local64spl.dll C:\Users\Rechenknecht\AppData\Local\Temp\msvcr120.dll C:\Users\Rechenknecht\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-08-29 00:35 ==================== Ende von FRST.txt ============================ |
|
06.09.2016, 21:19
| #5 |
| /// TB-Senior | Trotux.com redirect Virus eingefangen Hi, vom GameLauncher waren wohl auch nur noch Reste da. Schritt 1: FRST-Fix Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter closeprocesses:
File: C:\Users\Rechenknecht\AppData\Local\iklado.dll
HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\Run: [iklado] => C:\Users\Rechenknecht\AppData\Local\iklado.dll [233984 2016-09-05] () <===== ACHTUNG
C:\Users\Rechenknecht\AppData\Local\iklado.dll
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2: Kontrollscan mit ESET ESET Online Scanner
Schritt 3: frische FRST-Logs
__________________ Zum Schutz vor Trojanerinnen und Femaleware ist bei einem aktuellen Windows 10 die Windows-Defenderin ausreichend. |
|
07.09.2016, 00:00
| #6 |
| | Trotux.com redirect Virus eingefangen Hi, ESET hat noch einiges gefunden. Hätte echt nicht gedacht das adware so hartnäckig sein kann (bzw. handelt es sich überhaupt noch um adware das sieht irgendwie schlimmer aus?  )Wieso soll ich eigendlich Programme wie ESET deinstallieren? Eigendlich scheint das doch nur nützlich zu sein? Hab natürlich trotzdem die Anleitung befolgt, aber hier wird halt überall gesagt, das man nicht wahllos irgendwelche Virenprogramme durchlaufen lassen soll.. Bei CCleaner etc. ist das klar, aber wieso z.B. bei ESET? FRST-Fixlog Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgeführt von Rechenknecht (06-09-2016 22:32:27) Run:1
Gestartet von C:\Users\Rechenknecht\Desktop
Geladene Profile: Rechenknecht (Verfügbare Profile: Rechenknecht)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
closeprocesses:
File: C:\Users\Rechenknecht\AppData\Local\iklado.dll
HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\Run: [iklado] => C:\Users\Rechenknecht\AppData\Local\iklado.dll [233984 2016-09-05] () <===== ACHTUNG
C:\Users\Rechenknecht\AppData\Local\iklado.dll
emptytemp:
*****************
Prozess erfolgreich geschlossen.
========================= File: C:\Users\Rechenknecht\AppData\Local\iklado.dll ========================
Datei ist nicht signiert
MD5: E54151D505E0D165B506D80F987E1A70
Erstellungs- und Änderungsdatum: 2016-09-05 20:52 - 2016-09-05 20:52
Größe: 0233984
Attribute: ----A
Firmenname:
Interne Name:
Original Name:
Produkt:
Beschreibung:
Datei Version:
Produkt Version:
Urheberrecht:
====== Ende von File: ======
HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\Software\Microsoft\Windows\CurrentVersion\Run\\iklado => Wert erfolgreich entfernt
C:\Users\Rechenknecht\AppData\Local\iklado.dll => erfolgreich verschoben
=========== EmptyTemp: ==========
BITS transfer queue => 845149 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22290209 B
Java, Flash, Steam htmlcache => 130336223 B
Windows/system/drivers => 22976815 B
Edge => 930402 B
Chrome => 0 B
Firefox => 388675226 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 321046 B
Rechenknecht => 1472362070 B
RecycleBin => 222050 B
EmptyTemp: => 1.9 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 22:33:40 ====
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=667c0b6372bfaa48b16d44f7934ff166
# end=init
# utc_time=2016-09-06 08:40:54
# local_time=2016-09-06 10:40:54 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 30669
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=667c0b6372bfaa48b16d44f7934ff166
# end=updated
# utc_time=2016-09-06 08:45:28
# local_time=2016-09-06 10:45:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=667c0b6372bfaa48b16d44f7934ff166
# engine=30669
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-09-06 10:05:45
# local_time=2016-09-07 12:05:45 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 25888 27013688 0 0
# scanned=283477
# found=17
# cleaned=0
# scan_time=4816
sh=F3E6AF1FDB18CE07A7C5CB57BEA215881EFF4D3E ft=1 fh=e74aec6d936c77d5 vn="Variante von Win64/TrojanDownloader.Agent.U Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\akbbdbuvhymrqlcduehbdxbvgaqcmoan\local64spl.dll"
sh=F3E6AF1FDB18CE07A7C5CB57BEA215881EFF4D3E ft=1 fh=e74aec6d936c77d5 vn="Variante von Win64/TrojanDownloader.Agent.U Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\fzvtadskleseuwflyqntjcibrirdzzya\local64spl.dll"
sh=F3E6AF1FDB18CE07A7C5CB57BEA215881EFF4D3E ft=1 fh=e74aec6d936c77d5 vn="Variante von Win64/TrojanDownloader.Agent.U Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\kfcknreofzademlkjwbvrhlevorapief\local64spl.dll"
sh=F3E6AF1FDB18CE07A7C5CB57BEA215881EFF4D3E ft=1 fh=e74aec6d936c77d5 vn="Variante von Win64/TrojanDownloader.Agent.U Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\lbqndcbpsotqnaparfscrqnizxymzees\local64spl.dll"
sh=F3E6AF1FDB18CE07A7C5CB57BEA215881EFF4D3E ft=1 fh=e74aec6d936c77d5 vn="Variante von Win64/TrojanDownloader.Agent.U Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\yrelpeducvfmeaifrsxzgphgwfspwzvy\local64spl.dll"
sh=B6B987E723F5EC1226383C0081D8463EAE1327DF ft=1 fh=d3e882b2e20c59e7 vn="Variante von Win32/TrojanProxy.Agent.OAC Trojaner" ac=I fn="C:\FRST\Quarantine\C\Users\Rechenknecht\AppData\Local\iklado.dll.xBAD"
sh=F3E6AF1FDB18CE07A7C5CB57BEA215881EFF4D3E ft=1 fh=e74aec6d936c77d5 vn="Variante von Win64/TrojanDownloader.Agent.U Trojaner" ac=I fn="C:\Program Files (x86)\local64spl.dll"
sh=F3E6AF1FDB18CE07A7C5CB57BEA215881EFF4D3E ft=1 fh=e74aec6d936c77d5 vn="Variante von Win64/TrojanDownloader.Agent.U Trojaner" ac=I fn="C:\Program Files (x86)\Mozilla Firefox\browser\features\local64spl.dll"
sh=F3E6AF1FDB18CE07A7C5CB57BEA215881EFF4D3E ft=1 fh=e74aec6d936c77d5 vn="Variante von Win64/TrojanDownloader.Agent.U Trojaner" ac=I fn="C:\Program Files (x86)\Mozilla Firefox\browser\features_\local64spl.dll"
sh=F3E6AF1FDB18CE07A7C5CB57BEA215881EFF4D3E ft=1 fh=e74aec6d936c77d5 vn="Variante von Win64/TrojanDownloader.Agent.U Trojaner" ac=I fn="C:\Program Files (x86)\Youtube AdBlock_\local64spl.dll"
sh=F3E6AF1FDB18CE07A7C5CB57BEA215881EFF4D3E ft=1 fh=e74aec6d936c77d5 vn="Variante von Win64/TrojanDownloader.Agent.U Trojaner" ac=I fn="C:\Program Files (x86)_\local64spl.dll"
sh=F3E6AF1FDB18CE07A7C5CB57BEA215881EFF4D3E ft=1 fh=e74aec6d936c77d5 vn="Variante von Win64/TrojanDownloader.Agent.U Trojaner" ac=I fn="C:\Users\MS.Default\Helper.3_\local64spl.dll"
sh=F3E6AF1FDB18CE07A7C5CB57BEA215881EFF4D3E ft=1 fh=e74aec6d936c77d5 vn="Variante von Win64/TrojanDownloader.Agent.U Trojaner" ac=I fn="C:\Users\MS.Default\Helper.4_\local64spl.dll"
sh=F3E6AF1FDB18CE07A7C5CB57BEA215881EFF4D3E ft=1 fh=e74aec6d936c77d5 vn="Variante von Win64/TrojanDownloader.Agent.U Trojaner" ac=I fn="C:\Users\MS.Default\Helper.5_\local64spl.dll"
sh=F3E6AF1FDB18CE07A7C5CB57BEA215881EFF4D3E ft=1 fh=e74aec6d936c77d5 vn="Variante von Win64/TrojanDownloader.Agent.U Trojaner" ac=I fn="C:\Users\Rechenknecht\AppData\Local\Temp_\local64spl.dll"
sh=F3E6AF1FDB18CE07A7C5CB57BEA215881EFF4D3E ft=1 fh=e74aec6d936c77d5 vn="Variante von Win64/TrojanDownloader.Agent.U Trojaner" ac=I fn="C:\Users\Rechenknecht\AppData\LocalLow\Youtube AdBlock_\local64spl.dll"
sh=F3E6AF1FDB18CE07A7C5CB57BEA215881EFF4D3E ft=1 fh=e74aec6d936c77d5 vn="Variante von Win64/TrojanDownloader.Agent.U Trojaner" ac=I fn="C:\Windows\Temp_\local64spl.dll"
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016 durchgeführt von Rechenknecht (Administrator) auf DESKTOP-ED2S725 (07-09-2016 00:53:18) Gestartet von C:\Users\Rechenknecht\Desktop Geladene Profile: Rechenknecht (Verfügbare Profile: Rechenknecht) Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (VMware, Inc.) C:\Windows\syswow64\vmnetdhcp.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (VMware, Inc.) C:\Windows\syswow64\vmnat.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe () C:\Windows\syswow64\HsMgr.exe () C:\Windows\System\HsMgr64.exe (CMedia) C:\Program Files\ASUS Xonar DGX Audio\Customapp\AsusAudioCenter.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Spotify Ltd) C:\Users\Rechenknecht\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer64.exe () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248 2015-12-17] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-12-17] (Realtek Semiconductor) HKLM\...\Run: [Cmaudio8788] => C:\WINDOWS\Syswow64\cmicnfgp.dll [13463552 2014-03-11] (C-Media Corporation) HKLM\...\Run: [Cmaudio8788GX] => C:\WINDOWS\syswow64\HsMgr.exe [200704 2008-07-11] () HKLM\...\Run: [Cmaudio8788GX64] => C:\WINDOWS\system\HsMgr64.exe [282112 2008-07-11] () HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-24] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [14885552 2016-03-23] (Corsair Components, Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25197248 2016-08-30] (Dropbox, Inc.) HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation) HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\Run: [Spotify Web Helper] => C:\Users\Rechenknecht\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1555056 2016-08-07] (Spotify Ltd) HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\Run: [Spotify] => C:\Users\Rechenknecht\AppData\Roaming\Spotify\Spotify.exe [6937200 2016-08-07] (Spotify Ltd) HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\RunOnce: [Uninstall C:\Users\Rechenknecht\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Rechenknecht\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) Startup: C:\Users\Rechenknecht\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar304.lnk [2016-09-06] ShortcutTarget: Sidebar304.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\..\Interfaces\{15b81e0a-651f-43bb-9e8a-cdc94c751aa2}: [DhcpNameServer] 80.69.96.12 81.210.129.4 ManualProxies: Internet Explorer: ================== BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-09-05] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation) FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] () FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] () FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-09-05] (Microsoft Corporation) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-24] () [Datei ist nicht signiert] R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2014-03-13] () R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2014-03-13] (ASUSTeK Computer Inc.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.) R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2014-03-13] (ASUSTeK Computer Inc.) [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2981056 2016-08-11] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-04] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-04] (Dropbox, Inc.) R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [249320 2015-12-17] (DTS, Inc) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-09] (Electronic Arts) S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation) R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [652240 2016-07-14] (Wacom Technology, Corp.) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [23240 2016-05-20] (Advanced Micro Devices, Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] () R0 asstor64; C:\Windows\System32\drivers\asstor64.sys [83792 2015-09-28] (Asmedia Technology) R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-01-15] () R3 ASUSfilter; C:\Windows\System32\drivers\ASUSfilter.sys [48384 2014-08-18] (MCCI Corporation) S3 ASUSstpt; C:\Windows\System32\drivers\ASUSstpt.sys [27392 2014-08-18] (MCCI Corporation) S3 ASUSumsc; C:\Windows\System32\drivers\ASUSumsc.sys [151808 2014-08-18] (MCCI Corporation) S3 ASUSxpsp; C:\Windows\System32\drivers\ASUSxpsp.sys [28416 2014-08-18] (MCCI Corporation) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [101376 2016-05-20] (Advanced Micro Devices) R3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2015-06-02] (C-Media Inc) R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2015-12-17] (Corsair) R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2015-12-17] (Corsair) S3 dg_ssudbus; C:\Windows\System32\drivers\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.) S3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-11-14] (Disc Soft Ltd) S3 FlashUSB; C:\Windows\System32\drivers\FlashUSB.sys [19968 2014-10-13] (Intel Mobile Communications) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-07] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-09] () S3 shspusb; C:\Windows\System32\drivers\HSPUSB.sys [24064 2014-10-13] (MobileTop) S3 sscdserd; C:\Windows\System32\drivers\sscdserd.sys [158024 2014-10-13] (MCCI Corporation) S3 ssceserd; C:\Windows\System32\drivers\ssceserd.sys [158024 2014-10-13] (MCCI Corporation) S3 ssdudfu; C:\Windows\System32\drivers\ssdudfu.sys [101960 2014-10-13] (MCCI) S3 ssm_bus; C:\Windows\System32\drivers\ssm_bus.sys [136192 2014-10-13] (MCCI Corporation) S3 ssm_mdm; C:\Windows\System32\drivers\ssm_mdm.sys [172032 2014-10-13] (MCCI Corporation) S3 ssuddmgr; C:\Windows\System32\drivers\ssuddmgr.sys [206080 2014-10-13] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.) S3 ssudobex; C:\Windows\System32\drivers\ssudobex.sys [206080 2014-10-13] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssudqcfilter; C:\Windows\System32\drivers\ssudqcfilter.sys [57648 2015-12-08] (QUALCOMM Incorporated) S3 ssudrmnet; C:\Windows\System32\drivers\ssudrmnet.sys [70400 2014-10-13] (DEVGURU Co., LTD.) S3 ssudserd; C:\Windows\System32\drivers\ssudserd.sys [206080 2014-10-13] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ss_bserd; C:\Windows\System32\drivers\ss_bserd.sys [128000 2014-10-13] (MCCI Corporation) S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-10-13] (DEVGURU Co., LTD.) S3 t_mouse.sys; C:\Windows\System32\drivers\t_mouse.sys [6144 2012-12-19] () R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-11-05] (VMware, Inc.) S3 WacHidRouterPro; C:\Windows\System32\drivers\wachidrouter.sys [102864 2016-03-03] (Wacom Technology) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) S3 WinRing0_1_2_0; \??\C:\Users\Rechenknecht\AppData\Local\Temp\tmp3492.tmp [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-09-07 00:53 - 2016-09-07 00:53 - 00019687 _____ C:\Users\Rechenknecht\Desktop\FRST.txt 2016-09-06 22:40 - 2016-09-06 22:40 - 02870984 _____ (ESET) C:\Users\Rechenknecht\Downloads\esetsmartinstaller_deu.exe 2016-09-06 22:32 - 2016-09-06 22:33 - 00002080 _____ C:\Users\Rechenknecht\Desktop\Fixlog.txt 2016-09-06 16:54 - 2016-09-06 16:57 - 00000000 ____D C:\AdwCleaner 2016-09-06 16:51 - 2016-09-06 16:51 - 03826240 _____ C:\Users\Rechenknecht\Desktop\AdwCleaner_6.010.exe 2016-09-06 16:45 - 2016-09-06 16:45 - 00001804 _____ C:\Users\Rechenknecht\Desktop\mbamlog.txt 2016-09-06 15:49 - 2016-09-07 00:12 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-09-06 15:49 - 2016-09-06 15:49 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-09-06 15:49 - 2016-09-06 15:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-09-06 15:49 - 2016-09-06 15:49 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-09-06 15:49 - 2016-09-06 15:49 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-09-06 15:49 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-09-06 15:49 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-09-06 15:49 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-09-06 15:43 - 2016-09-06 15:44 - 22851472 _____ (Malwarebytes ) C:\Users\Rechenknecht\Downloads\mbam-setup-2.2.1.1043.exe 2016-09-06 00:51 - 2016-09-06 00:51 - 00142336 ____H C:\Program Files (x86)\local64spl.dll 2016-09-06 00:51 - 2016-09-06 00:51 - 00000020 ____H C:\Program Files (x86)\local64spl.dll.ini 2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\WINDOWS\Temp_ 2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\Users\Rechenknecht\AppData\LocalLow\Youtube AdBlock_ 2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\Users\Rechenknecht\AppData\Local\Temp_ 2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\Users\MS.Default\Helper.5_ 2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\Users\MS.Default\Helper.4_ 2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\Users\MS.Default\Helper.3_ 2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\Program Files (x86)_ 2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\Program Files (x86)\Youtube AdBlock_ 2016-09-05 23:38 - 2016-09-05 23:38 - 02397696 _____ (Farbar) C:\Users\Rechenknecht\Desktop\FRST64.exe 2016-09-05 23:30 - 2016-09-06 16:57 - 00000008 __RSH C:\Users\Rechenknecht\ntuser.pol 2016-09-05 23:13 - 2016-09-05 23:13 - 00055456 _____ C:\Users\Rechenknecht\Downloads\Addition.txt 2016-09-05 23:12 - 2016-09-05 23:13 - 00062474 _____ C:\Users\Rechenknecht\Downloads\FRST.txt 2016-09-05 22:41 - 2016-09-07 00:53 - 00000000 ____D C:\FRST 2016-09-05 22:40 - 2016-09-05 22:40 - 02397696 _____ (Farbar) C:\Users\Rechenknecht\Downloads\FRST64.exe 2016-09-05 20:53 - 2016-09-06 16:57 - 00000008 __RSH C:\ProgramData\ntuser.pol 2016-09-05 20:52 - 2016-09-06 16:44 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\GameLauncher 2016-09-05 20:51 - 2016-09-06 16:57 - 00000000 ___HD C:\Users\MS.Default 2016-09-05 20:51 - 2016-09-06 16:46 - 00000000 ___HD C:\Program Files (x86)\wdq967 2016-09-05 20:51 - 2016-09-05 20:51 - 00009062 _____ C:\WINDOWS\System32\Tasks\Gohghwuers Cloud 2016-09-05 20:51 - 2016-09-05 20:51 - 00000000 ____D C:\ProgramData\Avg 2016-09-05 20:51 - 2016-09-05 20:51 - 00000000 ____D C:\ProgramData\AVAST Software 2016-09-05 20:50 - 2016-09-06 16:46 - 00000000 ____D C:\Program Files (x86)\Vurationrirole 2016-09-05 20:43 - 2016-09-05 20:43 - 00002583 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2016-09-05 20:43 - 2016-09-05 20:43 - 00002579 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2016-09-05 20:43 - 2016-09-05 20:43 - 00002558 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk 2016-09-05 20:43 - 2016-09-05 20:43 - 00002533 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2016-09-05 20:43 - 2016-09-05 20:43 - 00002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2016-09-05 20:43 - 2016-09-05 20:43 - 00002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2016-09-05 20:43 - 2016-09-05 20:43 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2016-09-05 20:43 - 2016-09-05 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools 2016-09-05 20:40 - 2016-09-06 22:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-09-05 20:40 - 2016-09-05 20:40 - 03786432 _____ (Microsoft Corporation) C:\Users\Rechenknecht\Downloads\Setup.X86.de-DE_O365HomePremRetail_0981a43f-391f-4b51-a065-13c3a942e757_TX_DB_.exe 2016-09-05 20:40 - 2016-09-05 20:40 - 00000000 ____D C:\Program Files\Microsoft Office 15 2016-09-04 22:16 - 2016-09-06 22:37 - 00000000 ___RD C:\Users\Rechenknecht\Dropbox 2016-09-04 22:16 - 2016-09-04 22:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-09-04 22:15 - 2016-09-07 00:20 - 00001258 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2016-09-04 22:15 - 2016-09-06 22:36 - 00001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2016-09-04 22:15 - 2016-09-04 22:16 - 00000000 ____D C:\Users\Rechenknecht\AppData\Local\Dropbox 2016-09-04 22:15 - 2016-09-04 22:16 - 00000000 ____D C:\Program Files (x86)\Dropbox 2016-09-04 22:15 - 2016-09-04 22:15 - 00690072 _____ (Dropbox, Inc.) C:\Users\Rechenknecht\Downloads\DropboxInstaller.exe 2016-09-04 22:15 - 2016-09-04 22:15 - 00004318 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA 2016-09-04 22:15 - 2016-09-04 22:15 - 00004086 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore 2016-09-04 22:15 - 2016-09-04 22:15 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\Dropbox 2016-09-04 22:15 - 2016-09-04 22:15 - 00000000 ____D C:\ProgramData\Dropbox 2016-09-04 22:08 - 2016-09-04 22:08 - 00003370 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task 2016-09-04 22:07 - 2016-09-04 22:07 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\Skype 2016-09-01 13:46 - 2009-06-02 18:00 - 00039632 ____R (www.winchiphead.com) C:\WINDOWS\SysWOW64\Drivers\CH341SER.SYS 2016-09-01 13:46 - 2008-12-17 18:00 - 00020089 ____R C:\WINDOWS\SysWOW64\CH341SER.VXD 2016-09-01 13:46 - 2007-06-11 18:00 - 00019680 ____R (www.winchiphead.com) C:\WINDOWS\SysWOW64\Drivers\CH341S98.SYS 2016-09-01 13:46 - 2005-07-29 18:00 - 00006712 ____R (www.winchiphead.com) C:\WINDOWS\SysWOW64\CH341PT.DLL 2016-08-31 22:58 - 2016-08-31 23:00 - 00000000 ____D C:\Users\Rechenknecht\Desktop\DCX-2496 2016-08-31 22:46 - 2016-08-31 22:46 - 00000000 ____D C:\Program Files (x86)\Prolific 2016-08-31 22:46 - 2016-08-02 04:13 - 00196864 _____ (Prolific Technology Inc.) C:\WINDOWS\system32\Drivers\ser2pl64.sys 2016-08-26 15:52 - 2004-08-31 08:47 - 05292044 _____ C:\Users\Rechenknecht\Desktop\rauschen_pinknoise_30sec.wav 2016-08-26 14:13 - 2016-08-26 14:13 - 00075759 _____ C:\Users\Rechenknecht\Downloads\DERTG1FS00001_DERTG1PR10001_3107_001.pdf 2016-08-25 15:28 - 2016-09-01 12:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-08-21 23:06 - 2016-08-21 23:06 - 00280748 _____ C:\WINDOWS\Minidump\082116-31437-01.dmp 2016-08-21 22:50 - 2016-08-21 22:50 - 00258092 _____ C:\WINDOWS\Minidump\082116-20343-01.dmp 2016-08-17 13:54 - 2016-08-17 13:54 - 00000000 ____D C:\ProgramData\AMD 2016-08-16 15:10 - 2016-08-16 15:10 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett 2016-08-16 03:18 - 2016-08-16 03:18 - 00159936 _____ (MBB) C:\WINDOWS\system32\Drivers\usb2ser.sys 2016-08-16 03:13 - 2016-08-16 03:13 - 04713984 _____ (Geza Kovacs) C:\Users\Rechenknecht\Downloads\unetbootin-windows-625.exe 2016-08-16 02:42 - 2016-08-16 03:04 - 4285749248 _____ C:\Users\Rechenknecht\Desktop\Win10_1607_German_x64.iso 2016-08-13 16:12 - 2016-08-13 16:12 - 00000146 _____ C:\Users\Rechenknecht\Desktop\Sound.lnk 2016-08-12 19:11 - 2016-08-12 19:11 - 00000000 ____D C:\Program Files\ATI Technologies 2016-08-12 19:10 - 2016-09-06 22:35 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin 2016-08-12 01:07 - 2016-08-12 01:07 - 09340136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 08892696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 08738920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 07258160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 07115928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00479368 _____ C:\WINDOWS\system32\amdmiracast.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00164280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00159088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00154920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00138688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00138176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00137224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00123120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00123104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00105344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00105344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 48819200 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 38266368 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 32555512 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 27489280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 26639360 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 21641216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 15729152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 14320128 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 08830456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 08627704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 07076352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 06956032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 02376704 _____ C:\WINDOWS\system32\amdoclvp9lib64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 02286584 _____ C:\WINDOWS\SysWOW64\amdoclvp9lib32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 02147328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 01837568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00991232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00883192 _____ (AMD) C:\WINDOWS\system32\coinst_16.30.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00751616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00627192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00459776 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00402944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe 2016-08-12 01:06 - 2016-08-12 01:06 - 00350208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe 2016-08-12 01:06 - 2016-08-12 01:06 - 00292352 _____ C:\WINDOWS\system32\dgtrayicon.exe 2016-08-12 01:06 - 2016-08-12 01:06 - 00287744 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00275968 _____ C:\WINDOWS\system32\GameManager64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00270336 _____ C:\WINDOWS\system32\clinfo.exe 2016-08-12 01:06 - 2016-08-12 01:06 - 00268792 _____ C:\WINDOWS\system32\hsa-thunk64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00249336 _____ C:\WINDOWS\system32\amdgfxinfo64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00241152 _____ C:\WINDOWS\SysWOW64\GameManager32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00234496 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00231424 _____ C:\WINDOWS\system32\atieah64.exe 2016-08-12 01:06 - 2016-08-12 01:06 - 00222208 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00209408 _____ C:\WINDOWS\SysWOW64\atieah32.exe 2016-08-12 01:06 - 2016-08-12 01:06 - 00202744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00201728 _____ C:\WINDOWS\system32\amdhdl64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00181760 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00176640 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00159736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00137208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00135168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00130560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00123896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00118784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00113664 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00111616 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00109568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00108544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00108544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00104448 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00083960 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00079864 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00073216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00069632 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00068608 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe 2016-08-12 01:06 - 2016-08-12 01:06 - 00068096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00067584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00066560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00060920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00055800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00021496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll 2016-08-11 13:52 - 2016-08-11 13:52 - 00635112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll 2016-08-11 13:51 - 2016-08-11 13:51 - 00439536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll 2016-08-11 13:51 - 2016-08-11 13:51 - 00390400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll 2016-08-11 13:51 - 2016-08-11 13:51 - 00267008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll 2016-08-11 13:50 - 2016-08-11 13:50 - 00333072 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll 2016-08-11 13:50 - 2016-08-11 13:50 - 00243480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll 2016-08-11 13:50 - 2016-08-11 13:50 - 00088816 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll 2016-08-11 13:50 - 2016-08-11 13:50 - 00085232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll 2016-08-11 01:42 - 2016-08-11 01:42 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\D-BOX 2016-08-11 01:05 - 2016-08-21 23:06 - 606990304 _____ C:\WINDOWS\MEMORY.DMP 2016-08-11 01:05 - 2016-08-21 23:06 - 00000000 ____D C:\WINDOWS\Minidump 2016-08-09 21:16 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-08-09 21:16 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-08-09 21:16 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-08-09 21:16 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-08-09 21:16 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2016-08-09 21:16 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll 2016-08-09 21:16 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2016-08-09 21:16 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-08-09 21:16 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2016-08-09 21:16 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-08-09 21:16 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-08-09 21:16 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2016-08-09 21:16 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2016-08-09 21:16 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll 2016-08-09 21:16 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-08-09 21:16 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-08-09 21:16 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2016-08-09 21:16 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-08-09 21:16 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2016-08-09 21:16 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2016-08-09 21:16 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-08-09 21:16 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-08-09 21:16 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-08-09 21:16 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-08-09 21:16 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-08-09 21:16 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2016-08-09 21:16 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe 2016-08-09 21:16 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2016-08-09 21:16 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-08-09 21:16 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-08-09 21:16 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll 2016-08-09 21:16 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2016-08-09 21:16 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-08-09 21:16 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll 2016-08-09 21:16 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll 2016-08-09 21:16 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll 2016-08-09 21:16 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll 2016-08-09 21:16 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2016-08-09 21:16 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2016-08-09 21:16 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-08-09 21:16 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll 2016-08-09 21:16 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-08-09 21:16 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2016-08-09 21:16 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll 2016-08-09 21:16 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-08-09 21:16 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-08-09 21:16 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2016-08-09 21:16 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-08-09 21:16 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll 2016-08-09 21:16 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-08-09 21:16 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll 2016-08-09 21:16 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll 2016-08-09 21:16 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll 2016-08-09 21:16 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2016-08-09 21:16 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe 2016-08-09 21:16 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-08-09 21:16 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-08-09 21:16 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2016-08-09 21:16 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-08-09 21:16 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-08-09 21:16 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2016-08-09 21:16 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-08-09 21:16 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-08-09 21:16 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-08-09 21:16 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2016-08-09 21:16 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll 2016-08-09 21:16 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2016-08-09 21:16 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-08-09 21:16 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2016-08-09 21:16 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-08-09 21:16 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-08-09 21:16 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-08-09 21:16 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-08-09 21:16 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-08-09 21:16 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-08-09 21:16 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2016-08-09 21:16 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-08-09 21:16 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-08-09 21:16 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-08-09 21:16 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-08-09 21:16 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-08-09 21:16 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-08-09 21:16 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-08-09 21:16 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-08-09 21:16 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2016-08-09 21:16 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2016-08-09 21:16 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll 2016-08-09 21:16 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-08-09 21:16 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-08-09 21:16 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll 2016-08-09 21:16 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-08-09 21:16 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-08-09 21:16 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-08-09 21:16 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-08-09 21:16 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-08-09 21:16 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-08-09 21:16 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe 2016-08-09 21:16 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll 2016-08-09 21:16 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-08-09 21:16 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll 2016-08-09 21:16 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll 2016-08-09 21:16 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll 2016-08-09 21:16 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll 2016-08-09 21:16 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-08-09 21:16 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-08-09 21:16 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll 2016-08-09 21:16 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2016-08-09 21:16 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe 2016-08-09 21:16 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-08-09 21:16 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2016-08-09 21:16 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-08-09 21:16 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-08-09 21:16 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-08-09 21:16 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-08-09 21:16 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-08-09 21:16 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2016-08-09 21:16 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll 2016-08-09 21:16 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2016-08-09 21:16 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2016-08-09 21:16 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-08-09 21:16 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-08-09 21:16 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-08-09 21:16 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2016-08-09 21:16 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-08-09 21:16 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-08-09 21:16 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-08-09 21:16 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-08-09 21:16 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-08-09 21:16 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-09-07 00:40 - 2016-05-28 20:14 - 00000000 ____D C:\WINDOWS\INF 2016-09-07 00:37 - 2016-05-29 04:01 - 00000000 ____D C:\Users\Rechenknecht\AppData\Local\Sidebar7 2016-09-07 00:10 - 2016-06-01 23:04 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-09-06 22:40 - 2016-05-28 22:04 - 01807284 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-09-06 22:40 - 2016-05-28 20:20 - 00778208 _____ C:\WINDOWS\system32\perfh007.dat 2016-09-06 22:40 - 2016-05-28 20:20 - 00156548 _____ C:\WINDOWS\system32\perfc007.dat 2016-09-06 22:36 - 2016-07-04 22:17 - 00000000 ____D C:\ProgramData\VMware 2016-09-06 22:36 - 2016-05-29 06:54 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-09-06 22:35 - 2016-05-28 20:03 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-09-06 16:57 - 2016-05-28 22:05 - 00000000 ____D C:\Users\Rechenknecht 2016-09-06 16:46 - 2016-05-29 06:46 - 00335424 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-09-06 16:46 - 2016-05-28 20:15 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-09-06 16:45 - 2016-05-29 04:31 - 00003156 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner 2016-09-06 15:45 - 2016-05-28 20:15 - 00000000 ___HD C:\Program Files\WindowsApps 2016-09-06 15:45 - 2016-05-28 20:15 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-09-05 20:46 - 2016-05-28 20:15 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-09-05 20:40 - 2016-05-28 20:15 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-09-04 22:08 - 2016-05-28 22:07 - 00002408 _____ C:\Users\Rechenknecht\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-09-04 22:08 - 2016-05-28 22:07 - 00000000 ___RD C:\Users\Rechenknecht\OneDrive 2016-09-04 13:03 - 2016-05-28 20:25 - 00000000 ___DC C:\WINDOWS\Panther 2016-09-04 13:00 - 2016-07-17 01:55 - 00000000 ___HD C:\$WINDOWS.~BT 2016-09-01 13:09 - 2016-05-28 20:15 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-09-01 13:09 - 2016-05-28 20:06 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-09-01 12:58 - 2016-05-28 22:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-08-31 22:46 - 2016-05-30 00:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-08-29 00:30 - 2016-05-29 19:08 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\TS3Client 2016-08-24 15:38 - 2016-05-29 00:32 - 00000000 ____D C:\Program Files (x86)\Steam 2016-08-21 23:08 - 2016-05-29 04:26 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner 2016-08-18 04:28 - 2016-06-26 22:56 - 00000000 ____D C:\Users\Rechenknecht\AppData\Local\Spotify 2016-08-18 02:09 - 2016-06-26 22:55 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\Spotify 2016-08-17 00:43 - 2016-07-02 17:24 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2016-08-17 00:43 - 2016-07-02 17:11 - 00000000 ____D C:\Program Files\Rockstar Games 2016-08-16 15:20 - 2016-05-29 00:29 - 00000000 ____D C:\Program Files (x86)\osu! 2016-08-16 15:10 - 2016-05-29 21:52 - 00000000 ____D C:\Program Files\Tablet 2016-08-16 15:08 - 2016-05-29 23:40 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\WTablet 2016-08-14 22:58 - 2016-05-29 20:41 - 00000000 ____D C:\ProgramData\Origin 2016-08-12 19:11 - 2016-05-29 06:49 - 00000000 ____D C:\Program Files\AMD 2016-08-12 19:10 - 2016-05-29 02:18 - 00000000 ____D C:\AMD 2016-08-12 01:07 - 2016-02-03 18:13 - 00183952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll 2016-08-12 01:07 - 2016-02-03 18:12 - 10995344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll 2016-08-12 01:07 - 2016-02-03 18:12 - 10317568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll 2016-08-12 01:07 - 2016-02-03 18:12 - 09131736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll 2016-08-12 01:07 - 2016-02-03 18:12 - 01547544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll 2016-08-12 01:07 - 2016-02-03 18:12 - 01273928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll 2016-08-12 01:07 - 2016-02-03 18:12 - 00152800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll 2016-08-12 01:06 - 2016-06-02 22:30 - 00521728 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2016-08-12 01:06 - 2016-06-02 22:30 - 00287232 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe 2016-08-12 01:06 - 2016-05-20 22:57 - 01323008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2016-08-12 01:06 - 2016-05-20 22:57 - 00991232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll 2016-08-12 01:06 - 2016-02-03 18:06 - 26706432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys 2016-08-12 01:06 - 2016-02-03 17:10 - 00518656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys 2016-08-11 01:06 - 2016-05-29 19:08 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2016-08-10 15:51 - 2016-05-28 20:15 - 00000000 ____D C:\WINDOWS\rescache 2016-08-10 15:15 - 2016-05-28 22:05 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-08-10 04:14 - 2016-05-28 20:15 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-08-10 04:14 - 2016-05-28 20:15 - 00000000 ____D C:\Program Files\Windows Journal 2016-08-10 03:01 - 2016-05-29 00:10 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-08-10 03:01 - 2016-05-28 20:15 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2016-08-10 02:59 - 2016-05-29 00:09 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-08-08 00:03 - 2016-05-28 20:15 - 00000000 ____D C:\WINDOWS\addins ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-09-06 00:51 - 2016-09-06 00:51 - 0142336 ____H () C:\Program Files (x86)\local64spl.dll 2016-09-06 00:51 - 2016-09-06 00:51 - 0000020 ____H () C:\Program Files (x86)\local64spl.dll.ini 2016-05-29 04:02 - 2016-06-17 13:17 - 0000626 _____ () C:\Users\Rechenknecht\AppData\Roaming\All CPU MeterV3_Settings.ini 2016-05-29 04:14 - 2016-05-29 04:14 - 0000283 _____ () C:\Users\Rechenknecht\AppData\Roaming\GPU MeterV2_Settings.ini 2016-05-29 04:06 - 2016-05-29 04:06 - 0000120 _____ () C:\Users\Rechenknecht\AppData\Roaming\System Monitor II_UptimeRecord.ini 2016-05-29 06:50 - 2016-05-29 06:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-08-29 00:35 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgeführt von Rechenknecht (07-09-2016 00:54:08)
Gestartet von C:\Users\Rechenknecht\Desktop
Windows 10 Pro Version 1511 (X64) (2016-05-28 20:00:49)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2797355107-3117587174-2617422478-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2797355107-3117587174-2617422478-503 - Limited - Disabled)
Gast (S-1-5-21-2797355107-3117587174-2617422478-501 - Limited - Disabled)
Rechenknecht (S-1-5-21-2797355107-3117587174-2617422478-1001 - Administrator - Enabled) => C:\Users\Rechenknecht
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
8GadgetPack (HKLM-x32\...\{D0BD6EC7-ADBC-4127-815A-77E2336873EA}) (Version: 17.0.0 - Helmut Buhler)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
ASUS Xonar DGX Audio (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392008788}) (Version: - ASUSTeK Computer Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Corsair Utility Engine (HKLM-x32\...\{46A3EEB3-8F6F-4BC4-9A53-CDE33D089D08}) (Version: 1.16.42 - Corsair)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.76 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 9.4.49 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.47.1 - Dropbox, Inc.) Hidden
Geeks3D FurMark 1.17.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7167.2040 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
Need for Speed™ (HKLM-x32\...\{F8643E83-A868-4EE8-A0B9-389386830453}) (Version: 1.3.0.0 - Electronic Arts)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{3027b1a8-658f-434a-963c-7ed83f5fa117}) (Version: latest - ppy Pty Ltd)
PL-2303 Vista Driver Installer (HKLM-x32\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.2.0.0 - Prolific)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7634 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
Spotify (HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\Spotify) (Version: 1.0.34.146.g28f9eda2 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
VMware Player (HKLM\...\{537B7F85-2B95-44ED-8D90-765F6F36D666}) (Version: 12.1.1 - VMware, Inc.)
Vulkan Run Time Libraries 1.0.11.0 (HKLM\...\VulkanRT1.0.11.0-2) (Version: 1.0.11.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.11.0 (Version: 1.0.11.0 - LunarG, Inc.) Hidden
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.17-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinISD Pro [alpha] (HKLM-x32\...\WinISD Pro [alpha]) (Version: - )
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2797355107-3117587174-2617422478-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Rechenknecht\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2797355107-3117587174-2617422478-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Rechenknecht\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2797355107-3117587174-2617422478-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Rechenknecht\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {2C6C2DA8-BFEA-4511-8D0C-D86777E62142} - System32\Tasks\PCMeter\Startup => C:\Users\Rechenknecht\AppData\Local\Temp\PCMeter\PCMeterV4\PCMeterV0.4.exe <==== ACHTUNG
Task: {32D3A22E-5520-4B31-AE67-869452CE95D8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-08-11] (Microsoft Corporation)
Task: {53EE33B7-8F67-49E7-96ED-91824711983A} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-06-02] (Advanced Micro Devices, Inc.)
Task: {5C5EC79F-E099-4D36-ACCA-7C313C1608A5} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-12-09] ()
Task: {752E5AEF-F873-4606-A9D4-0562CD2CE780} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {7E5A649D-2810-44F5-BE66-B9A81F594AD2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-04] (Dropbox, Inc.)
Task: {7F1BB600-D24E-419C-AF8A-2FB26707CC8A} - System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe [2013-10-18] ()
Task: {8BC95C62-64D3-419B-9620-B57C04F12BFC} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2013-01-14] (ASUSTeK Computer Inc.)
Task: {9DFDD6D6-1D3C-47D3-836B-66558B04F0AC} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {BC343CEC-5F5E-4F05-8648-5A095A52CAB0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-04] (Dropbox, Inc.)
Task: {C248AA5F-7AE5-4C20-9584-B57DA1647B5C} - System32\Tasks\Gohghwuers Cloud => C:\Program Files (x86)\Vurationrirole\GohghwuersCldcrr.exe
Task: {E1D40412-2C06-490E-BEA1-52824CD21E61} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Rechenknecht\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-09-04] (Microsoft Corporation)
Task: {E7018266-845B-47B4-9C79-2947942C3DE7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-08-11] (Microsoft Corporation)
Task: {F04A0416-D668-4D7B-9799-B8AC1A95DE21} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-06 00:51 - 2016-09-06 00:51 - 00142336 ____H () C:\Program Files (x86)\local64spl.dll
2016-09-06 00:51 - 2016-09-06 00:51 - 00142336 ____H () C:\Program Files (x86)_\local64spl.dll
2016-09-06 00:51 - 2016-09-06 00:51 - 00142336 ____H () C:\Program Files (x86)\Mozilla Firefox\browser\features\local64spl.dll
2016-09-06 00:51 - 2016-09-06 00:51 - 00142336 ____H () C:\Program Files (x86)\Mozilla Firefox\browser\features_\local64spl.dll
2016-09-06 00:51 - 2016-09-06 00:51 - 00142336 ____H () C:\Program Files (x86)\Youtube AdBlock_\local64spl.dll
2016-09-06 00:51 - 2016-09-06 00:51 - 00142336 ____H () C:\Users\MS.Default\Helper.3_\local64spl.dll
2016-09-06 00:51 - 2016-09-06 00:51 - 00142336 ____H () C:\Users\MS.Default\Helper.4_\local64spl.dll
2016-09-06 00:51 - 2016-09-06 00:51 - 00142336 ____H () C:\Users\MS.Default\Helper.5_\local64spl.dll
2016-09-06 00:51 - 2016-09-06 00:51 - 00142336 ____H () C:\Users\Rechenknecht\AppData\LocalLow\Youtube AdBlock_\local64spl.dll
2016-09-06 00:51 - 2016-09-06 00:51 - 00142336 ____H () C:\Users\Rechenknecht\AppData\Local\Temp_\local64spl.dll
2016-09-06 00:51 - 2016-09-06 00:51 - 00142336 ____H () C:\WINDOWS\Temp_\local64spl.dll
2016-05-30 00:08 - 2014-03-13 11:11 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2016-07-13 17:28 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-11-23 18:44 - 2015-11-23 18:44 - 00403456 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
2016-05-29 21:52 - 2016-07-14 22:45 - 01661392 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2016-07-13 17:28 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-09-04 22:07 - 2016-09-04 22:07 - 01864384 _____ () C:\Users\Rechenknecht\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2015-12-09 09:59 - 2015-12-09 09:59 - 00580296 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2016-05-30 00:09 - 2013-10-18 18:04 - 01426232 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
2016-05-28 22:43 - 2016-05-28 22:43 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-24 20:44 - 2016-02-24 20:44 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 17:29 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-13 17:28 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 17:28 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-13 17:28 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 17:28 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-30 00:13 - 2008-07-11 15:04 - 00200704 ____N () C:\Windows\syswow64\HsMgr.exe
2016-05-30 00:13 - 2008-07-11 15:03 - 00282112 ____N () C:\Windows\System\HsMgr64.exe
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-05-29 04:01 - 2013-06-06 20:16 - 00012520 _____ () C:\Users\Rechenknecht\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\CoreTempReader.dll
2016-05-29 04:01 - 2013-06-06 20:16 - 00015080 _____ () C:\Users\Rechenknecht\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\GetCoreTempInfoNET.dll
2016-05-29 04:01 - 2013-06-06 20:16 - 00014056 _____ () C:\Users\Rechenknecht\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\SystemInfo.dll
2015-12-02 11:19 - 2015-12-02 11:19 - 00205000 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
2015-11-23 18:43 - 2015-11-23 18:43 - 00031232 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer64.exe
2015-11-23 18:44 - 2015-11-23 18:44 - 00088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
2016-06-24 12:51 - 2016-06-24 12:51 - 00138752 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2016-08-16 14:09 - 2016-08-16 14:09 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-08-16 14:09 - 2016-08-16 14:09 - 13475840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-03 13:40 - 2016-06-03 13:40 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-05-28 22:43 - 2016-05-28 22:43 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-04-14 17:17 - 2016-04-14 17:17 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2016-05-30 00:08 - 2016-09-06 22:36 - 00035840 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2016-05-30 00:08 - 2010-06-29 10:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2015-11-23 18:43 - 2015-11-23 18:43 - 00356864 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll
2015-12-07 18:43 - 2015-12-07 18:43 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2015-12-07 18:43 - 2015-12-07 18:43 - 00057856 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2015-12-07 18:44 - 2015-12-07 18:44 - 00225792 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2015-12-07 18:44 - 2015-12-07 18:44 - 00657408 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2015-12-07 18:43 - 2015-12-07 18:43 - 00357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2016-05-30 00:09 - 2013-10-18 18:04 - 05777616 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzULIB.dll
2016-05-30 00:09 - 2013-05-08 16:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\ImageHelper.dll
2016-05-28 22:43 - 2016-05-28 22:43 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-05-28 22:43 - 2016-05-28 22:43 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-05-30 00:13 - 2012-06-06 09:56 - 00143360 ____N () C:\Program Files\ASUS Xonar DGX Audio\Customapp\VmixP8.dll
2016-03-23 11:04 - 2016-03-23 11:04 - 00091136 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\LuaQtWrapperLibrary.dll
2016-03-23 11:02 - 2016-03-23 11:02 - 00224256 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
2016-03-23 11:02 - 2016-03-23 11:02 - 00200704 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\lua52.dll
2016-09-04 22:16 - 2016-08-06 05:21 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-09-04 22:15 - 2016-08-06 05:21 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-09-04 22:15 - 2016-08-06 05:22 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-09-04 22:15 - 2016-08-06 05:21 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-09-04 22:16 - 2016-08-06 05:21 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-09-04 22:16 - 2016-08-06 05:21 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-09-04 22:16 - 2016-08-06 05:21 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-09-04 22:16 - 2016-08-06 05:22 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-09-04 22:15 - 2016-08-06 05:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-09-04 22:15 - 2016-08-06 05:24 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-09-04 22:16 - 2016-08-06 05:25 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-09-04 22:16 - 2016-08-06 05:21 - 00144848 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-09-04 22:16 - 2016-08-06 05:22 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-09-04 22:16 - 2016-08-06 05:25 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-09-04 22:15 - 2016-08-06 05:18 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-09-04 22:15 - 2016-08-30 23:38 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-09-04 22:15 - 2016-08-30 23:13 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-09-04 22:15 - 2016-08-30 23:38 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-09-04 22:15 - 2016-08-30 23:38 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-09-04 22:16 - 2016-08-06 05:22 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00037192 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00168760 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-05-30 00:10 - 2013-08-19 17:23 - 00043520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2016-05-30 00:10 - 2013-08-19 17:21 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2015-11-23 18:43 - 2015-11-23 18:43 - 00071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2015-11-23 18:43 - 2015-11-23 18:43 - 00353792 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2015-11-23 18:43 - 2015-11-23 18:43 - 00056832 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2016-05-30 00:09 - 2011-07-12 19:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2016-05-30 00:09 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2016-05-30 00:09 - 2012-10-08 17:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2016-05-30 00:09 - 2013-05-08 16:22 - 01040896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2016-05-30 00:10 - 2012-07-20 09:39 - 01047040 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2016-05-30 00:09 - 2013-04-15 14:19 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2016-05-30 00:09 - 2012-05-28 21:27 - 01622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2016-05-30 00:09 - 2011-09-19 20:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2016-05-30 00:09 - 2011-07-21 09:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2016-05-30 00:09 - 2012-08-29 18:09 - 00875520 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2016-05-30 00:08 - 2010-08-23 10:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2016-05-30 00:09 - 2010-10-05 08:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2016-05-30 00:09 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-05-28 20:16 - 2016-05-28 20:13 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rechenknecht\Desktop\Arno's Zeug\Wallpaper\Konachan.com - 210329 hatsune_miku kuroi_asahi long_hair signed twintails vocaloid.jpg
DNS Servers: 80.69.96.12 - 81.210.129.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: GohghwuersCldcmn.exe => 2
HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\StartupApproved\Run: => "Spotify"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{D30397FE-7D70-449B-AB01-1BF3956AECF7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E1CDFD26-871F-4B86-9C74-971AB6B60F9E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E2ECCDC2-D6E7-4346-9F45-4DCE5EE4C23F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{43FEA9D7-6942-458F-A236-8761D480DDE9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{8EBD17FD-3C67-47F7-B7C8-9D0E4D8B8F80}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C57531CB-A9EC-48D4-BD80-9241D5ABED06}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{20D23F4D-EA2F-44A0-98DF-CBE5B05E835C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EF02F3EB-2C97-4C21-9A6C-2A7993354D5E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A2570588-5162-410F-9556-BA48665329E6}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{13EDA027-4A5D-4751-A591-8B09FD1EC47E}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{D8B30EEE-F6FF-40A1-8033-7A3C525D7F5D}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed\NFS16.exe
FirewallRules: [{7329011D-5F09-4DEB-AA13-54BB421C5CF5}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed\NFS16.exe
FirewallRules: [{E90C3477-3D09-482B-96E8-3F5C86F727D5}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed\NFS16_trial.exe
FirewallRules: [{C34EB995-625F-4AB2-9421-E5E6C9CB16E0}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed\NFS16_trial.exe
FirewallRules: [TCP Query User{AECA3DFE-1390-4F5F-925E-31CB1BCE90CF}C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C8D1DF86-D254-45A1-B8C0-0E0C331E7F2C}C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe
FirewallRules: [{B6CADC2D-A853-44C9-BA42-5FE7BDBD74C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{FC5E1650-DDF2-48A4-81B8-8F30B7E1C685}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{1699DA6F-073E-4765-9C6E-6A6305262780}C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6C8EA0C2-57B6-45A8-B323-89366A9E742A}C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe
FirewallRules: [{69897DD4-DDC0-403B-9457-90E6490A5C72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{AB937881-AFED-45D0-957D-DEEDF3C8978B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{BD7027A6-33FF-4F06-B574-182306E7E291}] => (Allow) C:\Program Files\Rockstar Games\GTA V\GTA5.exe
FirewallRules: [{1128B124-D99F-42FD-8D8C-E0C349057144}] => (Allow) C:\Program Files\Rockstar Games\GTA V\GTA5.exe
FirewallRules: [{235F9128-E220-4676-9D9C-0DDE8C6FC893}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{966DB32F-34DA-444C-BE7F-C202F22B99E1}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{AA28934F-D5B0-48B1-914C-CB47E72487A5}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{7842707A-4275-484D-B78F-CD9D9C235380}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{33498444-F3A7-40BD-AEEA-0278D97BBD0A}] => (Allow) C:\WINDOWS\system32\rundll32.exe
==================== Wiederherstellungspunkte =========================
20-08-2016 12:31:34 Geplanter Prüfpunkt
29-08-2016 22:03:18 Geplanter Prüfpunkt
31-08-2016 22:46:07 Installed PL-2303 Vista Driver Installer
07-09-2016 00:38:25 Windows Update
07-09-2016 00:38:46 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/07/2016 12:38:49 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (09/07/2016 12:38:34 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (09/07/2016 12:26:28 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (09/07/2016 12:18:25 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (09/07/2016 12:17:58 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (09/06/2016 10:41:57 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (09/06/2016 10:41:39 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (09/06/2016 10:40:50 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Rechenknecht\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (09/06/2016 10:40:40 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\users\rechenknecht\downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Error: (09/06/2016 10:40:39 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Rechenknecht\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest.
Systemfehler:
=============
Error: (09/07/2016 12:30:40 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-ED2S725)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-ED2S725\Rechenknecht" (SID: S-1-5-21-2797355107-3117587174-2617422478-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/07/2016 12:30:40 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-ED2S725)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "DESKTOP-ED2S725\Rechenknecht" (SID: S-1-5-21-2797355107-3117587174-2617422478-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/06/2016 10:45:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (09/06/2016 10:45:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\RECHEN~1\AppData\Local\Temp\ehdrv.sys
Error: (09/06/2016 10:45:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (09/06/2016 10:45:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\RECHEN~1\AppData\Local\Temp\ehdrv.sys
Error: (09/06/2016 10:45:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (09/06/2016 10:45:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\RECHEN~1\AppData\Local\Temp\ehdrv.sys
Error: (09/06/2016 10:41:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (09/06/2016 10:41:51 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\RECHEN~1\AppData\Local\Temp\ehdrv.sys
CodeIntegrity:
===================================
Date: 2016-09-06 22:53:42.909
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-09-06 17:16:01.805
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-09-06 15:44:49.633
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-09-05 20:43:26.606
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-09-01 14:42:57.079
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-10 15:15:24.598
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-25 00:16:17.612
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-15 12:10:48.783
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-14 12:45:46.422
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-19 12:20:45.596
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: AMD FX(tm)-6300 Six-Core Processor
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 8088.69 MB
Verfügbarer physikalischer RAM: 4850.88 MB
Summe virtueller Speicher: 9368.69 MB
Verfügbarer virtueller Speicher: 5670.28 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:930.97 GB) (Free:600.44 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C32E3EAD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)
==================== Ende von Addition.txt ============================
|
|
07.09.2016, 15:39
| #7 |
| /// TB-Senior | Trotux.com redirect Virus eingefangen Hallo, also die Grenzen zwischen Adware und echter Malware sind oft fließend, eines kann das andere mit sich bringen. Dieses Ding ist auf jeden Fall hartnäckiger als ich erwartet hatte! Wir machen noch mal einen FRST-Fix und dann sehen wir weiter. Schritt 1: FRST-Fix Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter closeprocesses:
2016-09-06 00:51 - 2016-09-06 00:51 - 00142336 ____H C:\Program Files (x86)\local64spl.dll
2016-09-06 00:51 - 2016-09-06 00:51 - 00000020 ____H C:\Program Files (x86)\local64spl.dll.ini
2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\WINDOWS\Temp_
2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\Users\Rechenknecht\AppData\LocalLow\Youtube AdBlock_
2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\Users\Rechenknecht\AppData\Local\Temp_
2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\Program Files (x86)_
2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\Program Files (x86)\Youtube AdBlock_
2016-09-05 20:52 - 2016-09-06 16:44 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\GameLauncher
2016-09-05 20:51 - 2016-09-06 16:57 - 00000000 ___HD C:\Users\MS.Default
2016-09-05 20:51 - 2016-09-06 16:46 - 00000000 ___HD C:\Program Files (x86)\wdq967
2016-09-05 20:51 - 2016-09-05 20:51 - 00009062 _____ C:\WINDOWS\System32\Tasks\Gohghwuers Cloud
2016-09-05 20:51 - 2016-09-05 20:51 - 00000000 ____D C:\ProgramData\Avg
2016-09-05 20:51 - 2016-09-05 20:51 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-05 20:50 - 2016-09-06 16:46 - 00000000 ____D C:\Program Files (x86)\Vurationrirole
Task: {C248AA5F-7AE5-4C20-9584-B57DA1647B5C} - System32\Tasks\Gohghwuers Cloud => C:\Program Files (x86)\Vurationrirole\GohghwuersCldcrr.exe
C:\Program Files (x86)\Mozilla Firefox\browser\features\local64spl.dll
C:\Program Files (x86)\Mozilla Firefox\browser\features_
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2: frische FRST-Logs
[QOUTE]Wieso soll ich eigendlich Programme wie ESET deinstallieren? Eigendlich scheint das doch nur nützlich zu sein?[/QUOTE] Wir wollen den User nicht mit Ballast zurücklassen, insbesondere da wir unsere Tools ja auf dem Desktop ablegen. Bei einigen besteht auch ein Risiko, wenn man sie selbst anwendet, aber ESET, ADWCleaner und MBAM gehören nicht dazu. Die kannst du, wenn du möchtest, gerne behalten bzw. hinterher wieder neu herunterladen und benutzen.
__________________ Zum Schutz vor Trojanerinnen und Femaleware ist bei einem aktuellen Windows 10 die Windows-Defenderin ausreichend. |
|
07.09.2016, 17:35
| #8 |
| | Trotux.com redirect Virus eingefangen Hallo, hier die neuen Logs Fixlog Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgeführt von Rechenknecht (07-09-2016 18:06:28) Run:2
Gestartet von C:\Users\Rechenknecht\Desktop
Geladene Profile: Rechenknecht (Verfügbare Profile: Rechenknecht)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
closeprocesses:
2016-09-06 00:51 - 2016-09-06 00:51 - 00142336 ____H C:\Program Files (x86)\local64spl.dll
2016-09-06 00:51 - 2016-09-06 00:51 - 00000020 ____H C:\Program Files (x86)\local64spl.dll.ini
2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\WINDOWS\Temp_
2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\Users\Rechenknecht\AppData\LocalLow\Youtube AdBlock_
2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\Users\Rechenknecht\AppData\Local\Temp_
2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\Program Files (x86)_
2016-09-06 00:51 - 2016-09-06 00:51 - 00000000 ___HD C:\Program Files (x86)\Youtube AdBlock_
2016-09-05 20:52 - 2016-09-06 16:44 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\GameLauncher
2016-09-05 20:51 - 2016-09-06 16:57 - 00000000 ___HD C:\Users\MS.Default
2016-09-05 20:51 - 2016-09-06 16:46 - 00000000 ___HD C:\Program Files (x86)\wdq967
2016-09-05 20:51 - 2016-09-05 20:51 - 00009062 _____ C:\WINDOWS\System32\Tasks\Gohghwuers Cloud
2016-09-05 20:51 - 2016-09-05 20:51 - 00000000 ____D C:\ProgramData\Avg
2016-09-05 20:51 - 2016-09-05 20:51 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-05 20:50 - 2016-09-06 16:46 - 00000000 ____D C:\Program Files (x86)\Vurationrirole
Task: {C248AA5F-7AE5-4C20-9584-B57DA1647B5C} - System32\Tasks\Gohghwuers Cloud => C:\Program Files (x86)\Vurationrirole\GohghwuersCldcrr.exe
C:\Program Files (x86)\Mozilla Firefox\browser\features\local64spl.dll
C:\Program Files (x86)\Mozilla Firefox\browser\features_
emptytemp:
*****************
Prozess erfolgreich geschlossen.
C:\Program Files (x86)\local64spl.dll => erfolgreich verschoben
C:\Program Files (x86)\local64spl.dll.ini => erfolgreich verschoben
C:\WINDOWS\Temp_ => erfolgreich verschoben
C:\Users\Rechenknecht\AppData\LocalLow\Youtube AdBlock_ => erfolgreich verschoben
C:\Users\Rechenknecht\AppData\Local\Temp_ => erfolgreich verschoben
C:\Program Files (x86)_ => erfolgreich verschoben
C:\Program Files (x86)\Youtube AdBlock_ => erfolgreich verschoben
C:\Users\Rechenknecht\AppData\Roaming\GameLauncher => erfolgreich verschoben
C:\Users\MS.Default => erfolgreich verschoben
C:\Program Files (x86)\wdq967 => erfolgreich verschoben
C:\WINDOWS\System32\Tasks\Gohghwuers Cloud => erfolgreich verschoben
C:\ProgramData\Avg => erfolgreich verschoben
C:\ProgramData\AVAST Software => erfolgreich verschoben
C:\Program Files (x86)\Vurationrirole => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C248AA5F-7AE5-4C20-9584-B57DA1647B5C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C248AA5F-7AE5-4C20-9584-B57DA1647B5C}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Gohghwuers Cloud => nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Gohghwuers Cloud" => Schlüssel erfolgreich entfernt
C:\Program Files (x86)\Mozilla Firefox\browser\features\local64spl.dll => erfolgreich verschoben
C:\Program Files (x86)\Mozilla Firefox\browser\features_ => erfolgreich verschoben
=========== EmptyTemp: ==========
BITS transfer queue => 583648 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 46283504 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1875433 B
Edge => 0 B
Chrome => 0 B
Firefox => 33240127 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 1058 B
Rechenknecht => 4155485 B
RecycleBin => 118387 B
EmptyTemp: => 82.3 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 18:06:33 ====
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016 durchgeführt von Rechenknecht (Administrator) auf DESKTOP-ED2S725 (07-09-2016 18:10:46) Gestartet von C:\Users\Rechenknecht\Desktop Geladene Profile: Rechenknecht (Verfügbare Profile: Rechenknecht) Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe (DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe () C:\Windows\SysWOW64\HsMgr.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe () C:\Windows\System\HsMgr64.exe (CMedia) C:\Program Files\ASUS Xonar DGX Audio\Customapp\AsusAudioCenter.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Spotify Ltd) C:\Users\Rechenknecht\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Corsair Components, Inc.) C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer64.exe () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe () C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248 2015-12-17] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744 2015-12-17] (Realtek Semiconductor) HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-24] (Advanced Micro Devices, Inc.) HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc) HKLM\...\Run: [Cmaudio8788] => C:\WINDOWS\Syswow64\cmicnfgp.dll [13463552 2014-03-11] (C-Media Corporation) HKLM\...\Run: [Cmaudio8788GX] => C:\WINDOWS\syswow64\HsMgr.exe [200704 2008-07-11] () HKLM\...\Run: [Cmaudio8788GX64] => C:\WINDOWS\system\HsMgr64.exe [282112 2008-07-11] () HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-07-16] (Microsoft Corporation) HKLM-x32\...\Run: [Corsair Utility Engine] => C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [14885552 2016-03-23] (Corsair Components, Inc.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25197248 2016-08-30] (Dropbox, Inc.) HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation) HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\Run: [Spotify Web Helper] => C:\Users\Rechenknecht\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1555056 2016-08-07] (Spotify Ltd) HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\Run: [Spotify] => C:\Users\Rechenknecht\AppData\Roaming\Spotify\Spotify.exe [6937200 2016-08-07] (Spotify Ltd) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.42.dll [2016-08-30] (Dropbox, Inc.) Startup: C:\Users\Rechenknecht\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar213.lnk [2016-09-07] ShortcutTarget: Sidebar213.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\..\Interfaces\{15b81e0a-651f-43bb-9e8a-cdc94c751aa2}: [DhcpNameServer] 80.69.96.12 81.210.129.4 Internet Explorer: ================== BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-09-05] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation) FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] () FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] () FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-09-05] (Microsoft Corporation) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-24] () [Datei ist nicht signiert] R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2014-03-13] () R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2014-03-13] (ASUSTeK Computer Inc.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.) R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.00\AsusFanControlService.exe [1632256 2014-03-13] (ASUSTeK Computer Inc.) [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2981056 2016-08-11] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-04] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-04] (Dropbox, Inc.) R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [249320 2015-12-17] (DTS, Inc) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-09] (Electronic Arts) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-07-17] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [652240 2016-07-14] (Wacom Technology, Corp.) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [23240 2016-05-20] (Advanced Micro Devices, Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] () R0 asstor64; C:\Windows\System32\drivers\asstor64.sys [83792 2015-09-28] (Asmedia Technology) R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-01-15] () U5 ASUSFILTER; C:\Windows\System32\Drivers\ASUSFILTER.sys [48384 2014-08-18] (MCCI Corporation) S3 ASUSstpt; C:\Windows\System32\drivers\ASUSstpt.sys [27392 2014-08-18] (MCCI Corporation) S3 ASUSumsc; C:\Windows\System32\drivers\ASUSumsc.sys [151808 2014-08-18] (MCCI Corporation) U5 ASUSxpsp; C:\Windows\System32\Drivers\ASUSxpsp.sys [28416 2014-08-18] (MCCI Corporation) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [101376 2016-05-20] (Advanced Micro Devices) R3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2015-06-02] (C-Media Inc) R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2015-12-17] (Corsair) R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2015-12-17] (Corsair) S3 dg_ssudbus; C:\Windows\System32\drivers\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.) S3 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-11-14] (Disc Soft Ltd) S3 FlashUSB; C:\Windows\System32\drivers\FlashUSB.sys [19968 2014-10-13] (Intel Mobile Communications) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-07] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-09] () S3 shspusb; C:\Windows\System32\drivers\HSPUSB.sys [24064 2014-10-13] (MobileTop) S3 sscdserd; C:\Windows\System32\drivers\sscdserd.sys [158024 2014-10-13] (MCCI Corporation) S3 ssceserd; C:\Windows\System32\drivers\ssceserd.sys [158024 2014-10-13] (MCCI Corporation) S3 ssdudfu; C:\Windows\System32\drivers\ssdudfu.sys [101960 2014-10-13] (MCCI) S3 ssm_bus; C:\Windows\System32\drivers\ssm_bus.sys [136192 2014-10-13] (MCCI Corporation) S3 ssm_mdm; C:\Windows\System32\drivers\ssm_mdm.sys [172032 2014-10-13] (MCCI Corporation) S3 ssuddmgr; C:\Windows\System32\drivers\ssuddmgr.sys [206080 2014-10-13] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.) S3 ssudobex; C:\Windows\System32\drivers\ssudobex.sys [206080 2014-10-13] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ssudqcfilter; C:\Windows\System32\drivers\ssudqcfilter.sys [57648 2015-12-08] (QUALCOMM Incorporated) S3 ssudrmnet; C:\Windows\System32\drivers\ssudrmnet.sys [70400 2014-10-13] (DEVGURU Co., LTD.) S3 ssudserd; C:\Windows\System32\drivers\ssudserd.sys [206080 2014-10-13] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 ss_bserd; C:\Windows\System32\drivers\ss_bserd.sys [128000 2014-10-13] (MCCI Corporation) S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-10-13] (DEVGURU Co., LTD.) S3 t_mouse.sys; C:\Windows\System32\drivers\t_mouse.sys [6144 2012-12-19] () R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-11-05] (VMware, Inc.) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) U5 ASUSFILTER; C:\Windows\SysWOW64\Drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-09-07 18:10 - 2016-09-07 18:11 - 00019199 _____ C:\Users\Rechenknecht\Desktop\FRST.txt 2016-09-07 18:06 - 2016-09-07 18:06 - 00004209 _____ C:\Users\Rechenknecht\Desktop\Fixlog.txt 2016-09-07 15:21 - 2016-09-07 14:42 - 00000000 ___DC C:\WINDOWS\Panther 2016-09-07 15:19 - 2016-09-07 15:19 - 00000000 ____D C:\Windows.old 2016-09-07 15:19 - 2016-09-07 15:19 - 00000000 ____D C:\Program Files\CMAK 2016-09-07 15:19 - 2016-09-07 15:19 - 00000000 ____D C:\Program Files (x86)\CMAK 2016-09-07 15:18 - 2016-09-07 15:18 - 23682560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 22571008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 17187328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 13433856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 13080576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL 2016-09-07 15:18 - 2016-09-07 15:18 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL 2016-09-07 15:18 - 2016-09-07 15:18 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 07814488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 05722312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 04612096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-09-07 15:18 - 2016-09-07 15:18 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 03116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2016-09-07 15:18 - 2016-09-07 15:18 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2016-09-07 15:18 - 2016-09-07 15:18 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2016-09-07 15:18 - 2016-09-07 15:18 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 02680832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2016-09-07 15:18 - 2016-09-07 15:18 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 02257248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2016-09-07 15:18 - 2016-09-07 15:18 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-09-07 15:18 - 2016-09-07 15:18 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-09-07 15:18 - 2016-09-07 15:18 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-09-07 15:18 - 2016-09-07 15:18 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01906176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-09-07 15:18 - 2016-09-07 15:18 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01430200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-09-07 15:18 - 2016-09-07 15:18 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01279328 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01066096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-09-07 15:18 - 2016-09-07 15:18 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00987992 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00942424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2016-09-07 15:18 - 2016-09-07 15:18 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00852824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00846552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys 2016-09-07 15:18 - 2016-09-07 15:18 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00658776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-09-07 15:18 - 2016-09-07 15:18 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-09-07 15:18 - 2016-09-07 15:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-09-07 15:18 - 2016-09-07 15:18 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2016-09-07 15:18 - 2016-09-07 15:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-09-07 15:18 - 2016-09-07 15:18 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00381760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL 2016-09-07 15:18 - 2016-09-07 15:18 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL 2016-09-07 15:18 - 2016-09-07 15:18 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2016-09-07 15:18 - 2016-09-07 15:18 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-09-07 15:18 - 2016-09-07 15:18 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS 2016-09-07 15:18 - 2016-09-07 15:18 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2016-09-07 15:18 - 2016-09-07 15:18 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys 2016-09-07 15:18 - 2016-09-07 15:18 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys 2016-09-07 15:18 - 2016-09-07 15:18 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2016-09-07 15:18 - 2016-09-07 15:18 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2016-09-07 15:18 - 2016-09-07 15:18 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys 2016-09-07 15:18 - 2016-09-07 15:18 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys 2016-09-07 15:18 - 2016-09-07 15:18 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys 2016-09-07 15:18 - 2016-09-07 15:18 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys 2016-09-07 15:18 - 2016-09-07 15:18 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL 2016-09-07 15:18 - 2016-09-07 15:18 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL 2016-09-07 15:18 - 2016-09-07 15:18 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL 2016-09-07 15:18 - 2016-09-07 15:18 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL 2016-09-07 15:18 - 2016-09-07 15:18 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe 2016-09-07 15:18 - 2016-09-07 15:18 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx 2016-09-07 15:18 - 2016-09-07 15:18 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll 2016-09-07 15:18 - 2016-09-07 15:18 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx 2016-09-07 15:18 - 2016-09-07 15:18 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll 2016-09-07 15:16 - 2016-09-07 15:16 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2016-09-07 15:14 - 2016-09-07 15:14 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2016-09-07 15:14 - 2016-09-07 15:14 - 00000000 ____D C:\Program Files\Reference Assemblies 2016-09-07 15:14 - 2016-09-07 15:14 - 00000000 ____D C:\Program Files\MSBuild 2016-09-07 15:14 - 2016-09-07 15:14 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2016-09-07 15:14 - 2016-09-07 15:14 - 00000000 ____D C:\Program Files (x86)\MSBuild 2016-09-07 15:13 - 2016-09-07 15:13 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys 2016-09-07 15:13 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2016-09-07 15:13 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2016-09-07 15:13 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2016-09-07 15:13 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2016-09-07 15:13 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2016-09-07 15:13 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2016-09-07 14:44 - 2016-09-07 14:44 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2016-09-07 14:42 - 2016-09-07 14:42 - 00000020 ___SH C:\Users\Rechenknecht\ntuser.ini 2016-09-07 14:42 - 2016-09-07 14:42 - 00000000 ____D C:\Users\Rechenknecht\AppData\Local\ConnectedDevicesPlatform 2016-09-07 14:42 - 2016-09-07 14:42 - 00000000 ____D C:\ProgramData\USOShared 2016-09-07 14:41 - 2016-09-07 14:41 - 00000000 _SHDL C:\Users\Default\Vorlagen 2016-09-07 14:41 - 2016-09-07 14:41 - 00000000 _SHDL C:\Users\Default\Startmenü 2016-09-07 14:41 - 2016-09-07 14:41 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2016-09-07 14:41 - 2016-09-07 14:41 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2016-09-07 14:41 - 2016-09-07 14:41 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2016-09-07 14:41 - 2016-09-07 14:41 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2016-09-07 14:41 - 2016-09-07 14:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos 2016-09-07 14:41 - 2016-09-07 14:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2016-09-07 14:41 - 2016-09-07 14:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2016-09-07 14:41 - 2016-09-07 14:41 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-09-07 14:41 - 2016-09-07 14:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2016-09-07 14:41 - 2016-09-07 14:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2016-09-07 14:41 - 2016-09-07 14:41 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2016-09-07 14:41 - 2016-09-07 14:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos 2016-09-07 14:41 - 2016-09-07 14:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2016-09-07 14:41 - 2016-09-07 14:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2016-09-07 14:41 - 2016-09-07 14:41 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-09-07 14:41 - 2016-09-07 14:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2016-09-07 14:41 - 2016-09-07 14:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2016-09-07 14:40 - 2016-09-07 14:41 - 00007623 _____ C:\WINDOWS\diagwrn.xml 2016-09-07 14:40 - 2016-09-07 14:41 - 00007623 _____ C:\WINDOWS\diagerr.xml 2016-09-07 14:37 - 2016-09-07 18:07 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-09-07 14:37 - 2016-09-07 14:37 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat 2016-09-07 14:37 - 2016-09-07 14:37 - 00002838 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task 2016-09-07 14:37 - 2016-09-07 14:37 - 00002434 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner 2016-09-07 14:37 - 2016-09-07 14:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\PCMeter 2016-09-07 14:36 - 2016-09-07 14:37 - 00003772 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA 2016-09-07 14:36 - 2016-09-07 14:37 - 00003764 _____ C:\WINDOWS\System32\Tasks\AMD Updater 2016-09-07 14:36 - 2016-09-07 14:37 - 00003548 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore 2016-09-07 14:36 - 2016-09-07 14:37 - 00003098 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-09-07 14:36 - 2016-09-07 14:36 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS 2016-09-07 14:32 - 2016-09-07 14:32 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-09-07 14:29 - 2016-09-07 14:32 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate 2016-09-07 14:28 - 2016-09-07 18:08 - 00000000 ____D C:\Users\Rechenknecht 2016-09-07 14:28 - 2016-09-07 14:28 - 00000000 _SHDL C:\Users\Rechenknecht\Vorlagen 2016-09-07 14:28 - 2016-09-07 14:28 - 00000000 _SHDL C:\Users\Rechenknecht\Startmenü 2016-09-07 14:28 - 2016-09-07 14:28 - 00000000 _SHDL C:\Users\Rechenknecht\Netzwerkumgebung 2016-09-07 14:28 - 2016-09-07 14:28 - 00000000 _SHDL C:\Users\Rechenknecht\Lokale Einstellungen 2016-09-07 14:28 - 2016-09-07 14:28 - 00000000 _SHDL C:\Users\Rechenknecht\Eigene Dateien 2016-09-07 14:28 - 2016-09-07 14:28 - 00000000 _SHDL C:\Users\Rechenknecht\Druckumgebung 2016-09-07 14:28 - 2016-09-07 14:28 - 00000000 _SHDL C:\Users\Rechenknecht\Documents\Eigene Videos 2016-09-07 14:28 - 2016-09-07 14:28 - 00000000 _SHDL C:\Users\Rechenknecht\Documents\Eigene Musik 2016-09-07 14:28 - 2016-09-07 14:28 - 00000000 _SHDL C:\Users\Rechenknecht\Documents\Eigene Bilder 2016-09-07 14:28 - 2016-09-07 14:28 - 00000000 _SHDL C:\Users\Rechenknecht\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-09-07 14:28 - 2016-09-07 14:28 - 00000000 _SHDL C:\Users\Rechenknecht\AppData\Local\Verlauf 2016-09-07 14:28 - 2016-09-07 14:28 - 00000000 _SHDL C:\Users\Rechenknecht\AppData\Local\Anwendungsdaten 2016-09-07 14:28 - 2016-09-07 14:28 - 00000000 _SHDL C:\Users\Rechenknecht\Anwendungsdaten 2016-09-07 14:26 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2016-09-07 14:25 - 2016-09-07 18:06 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin 2016-09-07 14:25 - 2016-09-07 14:25 - 00000000 ____H C:\ProgramData\DP45977C.lfl 2016-09-07 14:25 - 2016-09-07 14:25 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2016-09-07 14:25 - 2016-09-07 14:25 - 00000000 ____D C:\WINDOWS\system32\DAX2 2016-09-07 14:25 - 2016-09-07 14:25 - 00000000 ____D C:\ProgramData\Package Cache 2016-09-07 14:25 - 2016-09-07 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings 2016-09-07 14:25 - 2016-09-07 14:25 - 00000000 ____D C:\Program Files\Realtek 2016-09-07 14:25 - 2016-09-07 14:25 - 00000000 ____D C:\Program Files\ATI Technologies 2016-09-07 14:25 - 2016-09-07 14:25 - 00000000 ____D C:\Program Files (x86)\AMD 2016-09-07 14:24 - 2016-09-07 14:32 - 00000000 ____D C:\Program Files\AMD 2016-09-07 14:24 - 2016-09-07 14:24 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies 2016-09-07 14:23 - 2016-09-07 18:07 - 00334040 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-09-07 14:23 - 2016-09-07 17:59 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-09-07 14:23 - 2016-09-07 14:23 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2016-09-06 22:40 - 2016-09-06 22:40 - 02870984 _____ (ESET) C:\Users\Rechenknecht\Downloads\esetsmartinstaller_deu.exe 2016-09-06 16:54 - 2016-09-06 16:57 - 00000000 ____D C:\AdwCleaner 2016-09-06 16:51 - 2016-09-06 16:51 - 03826240 _____ C:\Users\Rechenknecht\Desktop\AdwCleaner_6.010.exe 2016-09-06 15:49 - 2016-09-07 18:08 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-09-06 15:49 - 2016-09-07 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-09-06 15:49 - 2016-09-06 15:49 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-09-06 15:49 - 2016-09-06 15:49 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-09-06 15:49 - 2016-09-06 15:49 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-09-06 15:49 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-09-06 15:49 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-09-06 15:49 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-09-06 15:43 - 2016-09-06 15:44 - 22851472 _____ (Malwarebytes ) C:\Users\Rechenknecht\Downloads\mbam-setup-2.2.1.1043.exe 2016-09-05 23:38 - 2016-09-05 23:38 - 02397696 _____ (Farbar) C:\Users\Rechenknecht\Desktop\FRST64.exe 2016-09-05 23:13 - 2016-09-05 23:13 - 00055456 _____ C:\Users\Rechenknecht\Downloads\Addition.txt 2016-09-05 23:12 - 2016-09-05 23:13 - 00062474 _____ C:\Users\Rechenknecht\Downloads\FRST.txt 2016-09-05 22:41 - 2016-09-07 18:10 - 00000000 ____D C:\FRST 2016-09-05 22:40 - 2016-09-05 22:40 - 02397696 _____ (Farbar) C:\Users\Rechenknecht\Downloads\FRST64.exe 2016-09-05 20:53 - 2016-09-06 16:57 - 00000008 __RSH C:\ProgramData\ntuser.pol 2016-09-05 20:43 - 2016-09-07 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools 2016-09-05 20:43 - 2016-09-05 20:43 - 00002583 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2016-09-05 20:43 - 2016-09-05 20:43 - 00002579 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2016-09-05 20:43 - 2016-09-05 20:43 - 00002558 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk 2016-09-05 20:43 - 2016-09-05 20:43 - 00002533 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2016-09-05 20:43 - 2016-09-05 20:43 - 00002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2016-09-05 20:43 - 2016-09-05 20:43 - 00002497 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2016-09-05 20:43 - 2016-09-05 20:43 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2016-09-05 20:40 - 2016-09-07 14:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-09-05 20:40 - 2016-09-05 20:40 - 03786432 _____ (Microsoft Corporation) C:\Users\Rechenknecht\Downloads\Setup.X86.de-DE_O365HomePremRetail_0981a43f-391f-4b51-a065-13c3a942e757_TX_DB_.exe 2016-09-05 20:40 - 2016-09-05 20:40 - 00000000 ____D C:\Program Files\Microsoft Office 15 2016-09-04 22:16 - 2016-09-07 18:09 - 00000000 ___RD C:\Users\Rechenknecht\Dropbox 2016-09-04 22:16 - 2016-09-07 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-09-04 22:15 - 2016-09-07 01:20 - 00001258 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2016-09-04 22:15 - 2016-09-06 22:36 - 00001254 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2016-09-04 22:15 - 2016-09-04 22:16 - 00000000 ____D C:\Users\Rechenknecht\AppData\Local\Dropbox 2016-09-04 22:15 - 2016-09-04 22:16 - 00000000 ____D C:\Program Files (x86)\Dropbox 2016-09-04 22:15 - 2016-09-04 22:15 - 00690072 _____ (Dropbox, Inc.) C:\Users\Rechenknecht\Downloads\DropboxInstaller.exe 2016-09-04 22:15 - 2016-09-04 22:15 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\Dropbox 2016-09-04 22:15 - 2016-09-04 22:15 - 00000000 ____D C:\ProgramData\Dropbox 2016-09-04 22:07 - 2016-09-04 22:07 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\Skype 2016-09-01 13:46 - 2009-06-02 18:00 - 00039632 ____R (www.winchiphead.com) C:\WINDOWS\SysWOW64\Drivers\CH341SER.SYS 2016-09-01 13:46 - 2008-12-17 18:00 - 00020089 ____R C:\WINDOWS\SysWOW64\CH341SER.VXD 2016-09-01 13:46 - 2007-06-11 18:00 - 00019680 ____R (www.winchiphead.com) C:\WINDOWS\SysWOW64\Drivers\CH341S98.SYS 2016-09-01 13:46 - 2005-07-29 18:00 - 00006712 ____R (www.winchiphead.com) C:\WINDOWS\SysWOW64\CH341PT.DLL 2016-08-31 22:58 - 2016-08-31 23:00 - 00000000 ____D C:\Users\Rechenknecht\Desktop\DCX-2496 2016-08-31 22:46 - 2016-08-31 22:46 - 00000000 ____D C:\Program Files (x86)\Prolific 2016-08-26 15:52 - 2004-08-31 08:47 - 05292044 _____ C:\Users\Rechenknecht\Desktop\rauschen_pinknoise_30sec.wav 2016-08-26 14:13 - 2016-08-26 14:13 - 00075759 _____ C:\Users\Rechenknecht\Downloads\DERTG1FS00001_DERTG1PR10001_3107_001.pdf 2016-08-25 15:28 - 2016-09-01 12:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-08-17 13:54 - 2016-08-17 13:54 - 00000000 ____D C:\ProgramData\AMD 2016-08-16 15:10 - 2016-09-07 14:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett 2016-08-16 03:13 - 2016-08-16 03:13 - 04713984 _____ (Geza Kovacs) C:\Users\Rechenknecht\Downloads\unetbootin-windows-625.exe 2016-08-16 02:42 - 2016-08-16 03:04 - 4285749248 _____ C:\Users\Rechenknecht\Desktop\Win10_1607_German_x64.iso 2016-08-13 16:12 - 2016-08-13 16:12 - 00000146 _____ C:\Users\Rechenknecht\Desktop\Sound.lnk 2016-08-12 01:07 - 2016-08-12 01:07 - 10995344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 10317568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 09340136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 09131736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 08892696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 08738920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 07258160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 07115928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 01547544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 01273928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00479368 _____ C:\WINDOWS\system32\amdmiracast.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00183952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00164280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00159088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00154920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00152800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00138688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00138176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00137224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00123120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00123104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00105344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2016-08-12 01:07 - 2016-08-12 01:07 - 00105344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 48819200 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 38266368 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 32555512 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 27489280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 26706432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys 2016-08-12 01:06 - 2016-08-12 01:06 - 26639360 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 21641216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 15729152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 14320128 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 08830456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 08627704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 07076352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 06956032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 02376704 _____ C:\WINDOWS\system32\amdoclvp9lib64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 02286584 _____ C:\WINDOWS\SysWOW64\amdoclvp9lib32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 02147328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 01837568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 01323008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00991232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00991232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00883192 _____ (AMD) C:\WINDOWS\system32\coinst_16.30.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00751616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00627192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00521728 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2016-08-12 01:06 - 2016-08-12 01:06 - 00518656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys 2016-08-12 01:06 - 2016-08-12 01:06 - 00459776 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00402944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe 2016-08-12 01:06 - 2016-08-12 01:06 - 00350208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe 2016-08-12 01:06 - 2016-08-12 01:06 - 00292352 _____ C:\WINDOWS\system32\dgtrayicon.exe 2016-08-12 01:06 - 2016-08-12 01:06 - 00287744 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00287232 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe 2016-08-12 01:06 - 2016-08-12 01:06 - 00275968 _____ C:\WINDOWS\system32\GameManager64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00270336 _____ C:\WINDOWS\system32\clinfo.exe 2016-08-12 01:06 - 2016-08-12 01:06 - 00268792 _____ C:\WINDOWS\system32\hsa-thunk64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00249336 _____ C:\WINDOWS\system32\amdgfxinfo64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00241152 _____ C:\WINDOWS\SysWOW64\GameManager32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00234496 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00231424 _____ C:\WINDOWS\system32\atieah64.exe 2016-08-12 01:06 - 2016-08-12 01:06 - 00222208 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00209408 _____ C:\WINDOWS\SysWOW64\atieah32.exe 2016-08-12 01:06 - 2016-08-12 01:06 - 00202744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00201728 _____ C:\WINDOWS\system32\amdhdl64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00181760 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00176640 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00159736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00137208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00135168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00130560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00123896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00118784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00113664 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00111616 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00109568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00108544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00108544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00104448 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00083960 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00079864 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00073216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00069632 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00068608 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe 2016-08-12 01:06 - 2016-08-12 01:06 - 00068096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00067584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00066560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00060920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00055800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll 2016-08-12 01:06 - 2016-08-12 01:06 - 00021496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll 2016-08-11 13:52 - 2016-08-11 13:52 - 00635112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll 2016-08-11 13:51 - 2016-08-11 13:51 - 00439536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll 2016-08-11 13:51 - 2016-08-11 13:51 - 00390400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll 2016-08-11 13:51 - 2016-08-11 13:51 - 00267008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll 2016-08-11 13:50 - 2016-08-11 13:50 - 00333072 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll 2016-08-11 13:50 - 2016-08-11 13:50 - 00243480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll 2016-08-11 13:50 - 2016-08-11 13:50 - 00088816 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll 2016-08-11 13:50 - 2016-08-11 13:50 - 00085232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll 2016-08-11 01:42 - 2016-08-11 01:42 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\D-BOX 2016-08-11 01:05 - 2016-08-21 23:06 - 606990304 _____ C:\WINDOWS\MEMORY.DMP ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-09-07 18:09 - 2016-05-29 04:01 - 00000000 ____D C:\Users\Rechenknecht\AppData\Local\Sidebar7 2016-09-07 18:07 - 2016-07-04 22:17 - 00000000 ____D C:\ProgramData\VMware 2016-09-07 18:06 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI 2016-09-07 15:56 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps 2016-09-07 15:21 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2016-09-07 15:19 - 2016-07-17 00:56 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2016-09-07 15:19 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc 2016-09-07 15:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-09-07 15:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV 2016-09-07 15:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT 2016-09-07 15:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE 2016-09-07 15:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX 2016-09-07 15:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB 2016-09-07 15:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-09-07 15:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2016-09-07 15:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning 2016-09-07 15:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2016-09-07 15:19 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-09-07 15:17 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-09-07 15:16 - 2016-05-28 22:05 - 00000000 ____D C:\Users\Rechenknecht\AppData\Local\Packages 2016-09-07 15:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2016-09-07 15:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI 2016-09-07 14:59 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF 2016-09-07 14:45 - 2016-05-28 22:07 - 00002408 _____ C:\Users\Rechenknecht\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-09-07 14:45 - 2016-05-28 22:07 - 00000000 ___RD C:\Users\Rechenknecht\OneDrive 2016-09-07 14:43 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache 2016-09-07 14:42 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate 2016-09-07 14:42 - 2016-05-28 22:05 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-09-07 14:41 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-09-07 14:41 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT 2016-09-07 14:41 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM 2016-09-07 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2016-09-07 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration 2016-09-07 14:40 - 2016-05-28 20:15 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2016-09-07 14:39 - 2016-07-17 00:51 - 00468692 _____ C:\WINDOWS\system32\perfh007.dat 2016-09-07 14:39 - 2016-07-17 00:51 - 00081520 _____ C:\WINDOWS\system32\perfc007.dat 2016-09-07 14:39 - 2016-05-28 22:04 - 01422122 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-09-07 14:36 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries 2016-09-07 14:32 - 2016-07-16 13:47 - 00000000 __SHD C:\Program Files\Windows Sidebar 2016-09-07 14:32 - 2016-07-16 13:47 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2016-09-07 14:32 - 2016-07-05 00:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2016-09-07 14:32 - 2016-07-03 15:54 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-09-07 14:32 - 2016-07-03 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2016-09-07 14:32 - 2016-06-21 20:01 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinISD Pro [alpha] 2016-09-07 14:32 - 2016-05-30 00:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Xonar DGX Audio 2016-09-07 14:32 - 2016-05-29 06:50 - 00000000 ____D C:\Program Files\Common Files\logishrd 2016-09-07 14:32 - 2016-05-29 04:26 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner 2016-09-07 14:32 - 2016-05-29 04:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8GadgetPack 2016-09-07 14:32 - 2016-05-29 03:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings 2016-09-07 14:32 - 2016-05-29 02:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Corsair Utility Engine 2016-09-07 14:32 - 2016-05-29 00:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2016-09-07 14:32 - 2016-05-28 20:03 - 00000000 ____D C:\Users\Default.migrated 2016-09-07 14:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2016-09-07 14:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool 2016-09-07 14:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-09-07 14:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\System 2016-09-07 14:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-09-07 14:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\addins 2016-09-07 14:30 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-09-07 14:30 - 2016-06-18 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D 2016-09-07 14:30 - 2016-06-17 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2016-09-07 14:30 - 2016-05-30 00:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS 2016-09-07 14:28 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-09-07 14:26 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog 2016-09-07 14:26 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView 2016-09-07 14:26 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-09-07 14:25 - 2016-05-29 02:18 - 00000000 ____D C:\AMD 2016-09-07 01:32 - 2016-07-17 01:55 - 00000000 ___HD C:\$WINDOWS.~BT 2016-09-07 01:10 - 2016-06-01 23:04 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-09-01 12:58 - 2016-05-28 22:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-08-31 22:46 - 2016-05-30 00:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-08-29 00:30 - 2016-05-29 19:08 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\TS3Client 2016-08-24 15:38 - 2016-05-29 00:32 - 00000000 ____D C:\Program Files (x86)\Steam 2016-08-21 23:08 - 2016-05-29 04:26 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner 2016-08-18 04:28 - 2016-06-26 22:56 - 00000000 ____D C:\Users\Rechenknecht\AppData\Local\Spotify 2016-08-18 02:09 - 2016-06-26 22:55 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\Spotify 2016-08-17 00:43 - 2016-07-02 17:24 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2016-08-17 00:43 - 2016-07-02 17:11 - 00000000 ____D C:\Program Files\Rockstar Games 2016-08-16 15:20 - 2016-05-29 00:29 - 00000000 ____D C:\Program Files (x86)\osu! 2016-08-16 15:10 - 2016-05-29 21:52 - 00000000 ____D C:\Program Files\Tablet 2016-08-16 15:08 - 2016-05-29 23:40 - 00000000 ____D C:\Users\Rechenknecht\AppData\Roaming\WTablet 2016-08-14 22:58 - 2016-05-29 20:41 - 00000000 ____D C:\ProgramData\Origin 2016-08-11 01:06 - 2016-05-29 19:08 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2016-08-10 03:01 - 2016-05-29 00:10 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-08-10 02:59 - 2016-05-29 00:09 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-05-29 04:02 - 2016-06-17 13:17 - 0000626 _____ () C:\Users\Rechenknecht\AppData\Roaming\All CPU MeterV3_Settings.ini 2016-05-29 04:14 - 2016-05-29 04:14 - 0000283 _____ () C:\Users\Rechenknecht\AppData\Roaming\GPU MeterV2_Settings.ini 2016-05-29 04:06 - 2016-05-29 04:06 - 0000120 _____ () C:\Users\Rechenknecht\AppData\Roaming\System Monitor II_UptimeRecord.ini 2016-09-07 14:25 - 2016-09-07 14:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-09-07 14:22 ==================== Ende von FRST.txt ============================ |
|
07.09.2016, 17:37
| #9 |
| | Trotux.com redirect Virus eingefangen Addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgeführt von Rechenknecht (07-09-2016 18:12:09)
Gestartet von C:\Users\Rechenknecht\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-07 12:42:04)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2797355107-3117587174-2617422478-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2797355107-3117587174-2617422478-503 - Limited - Disabled)
Gast (S-1-5-21-2797355107-3117587174-2617422478-501 - Limited - Disabled)
Rechenknecht (S-1-5-21-2797355107-3117587174-2617422478-1001 - Administrator - Enabled) => C:\Users\Rechenknecht
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
8GadgetPack (HKLM-x32\...\{D0BD6EC7-ADBC-4127-815A-77E2336873EA}) (Version: 17.0.0 - Helmut Buhler)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.04.01 - ASUSTeK Computer Inc.)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
ASUS Xonar DGX Audio (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392008788}) (Version: - ASUSTeK Computer Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Corsair Utility Engine (HKLM-x32\...\{46A3EEB3-8F6F-4BC4-9A53-CDE33D089D08}) (Version: 1.16.42 - Corsair)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.76 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 9.4.49 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.47.1 - Dropbox, Inc.) Hidden
Geeks3D FurMark 1.17.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7167.2040 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
Need for Speed™ (HKLM-x32\...\{F8643E83-A868-4EE8-A0B9-389386830453}) (Version: 1.3.0.0 - Electronic Arts)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7167.2040 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{3027b1a8-658f-434a-963c-7ed83f5fa117}) (Version: latest - ppy Pty Ltd)
PL-2303 Vista Driver Installer (HKLM-x32\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.2.0.0 - Prolific)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7634 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
Spotify (HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\Spotify) (Version: 1.0.34.146.g28f9eda2 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
VMware Player (HKLM\...\{537B7F85-2B95-44ED-8D90-765F6F36D666}) (Version: 12.1.1 - VMware, Inc.)
Vulkan Run Time Libraries 1.0.11.0 (HKLM\...\VulkanRT1.0.11.0-2) (Version: 1.0.11.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.11.0 (Version: 1.0.11.0 - LunarG, Inc.) Hidden
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.17-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinISD Pro [alpha] (HKLM-x32\...\WinISD Pro [alpha]) (Version: - )
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2797355107-3117587174-2617422478-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Rechenknecht\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2797355107-3117587174-2617422478-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Rechenknecht\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2797355107-3117587174-2617422478-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Rechenknecht\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0B2CE86E-85EB-46A4-884B-2C19CDB27057} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-08-11] (Microsoft Corporation)
Task: {2C6C2DA8-BFEA-4511-8D0C-D86777E62142} - System32\Tasks\PCMeter\Startup => C:\Users\Rechenknecht\AppData\Local\Temp\PCMeter\PCMeterV4\PCMeterV0.4.exe <==== ACHTUNG
Task: {53EE33B7-8F67-49E7-96ED-91824711983A} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-06-02] (Advanced Micro Devices, Inc.)
Task: {752E5AEF-F873-4606-A9D4-0562CD2CE780} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {7C8FC2DD-8641-4416-8861-35EA8F755080} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-12-09] ()
Task: {7E5A649D-2810-44F5-BE66-B9A81F594AD2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-04] (Dropbox, Inc.)
Task: {7F1BB600-D24E-419C-AF8A-2FB26707CC8A} - System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe [2013-10-18] ()
Task: {8BC95C62-64D3-419B-9620-B57C04F12BFC} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2013-01-14] (ASUSTeK Computer Inc.)
Task: {9DFDD6D6-1D3C-47D3-836B-66558B04F0AC} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {BC343CEC-5F5E-4F05-8648-5A095A52CAB0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-04] (Dropbox, Inc.)
Task: {E1D40412-2C06-490E-BEA1-52824CD21E61} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Rechenknecht\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-09-04] (Microsoft Corporation)
Task: {EA43BB87-B57B-4DA7-83C9-6B28B8F10494} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-08-11] (Microsoft Corporation)
Task: {F04A0416-D668-4D7B-9799-B8AC1A95DE21} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-30 00:08 - 2014-03-13 11:11 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2015-11-23 18:44 - 2015-11-23 18:44 - 00403456 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
2016-05-30 00:09 - 2013-10-18 18:04 - 01426232 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
2015-12-09 09:59 - 2015-12-09 09:59 - 00580296 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2016-05-29 21:52 - 2016-07-14 22:45 - 01661392 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-07 14:44 - 2016-09-07 14:44 - 01864384 _____ () C:\Users\Rechenknecht\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-07-16 13:43 - 2016-07-16 13:43 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-07-16 13:43 - 2016-07-17 00:56 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-07 15:18 - 2016-09-07 15:18 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-16 13:43 - 2016-07-17 00:56 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-07-16 13:43 - 2016-07-17 00:56 - 01033728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-09-07 15:18 - 2016-09-07 15:18 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-07 15:18 - 2016-09-07 15:18 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-07-16 13:43 - 2016-07-17 00:56 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2016-05-30 00:13 - 2008-07-11 15:04 - 00200704 _____ () C:\Windows\SysWOW64\HsMgr.exe
2016-05-30 00:13 - 2008-07-11 15:03 - 00282112 _____ () C:\Windows\System\HsMgr64.exe
2016-05-29 04:01 - 2013-06-06 20:16 - 00012520 _____ () C:\Users\Rechenknecht\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\CoreTempReader.dll
2016-05-29 04:01 - 2013-06-06 20:16 - 00015080 _____ () C:\Users\Rechenknecht\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\GetCoreTempInfoNET.dll
2016-05-29 04:01 - 2013-06-06 20:16 - 00014056 _____ () C:\Users\Rechenknecht\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\SystemInfo.dll
2015-12-02 11:19 - 2015-12-02 11:19 - 00205000 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
2015-11-23 18:43 - 2015-11-23 18:43 - 00031232 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer64.exe
2015-11-23 18:44 - 2015-11-23 18:44 - 00088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
2016-06-24 12:51 - 2016-06-24 12:51 - 00138752 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2016-04-14 17:17 - 2016-04-14 17:17 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2016-05-30 00:08 - 2016-09-07 18:07 - 00035840 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2016-05-30 00:08 - 2010-06-29 10:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2016-05-30 00:09 - 2013-10-18 18:04 - 05777616 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzULIB.dll
2016-05-30 00:09 - 2013-05-08 16:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\ImageHelper.dll
2015-11-23 18:43 - 2015-11-23 18:43 - 00356864 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll
2015-12-07 18:43 - 2015-12-07 18:43 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2015-12-07 18:43 - 2015-12-07 18:43 - 00057856 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2015-12-07 18:43 - 2015-12-07 18:43 - 00357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2015-12-07 18:44 - 2015-12-07 18:44 - 00225792 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2015-12-07 18:44 - 2015-12-07 18:44 - 00657408 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2016-05-30 00:10 - 2013-08-19 17:23 - 00043520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2016-05-30 00:10 - 2013-08-19 17:21 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2016-05-30 00:13 - 2012-06-06 09:56 - 00143360 ____N () C:\Program Files\ASUS Xonar DGX Audio\Customapp\VmixP8.dll
2016-03-23 11:04 - 2016-03-23 11:04 - 00091136 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\LuaQtWrapperLibrary.dll
2016-03-23 11:02 - 2016-03-23 11:02 - 00224256 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
2016-03-23 11:02 - 2016-03-23 11:02 - 00200704 _____ () C:\Program Files (x86)\Corsair\Corsair Utility Engine\lua52.dll
2016-09-04 22:16 - 2016-08-06 05:21 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-09-04 22:15 - 2016-08-06 05:21 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-09-04 22:15 - 2016-08-06 05:22 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-09-04 22:15 - 2016-08-06 05:21 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-09-04 22:16 - 2016-08-06 05:21 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-09-04 22:16 - 2016-08-06 05:21 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-09-04 22:16 - 2016-08-06 05:21 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-09-04 22:16 - 2016-08-06 05:22 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-09-04 22:15 - 2016-08-06 05:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-09-04 22:15 - 2016-08-06 05:24 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-09-04 22:16 - 2016-08-06 05:25 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-09-04 22:16 - 2016-08-06 05:21 - 00144848 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-09-04 22:16 - 2016-08-06 05:22 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-09-04 22:16 - 2016-08-06 05:25 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-09-04 22:15 - 2016-08-06 05:18 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-09-04 22:15 - 2016-08-30 23:38 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-09-04 22:15 - 2016-08-30 23:13 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-09-04 22:15 - 2016-08-30 23:38 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-09-04 22:15 - 2016-08-30 23:38 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-09-04 22:16 - 2016-08-06 05:22 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-09-04 22:16 - 2016-08-06 05:24 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00037192 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2016-09-04 22:16 - 2016-08-30 23:38 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-09-04 22:15 - 2016-08-30 23:38 - 00168760 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-05-30 00:09 - 2011-07-12 19:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2016-05-30 00:09 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2016-05-30 00:09 - 2012-10-08 17:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2016-05-30 00:09 - 2013-05-08 16:22 - 01040896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2016-05-30 00:10 - 2012-07-20 09:39 - 01047040 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2016-05-30 00:09 - 2013-04-15 14:19 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2016-05-30 00:09 - 2012-05-28 21:27 - 01622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2016-05-30 00:09 - 2011-09-19 20:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2016-05-30 00:09 - 2011-07-21 09:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2016-05-30 00:09 - 2012-08-29 18:09 - 00875520 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2016-05-30 00:08 - 2010-08-23 10:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2016-05-30 00:09 - 2010-10-05 08:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2016-05-30 00:09 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2015-11-23 18:43 - 2015-11-23 18:43 - 00056832 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2015-11-23 18:43 - 2015-11-23 18:43 - 00353792 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2015-11-23 18:43 - 2015-11-23 18:43 - 00071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-05-28 20:16 - 2016-05-28 20:13 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rechenknecht\Desktop\Arno's Zeug\Wallpaper\Konachan.com - 210329 hatsune_miku kuroi_asahi long_hair signed twintails vocaloid.jpg
DNS Servers: 80.69.96.12 - 81.210.129.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: GohghwuersCldcmn.exe => 2
HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2797355107-3117587174-2617422478-1001\...\StartupApproved\Run: => "Spotify"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{33498444-F3A7-40BD-AEEA-0278D97BBD0A}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{7842707A-4275-484D-B78F-CD9D9C235380}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{AA28934F-D5B0-48B1-914C-CB47E72487A5}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{966DB32F-34DA-444C-BE7F-C202F22B99E1}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{235F9128-E220-4676-9D9C-0DDE8C6FC893}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{1128B124-D99F-42FD-8D8C-E0C349057144}] => (Allow) C:\Program Files\Rockstar Games\GTA V\GTA5.exe
FirewallRules: [{BD7027A6-33FF-4F06-B574-182306E7E291}] => (Allow) C:\Program Files\Rockstar Games\GTA V\GTA5.exe
FirewallRules: [{AB937881-AFED-45D0-957D-DEEDF3C8978B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{69897DD4-DDC0-403B-9457-90E6490A5C72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [UDP Query User{6C8EA0C2-57B6-45A8-B323-89366A9E742A}C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{1699DA6F-073E-4765-9C6E-6A6305262780}C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe
FirewallRules: [{FC5E1650-DDF2-48A4-81B8-8F30B7E1C685}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B6CADC2D-A853-44C9-BA42-5FE7BDBD74C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{C8D1DF86-D254-45A1-B8C0-0E0C331E7F2C}C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{AECA3DFE-1390-4F5F-925E-31CB1BCE90CF}C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\rechenknecht\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C34EB995-625F-4AB2-9421-E5E6C9CB16E0}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed\NFS16_trial.exe
FirewallRules: [{E90C3477-3D09-482B-96E8-3F5C86F727D5}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed\NFS16_trial.exe
FirewallRules: [{7329011D-5F09-4DEB-AA13-54BB421C5CF5}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed\NFS16.exe
FirewallRules: [{D8B30EEE-F6FF-40A1-8033-7A3C525D7F5D}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed\NFS16.exe
FirewallRules: [{13EDA027-4A5D-4751-A591-8B09FD1EC47E}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{A2570588-5162-410F-9556-BA48665329E6}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{EF02F3EB-2C97-4C21-9A6C-2A7993354D5E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{20D23F4D-EA2F-44A0-98DF-CBE5B05E835C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C57531CB-A9EC-48D4-BD80-9241D5ABED06}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8EBD17FD-3C67-47F7-B7C8-9D0E4D8B8F80}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{43FEA9D7-6942-458F-A236-8761D480DDE9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{E2ECCDC2-D6E7-4346-9F45-4DCE5EE4C23F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{E1CDFD26-871F-4B86-9C74-971AB6B60F9E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D30397FE-7D70-449B-AB01-1BF3956AECF7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/07/2016 03:29:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ED2S725)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/07/2016 03:24:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ED2S725)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/07/2016 03:19:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ED2S725)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/07/2016 03:15:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ED2S725)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/07/2016 03:13:59 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ED2S725)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/07/2016 03:08:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ED2S725)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/07/2016 02:59:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-ED2S725)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/07/2016 02:42:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Wacom_TouchUser.exe, Version: 6.3.17.3, Zeitstempel: 0x5787f867
Name des fehlerhaften Moduls: Wacom_TouchUser.exe, Version: 6.3.17.3, Zeitstempel: 0x5787f867
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000019d767
ID des fehlerhaften Prozesses: 0x934
Startzeit der fehlerhaften Anwendung: 0x01d20904398b0750
Pfad der fehlerhaften Anwendung: C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
Berichtskennung: a0207f1a-91ac-4191-a11f-835165024864
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/07/2016 02:37:11 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "wsp_sr" wurde versucht, die Abfrage "select * from WSP_ReplicationGroupModificationEvent" zu registrieren, deren Zielklasse "WSP_ReplicationGroupModificationEvent" im Namespace "//./root/Microsoft/Windows/Storage/Providers_v2" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (09/07/2016 02:37:11 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "wsp_sr" wurde versucht, die Abfrage "select * from WSP_ReplicationGroupDepartureEvent" zu registrieren, deren Zielklasse "WSP_ReplicationGroupDepartureEvent" im Namespace "//./root/Microsoft/Windows/Storage/Providers_v2" nicht vorhanden ist. Die Abfrage wird ignoriert.
Systemfehler:
=============
Error: (09/07/2016 06:08:18 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/07/2016 06:06:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware USB Arbitration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/07/2016 06:06:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware NAT Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/07/2016 06:06:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VMware DHCP Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/07/2016 06:06:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ASUS System Control Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/07/2016 06:06:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VMware Authorization Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/07/2016 06:06:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ASUS Com Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/07/2016 06:06:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AdaptiveSleepService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/07/2016 06:06:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/07/2016 06:06:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
==================== Speicherinformationen ===========================
Prozessor: AMD FX(tm)-6300 Six-Core Processor
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 8088.69 MB
Verfügbarer physikalischer RAM: 5548.02 MB
Summe virtueller Speicher: 10008.69 MB
Verfügbarer virtueller Speicher: 7368.46 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:930.97 GB) (Free:600.51 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C32E3EAD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)
==================== Ende von Addition.txt ============================
|
|
07.09.2016, 18:46
| #10 |
| /// TB-Senior | Trotux.com redirect Virus eingefangen Hi, bestehen jetzt mit dem Rechner noch Probleme?
__________________ Zum Schutz vor Trojanerinnen und Femaleware ist bei einem aktuellen Windows 10 die Windows-Defenderin ausreichend. |
|
07.09.2016, 19:24
| #11 |
| | Trotux.com redirect Virus eingefangen Läuft wieder alles normal. PCmeter für die Minianwendungen funktioniert zwar nicht mehr, aber das müsste ich selber hinbekommen. |
|
07.09.2016, 19:52
| #12 |
| /// TB-Senior | Trotux.com redirect Virus eingefangen Wenn du keine weiteren Probleme hast. sind wir hier fertig! Deine Logs sind sauber! Schritt 1: Aufräumen Die Reihenfolge ist hier entscheidend.
Abschluss: Tipps
Wenn du keine konkreten Fragen dazu mehr hast, wünsche ich dir noch ein angenehmes und malwarefreies Surfen! Du kannst uns noch etwas spenden oder hier Lob oder Kritik äußern. Andere Fragen sind in den entsprechenden Forenbereichen immer willkommen.
__________________ Zum Schutz vor Trojanerinnen und Femaleware ist bei einem aktuellen Windows 10 die Windows-Defenderin ausreichend. |
|
07.09.2016, 20:13
| #13 |
| | Trotux.com redirect Virus eingefangen Ok, super!  Dann möchte ich mich nochmals aufrichtig für deine Zeit, deinen Aufwand, und deine Kompetenz bedanken Deine Tipps werde ich so gut es geht befolgen. Mfg Arno |
|
| Themen zu Trotux.com redirect Virus eingefangen |
| computer, cpu, cpu-z, excel, firefox, flash player, homepage, installation, mozilla, mp3, office 365, proxygate, prozesse, realtek, registry, rundll, scan, server, svchost.exe, system, taskmanager, teamspeak, udp, usb, virus, vista, werbung, windows, windowsapps |
Linear-Darstellung
