Trotux entfernt und nun sind einige Dienste deaktiviert

Botto97 · 06.12.2016, 17:49

Hallo Community,

ich hab mir vor kurzem die Adware Trotux eingefangen und da mein Avast Premium leider nicht in der Lage war diese auch nur aufindig zu machen hab ich ihn mit Zemana AntiMalware entfernt. Jetzt habe ich das Problem, dass Windows Defender und Windows Designs nicht mehr funktionieren. Wenn ich versuche Designs zu aktivieren kommt der Fehler 1075: Der Abhängikeitsdienst ist nicht vorhanden oder zum löschen makiert. Ich weiß nicht ob das mit der Adware zusammenhängt oder ganz was anderes ist und bin forh über jeden Tipp. FRST hab ich schon drüberlaufen lassen und die Ergebnisse auf Pastebin hochgeladen hxxp://pastebin.com/cT5e9eFw

LG Botto

M-K-D-B · 06.12.2016, 18:07

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

FRST in Code-Boxen hier posten.

Botto97 · 06.12.2016, 18:18

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-12-2016
durchgeführt von User (06-12-2016 17:37:25)
Gestartet von C:\Users\User\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-05-17 06:32:56)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1652729561-1798351166-2891734009-500 - Administrator - Disabled)
Gast (S-1-5-21-1652729561-1798351166-2891734009-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1652729561-1798351166-2891734009-1013 - Limited - Enabled)
Nadine (S-1-5-21-1652729561-1798351166-2891734009-1014 - Limited - Enabled) => C:\Users\Nadine
User (S-1-5-21-1652729561-1798351166-2891734009-1000 - Administrator - Enabled) => C:\Users\User

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Avast Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.)
Ableton Live 9 Suite (HKLM\...\{48EC4E57-1D04-4831-90A7-151DA2269495}) (Version: 9.0.0.0 - Ableton)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Aerosoft's - Airbus A320-A321 - FSX STEAM Edition (HKLM-x32\...\Airbus A320-A321 - FSX STEAM Edition) (Version: 1.30 - Aerosoft)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version:  - Skybox Labs)
AGEIA PhysX v7.07.24 (HKLM-x32\...\{EFC1B35C-FFF2-41D8-A70A-CE6037F8040B}) (Version: 7.07.24 - AGEIA Technologies, Inc.)
Anno 1404 (HKLM\...\Steam App 33250) (Version:  - Blue Byte)
Anno 1404: Venice (HKLM\...\Steam App 33350) (Version:  - Blue Byte)
ANNO 1503 (HKLM-x32\...\{EBBB1DEF-8878-4CB8-BC0D-1196B30E7527}) (Version:  - )
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.00 - Sunflowers)
Anno 2070 (HKLM-x32\...\{435C32E1-96F0-4518-B051-A5403900C389}_is1) (Version: 1.01 - RAF)
Anno 2205 (HKLM-x32\...\Anno 2205_is1) (Version:  - )
Ansel (Version: 376.19 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version:  - Studio Wildcard)
Arma 2 (HKLM\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: British Armed Forces (HKLM\...\Steam App 65700) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 2: Private Military Company (HKLM\...\Steam App 65720) (Version:  - Bohemia Interactive)
Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.7.5.0 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.7.5.0 - ASUSTek COMPUTER INC.) Hidden
Automap 4.10 (HKLM\...\Automap Universal_is1) (Version: 4.10 - Focusrite Audio Engineering Ltd.)
Avast Premier (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.10.265 - Electronic Arts)
Battlefield™ 1 Open Beta (HKLM-x32\...\{F9E19363-7B10-4F8A-8640-945C36D4B504}) (Version: 1.0.8.10777 - Electronic Arts)
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Big Pharma: Marketing and Malpractice (HKLM\...\YmlncGhhcm1hbWFya2V0aW5nYW5kbWFscHJhY3RpY2U_is1) (Version: 1 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Build Tools - amd64 (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Bus Simulator 16 (HKLM\...\YnVzc2ltdWxhdG9yMTY_is1) (Version: 1 - )
Card Hunter (HKLM\...\Steam App 293260) (Version:  - Blue Manchu)
CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
Cheat Engine 6.5.1 (HKLM-x32\...\Cheat Engine 6.5.1_is1) (Version:  - Cheat Engine)
Chivalry: Medieval Warfare (HKLM\...\Steam App 219640) (Version:  - Torn Banner Studios)
Cities In Motion - Design Classics (HKLM-x32\...\{37F03AE9-D51D-4B1C-806F-3DA898E330BD}_is1) (Version:  - )
Cities In Motion - Design Marvels (HKLM-x32\...\{68416881-7697-46F7-BBAF-8741D5C3584F}_is1) (Version:  - )
Cities In Motion - Design Now (HKLM-x32\...\{7B3050F8-E4DA-4276-8972-A75DC2A671A2}_is1) (Version:  - )
Cities In Motion - German Cities (HKLM-x32\...\{AD6FDE5E-FDA6-43CA-93B6-C90C9DB3FE52}_is1) (Version:  - )
Cities In Motion - Metro Stations (HKLM-x32\...\{899EF246-6FF0-4A9C-9689-80C2CA0BD868}_is1) (Version:  - )
Cities In Motion - Patch 1.0.22 (HKLM-x32\...\{34D52D01-C65D-4A29-99E0-E02030597B4F}_is1) (Version:  - )
Cities In Motion - Tokyo (HKLM-x32\...\{9C29DF2E-4EC8-485A-AAB9-A70727F29494}_is1) (Version:  - )
Cities In Motion - U.S. Cities (HKLM-x32\...\{B11E789C-8A0B-470A-AB34-63CD65F9CE81}_is1) (Version:  - )
Cities In Motion (HKLM-x32\...\{15FA5ED6-2F98-4B5E-AF0B-18E5F4723FAD}_is1) (Version:  - )
Core Temp 1.0 RC8 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version:  - Valve)
Crazy Machines 3 (HKLM\...\Y3JhenltYWNoaW5lczM_is1) (Version: 1 - )
Crazy Machines II (HKLM-x32\...\{112B0ED9-57F8-4883-8E6A-5BEAABDABBC1}) (Version: 1.00 - FAKT Software GmbH)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0191 - Disc Soft Ltd)
DayZ (HKLM\...\Steam App 221100) (Version:  - Bohemia Interactive)
Democracy 3 (HKLM\...\Steam App 245470) (Version:  - Positech Games)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
Die Sims™ 3 Diesel Accessoires (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
Die Sims™ 3 Gib Gas-Accessoires (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Generations) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Showtime (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Showtime) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Die Sims™ 3 Traumsuite-Accessoires (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Master Suite Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
Dirty Bomb (HKLM\...\Steam App 333930) (Version:  - Splash Damage®)
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
Driver Booster 4.1 (HKLM-x32\...\Driver Booster_is1) (Version: 4.1.0 - IObit)
Dying Light (HKLM\...\Steam App 239140) (Version:  - Techland)
Empire Earth II Gold Edition (HKLM-x32\...\GOGPACKEMPIREEARTH2GOLD_is1) (Version: 2.0.0.17 - GOG.com)
Entity Framework 6.1.3 Tools  for Visual Studio 2013 (HKLM-x32\...\{D5170452-84D1-4725-AD9C-F9ECFD0A9E9F}) (Version: 12.0.40302.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
Far Cry Primal (HKLM-x32\...\Uplay Install 2010) (Version:  - Ubisoft)
FileZilla Client 3.21.0 (HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\FileZilla Client) (Version: 3.21.0 - Tim Kosse)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Flight Simulator X (HKLM-x32\...\RTMshadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.6.321 - Foxit Software Inc.)
Freenet Version 0.7.5 build 1475 (HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\{3196C62F-9C7B-4392-88B4-05C037D05518}_is1) (Version: 0.7.5 build 1475 - freenetproject.org)
FSacars (HKLM-x32\...\{FFC78FC9-2FE6-4648-BFEB-446C61C2D61E}) (Version: 4.0 - Jose Oliveira/FSacars team)
FSX Concorde 1.1 (HKLM\...\{C9EFD0D5-86AB-4205-8556-8C0AF2765CFB}) (Version: 1.1 - Fly Away Simulation)
GameDog (HKLM-x32\...\{05C30AD9-6CDF-4767-A4E6-6D6C9F41CA0C}) (Version: 2.4.5955.41964 - Wolfspirit)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2013 Sprachpaket (DEU) - v1.4 (x32 Version: 1.4.30416.1601 - Microsoft Corporation) Hidden
Ghost in the Shell Stand Alone Complex First Assault Online (HKLM\...\Steam App 369200) (Version:  - Neople)
Global ATC Simulator (HKLM-x32\...\R2xvYmFsQVRDU2ltdWxhdG9y_is1) (Version: 1 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Gothic 3 (HKLM\...\Steam App 39500) (Version:  - Piranha – Bytes)
Gpg4win (2.3.3) (HKLM-x32\...\GPG4Win) (Version: 2.3.3 - The Gpg4win Project)
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version:  - Rockstar North)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
GTR Evolution (HKLM\...\Steam App 8660) (Version:  - SimBin)
Hearts of Iron III (HKLM\...\Steam App 25890) (Version:  - Paradox Development Studio)
Hearts of Iron IV (HKLM\...\Steam App 394360) (Version:  - Paradox Development Studios)
HELLDIVERS™ (HKLM\...\Steam App 394510) (Version:  - Arrowhead Game Studios)
Heroes & Generals (HKLM\...\Steam App 227940) (Version:  - Reto-Moto)
Hitman: Sniper Challenge (HKLM\...\Steam App 205930) (Version:  - IO Interactive)
HITMAN™ (HKLM\...\Steam App 236870) (Version:  - Io-Interactive)
Hounds Last Hope 1.0 (HKLM-x32\...\Hounds Last Hope) (Version: 1.0 - RebornGames Inc.)
iFunbox (v3.0.3939.1352) (HKLM-x32\...\iFunbox_is1) (Version: v3.0.3939.1352 - iFunbox DevTeam)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel Extreme Tuning Utility (HKLM-x32\...\{e227ceea-7188-42a4-9e8d-6c36bbf0fa9f}) (Version: 6.1.2.11 - Intel Corporation)
Intel Extreme Tuning Utility (x32 Version: 6.1.2.11 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.0.17 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4380 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.6.60 - Intel Corporation)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 112 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180112F0}) (Version: 8.0.1120.15 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java 8 Update 92 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Just Cause 2 (HKLM\...\Steam App 8190) (Version:  - Avalanche Studios)
Just Flight - Traffic X (HKLM-x32\...\{D186EE99-F905-4F87-B188-01D60D8FF1B3}) (Version: 1.00.000 - Just Flight)
Kerbal Space Program Demo (HKLM\...\Steam App 231410) (Version:  - Squad)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Mafia III (HKLM\...\bWFmaWFpaWk_is1) (Version: 1 - )
MegaTrainer eXperience V1.1.5.8 (HKLM-x32\...\MegaTrainer eXperience_is1) (Version:  - )
MegaTrainer Ultimate Version 1.4.6 (HKLM-x32\...\{68A5CFDB-E05C-46BC-B2EB-988D1E2C2444}_is1) (Version: 1.4.6 - MegaDev)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Flight Simulator 2004 - Das Jahrhundert der Luftfahrt (HKLM-x32\...\Flight Simulator 9.0) (Version: 9.0 - Microsoft)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62615.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62615.0 - Microsoft Corporation)
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Flight Simulator X: Steam Edition (HKLM\...\Steam App 314160) (Version:  - Microsoft Game Studios)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.7466.2038 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.41012.0) (HKLM-x32\...\{79AB8378-D661-4021-9941-FE5F4AEB57BB}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server*2014 Express LocalDB  (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU mit Update 5 (HKLM-x32\...\{6502e1ac-767b-4caf-b03d-5ee3c638c46d}) (Version: 12.0.40629.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{9408684F-E1CC-4D2E-AE15-886023557682}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{B9A7B46F-0120-406B-9A12-3AD1DCC94D97}) (Version: 12.0.2000.8 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Miscreated (HKLM\...\Steam App 299740) (Version:  - Entrada Interactive LLC)
Mount & Blade: Warband (HKLM\...\Steam App 48700) (Version:  - TaleWorlds Entertainment)
Mozilla Firefox 50.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 de)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Napoleon: Total War (HKLM\...\Steam App 34030) (Version:  - The Creative Assembly)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.7 - Black Tree Gaming)
No Mans Sky (HKLM-x32\...\No Mans Sky_is1) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
Novation USB Audio Driver 2.7 (HKLM\...\Novation USB Audio Driver_is1) (Version: 2.7 - Novation DMS Ltd.)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 376.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.19 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.19 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7426.1015 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Oil Enterprise (HKLM\...\Steam App 353630) (Version:  - Crafty Studios)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenIV (HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\OpenIV) (Version: 2.8.703 - .black/OpenIV Team)
Origin (HKLM-x32\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.100.9.0 - Overwolf Ltd.)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Patrician IV Gold Edition (HKLM-x32\...\Patrician IV Gold Edition_is1) (Version:  - )
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
PhoneBrowse 3.2.0 (HKLM-x32\...\{6A4F3A46-FC4A-4B5C-917C-B9BAAB99FE01}}_is1) (Version: 3.2.0 - iMobie Inc.)
Pioneer MIX 64bit Driver (HKLM\...\Pioneer MIX) (Version: 4.2.4.0001 - Pioneer DJ Corporation.)
Pizza Connection 2 (HKLM-x32\...\{DA47ABC4-52DF-468D-988D-B9E768A3DF52}) (Version:  - )
Portal 2 (HKLM\...\Steam App 620) (Version:  - Valve)
PowerShellIntegration.Notifications (x32 Version: 2.6.0.0 - Microsoft Corporation) Hidden
Prison Architect (HKLM\...\Steam App 233450) (Version:  - Introversion Software)
Project CARS Game Of The Year Edition (HKLM\...\cHJvamVjdGNhcnM_is1) (Version: 1 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
R.U.S.E (HKLM\...\Steam App 21970) (Version:  - Eugen Systems)
RACE 07 (HKLM\...\Steam App 8600) (Version:  - SimBin)
RaceRoom Racing Experience  (HKLM\...\Steam App 211500) (Version:  - Sector3 Studios)
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - Sector3 Studios)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.10.6 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.1104 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.87.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7930 - Realtek Semiconductor Corp.)
Red Bull Air Race - The Game (HKLM-x32\...\{6577A275-7D02-4DD9-A619-41FF2E30BB2F}_is1) (Version: 0004 - Wingracers Sports Games)
rekordbox 4.2.4 64bit (HKLM\...\Pioneer rekordbox 4.2.4) (Version: 4.2.4.0001 - Pioneer DJ)
Risen (HKLM\...\Steam App 40300) (Version:  - Piranha Bytes)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.5 - Rockstar Games)
RollerCoaster Tycoon World (HKLM\...\Steam App 282560) (Version:  - Nvizzio Creations)
Rome: Total War (HKLM\...\Steam App 4760) (Version:  - The Creative Assembly)
Rust (HKLM\...\Steam App 252490) (Version:  - Facepunch Studios)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Sandboxie 5.14 (64-bit) (HKLM\...\Sandboxie) (Version: 5.14 - Sandboxie Holdings, LLC)
Scrap Mechanic (HKLM\...\Steam App 387990) (Version:  - Axolot Games)
SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version:  - Firaxis Games)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Sniper: Ghost Warrior (HKLM\...\Steam App 34830) (Version:  - City Interactive)
South Park™: The Stick of Truth™ (HKLM\...\Steam App 213670) (Version:  - Obsidian Entertainment)
Spacewar (HKLM\...\Steam App 480) (Version:  - Valve)
Spotify (HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\Spotify) (Version: 1.0.31.56.g526cfefe - Spotify AB)
SquawkBox (HKLM-x32\...\SquawkBox) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteamVR Performance Test (HKLM\...\Steam App 323910) (Version:  - Valve)
Stronghold 3 (HKLM\...\Steam App 47400) (Version:  - FireFly Studios)
Stronghold Crusader 2 (HKLM\...\Steam App 232890) (Version:  - FireFly Studios)
Surgeon Simulator (HKLM\...\Steam App 233720) (Version:  - Bossa Studios)
Sylenth1 v2.20 (HKLM\...\Sylenth1_is1) (Version:  - )
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
Terraria (HKLM\...\Steam App 105600) (Version:  - Re-Logic)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
The Elder Scrolls IV: Oblivion  (HKLM\...\Steam App 22330) (Version:  - Bethesda Game Studios)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Elder Scrolls V: Skyrim Special Edition (HKLM\...\Steam App 489830) (Version:  - Bethesda Game Studios)
The Guild II - Pirates of the European Seas (HKLM\...\Steam App 39660) (Version:  - 4 Head Studios)
The Guild II (HKLM\...\Steam App 39650) (Version:  - 4 Head Studios)
The Guild II: Renaissance (HKLM\...\Steam App 39680) (Version:  - Rune Forge)
The Mighty Quest For Epic Loot Version 1.237368 (HKLM-x32\...\The Mighty Quest For Epic Loot_is1) (Version: 1.237368 - )
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
Tom Clancy's The Division (HKLM\...\Steam App 365590) (Version:  - Massive Entertainment)
Total War: ROME II - Emperor Edition (HKLM\...\Steam App 214950) (Version:  - Creative Assembly)
Total War: WARHAMMER (HKLM\...\Steam App 364360) (Version:  - Creative Assembly)
Tropico 3: Absolute Power (HKLM\...\Steam App 57600) (Version:  - Haemimont Games)
Tropico 4 (HKLM\...\Steam App 57690) (Version:  - Haemimont Games)
Tropico 5 (HKLM\...\Steam App 245620) (Version:  - Haemimont Games)
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 19.1 - Ubisoft)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden
VirtualDJ 8 (HKLM-x32\...\{415D8B6F-2597-4B84-B677-B4A936C10E37}) (Version: 8.1.2832.0 - Atomix Productions)
Visual Studio 2013 Update 5 (KB2829760) (HKLM-x32\...\{17551f85-1d1c-4142-a83f-bbd18a3522c2}) (Version: 12.0.40629 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
vPilot (HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\vPilot) (Version: 1.1.5901.24775 - Ross Carlson)
VS Update core components (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
War Thunder (HKLM\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Wargame: European Escalation (HKLM\...\Steam App 58610) (Version:  - Eugen Systems)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
WinISO (HKLM-x32\...\WinISO) (Version: 6.4.1.5976 - WinISO Computing Inc.)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.24-2 - Bitnami)
Xperia Companion (HKLM-x32\...\{f494d3ac-4796-4bbd-b7a0-1873600d110d}) (Version: 1.3.2.0 - Sony)
Xperia Companion (x32 Version: 1.3.2.0 - Sony) Hidden
Xperia Companion Service (Version: 1.3.2.0 - Sony) Hidden
X-Plane 10 Global - 64 Bit (HKLM\...\Steam App 292180) (Version:  - Laminar Research)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1652729561-1798351166-2891734009-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1652729561-1798351166-2891734009-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1652729561-1798351166-2891734009-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1652729561-1798351166-2891734009-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1652729561-1798351166-2891734009-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1652729561-1798351166-2891734009-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {06CAD90F-24DA-4B2C-9E69-51301A719C85} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\Scheduler.exe [2016-11-08] (IObit)
Task: {085870E5-7A70-48B7-8443-F61C99FFB16A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {0EA204A4-946F-41AD-89D2-8CB5D47C1EC7} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-11-23] (Overwolf LTD)
Task: {12E3435F-595F-414D-B798-2AC88535C825} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-11-17] (NVIDIA Corporation)
Task: {171F2C61-27C0-473E-987B-77332A92E240} - System32\Tasks\Stumuied Client => C:\Program Files (x86)\Vqerckleent\stozersh.exe
Task: {2187C87B-4AF8-425A-A0E7-2300FCB8B9BD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-11-02] (Microsoft Corporation)
Task: {2D22F063-956F-416A-BDD6-ECA06DE7C57A} - System32\Tasks\Driver Booster Beta SkipUAC (User) => C:\Program Files (x86)\IObit\Driver Booster Beta\4.0.1\DriverBooster.exe
Task: {2F94EAEF-D7FD-4D30-9BD2-0BB1B93EB316} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation)
Task: {36D100DF-44DC-4AE3-958C-0F1DC84E9B32} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {3A558D9A-8421-467A-AE80-B94C57CEC30F} - System32\Tasks\{2EFA6E8F-7BD5-4E75-BB02-B7202C56991C} => D:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe [2004-09-01] (Microsoft Corporation)
Task: {3F8F8E37-917C-4D74-A1B8-B17E960274C0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-26] (Adobe Systems Incorporated)
Task: {4D6A2C70-E736-44FD-AC84-A6FACE453210} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {4F83B571-7C3D-49BF-BD46-8397B65CAC67} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {5A76032C-336A-4829-8A14-0D7A4665C7EF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {6AF6EDEA-5BEF-4C79-975F-536BBA12612C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-22] (Google Inc.)
Task: {70EE1C4E-3BF5-4620-93C6-E4C3ADB94FAE} - System32\Tasks\Driver Booster SkipUAC (User) => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe [2016-11-14] (IObit)
Task: {76AD8E7E-A17A-47DD-9E98-6F4AEDC29820} - \Microsoft\Windows\Multimedia\SoundProvider -> Keine Datei <==== ACHTUNG
Task: {78E67C7A-4C81-4715-8BF9-178C759E0FBF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-09] (AVAST Software)
Task: {893DFF73-789D-4AC0-BDE5-B9A061D7B5B4} - System32\Tasks\{4732A461-F2FA-4F65-B3E6-C5F6F1AF4FDE} => pcalua.exe -a "C:\Users\User\Desktop\Install FSUIPC4.exe" -d C:\Users\User\Desktop
Task: {99D8FFA9-63AB-4454-B182-B96AFAB279C2} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-11-20] (Intel Corporation)
Task: {A142B6B1-51E0-40A9-9FA4-F4F1481E8960} - System32\Tasks\SafeZone scheduled Autoupdate 1467385642 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {A20C4AD7-C5F7-4503-A905-F3D227B20DAF} - System32\Tasks\{3F138AF1-2993-4400-8D86-ECA499A76DD4} => pcalua.exe -a C:\Users\User\Downloads\TWEE_German_language_pack.exe -d C:\Users\User\Downloads
Task: {B02DEAFA-45C0-487E-8327-BA8F18E5F5AD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-22] (Google Inc.)
Task: {BE4A1E7F-3E71-43BE-80E7-FB9575FC753B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {C16ABE74-1611-4196-94B8-7A0F004A3874} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {C393BF12-D085-4224-AF63-1CF2A04C54C5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {CC55469A-B4D1-4DED-AC83-B165F15CAC45} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-11-07] (Piriform Ltd)
Task: {F822A841-C14E-4013-8ACC-FE0128A1FD86} - System32\Tasks\{81E21091-ECC2-4598-9770-E678EE83EFFA} => pcalua.exe -a C:\Users\User\Desktop\A380v2Demo09\A380demo.exe -d C:\Users\User\Desktop\A380v2Demo09
Task: {F9B617E4-276C-4894-9B04-937D4C6EF69A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-11-02] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki/
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com/

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-05-17 16:15 - 2014-01-28 04:16 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2012-01-17 10:24 - 2012-01-17 10:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2016-08-18 09:27 - 2016-08-18 09:27 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2016-08-01 15:08 - 2016-11-17 14:45 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-08-01 15:08 - 2016-11-17 14:45 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-08-24 08:47 - 2016-11-17 14:45 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-05-20 20:39 - 2016-06-28 13:35 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-09-25 00:20 - 2016-09-25 00:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-07-04 18:47 - 2016-10-30 17:12 - 08924864 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-08-23 14:05 - 2016-08-23 14:05 - 00052400 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-11-07 21:27 - 2016-11-07 21:27 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-08-19 09:12 - 2016-08-19 09:12 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2016-09-21 10:25 - 2016-12-06 11:19 - 00022024 _____ () C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
2009-01-01 00:24 - 2016-12-01 18:32 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-09 10:01 - 2016-09-09 10:01 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-12-05 17:05 - 2016-12-05 17:05 - 03066880 _____ () C:\Program Files\AVAST Software\Avast\defs\16120500\algo.dll
2016-09-09 10:01 - 2016-09-09 10:01 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-05-17 16:15 - 2016-12-06 11:01 - 00032552 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2016-05-17 16:15 - 2014-01-28 04:16 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2016-08-18 09:14 - 2016-08-18 09:14 - 00222720 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2016-08-18 09:09 - 2016-08-18 09:09 - 00103424 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2016-08-18 09:03 - 2016-08-18 09:03 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2016-08-18 09:14 - 2016-08-18 09:14 - 00073728 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2016-08-18 09:17 - 2016-08-18 09:17 - 00751104 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2016-08-01 15:08 - 2016-11-17 14:45 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-08-01 15:08 - 2016-11-17 14:45 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-08-01 15:08 - 2016-11-17 14:45 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-05-20 19:59 - 2016-09-08 04:14 - 00784672 _____ () D:\Steam\SDL2.dll
2016-05-20 19:59 - 2016-09-01 02:02 - 04969248 _____ () D:\Steam\v8.dll
2016-05-20 19:59 - 2016-09-01 02:02 - 01563936 _____ () D:\Steam\icui18n.dll
2016-05-20 19:59 - 2016-09-01 02:02 - 01195296 _____ () D:\Steam\icuuc.dll
2016-05-20 19:59 - 2016-10-13 02:58 - 02321696 _____ () D:\Steam\video.dll
2016-05-20 19:59 - 2016-01-27 08:49 - 02549760 _____ () D:\Steam\libavcodec-56.dll
2016-05-20 19:59 - 2016-01-27 08:49 - 00442880 _____ () D:\Steam\libavutil-54.dll
2016-05-20 19:59 - 2016-01-27 08:49 - 00491008 _____ () D:\Steam\libavformat-56.dll
2016-05-20 19:59 - 2016-01-27 08:49 - 00332800 _____ () D:\Steam\libavresample-2.dll
2016-05-20 19:59 - 2016-01-27 08:49 - 00485888 _____ () D:\Steam\libswscale-3.dll
2016-05-20 19:59 - 2016-10-13 02:58 - 00836896 _____ () D:\Steam\bin\chromehtml.DLL
2016-05-20 19:59 - 2016-07-04 23:17 - 00266560 _____ () D:\Steam\openvr_api.dll
2016-11-23 11:45 - 2016-11-23 11:45 - 45069312 _____ () C:\Program Files (x86)\Overwolf\0.100.9.0\libcef.DLL
2016-11-18 11:41 - 2016-11-18 11:41 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2016-07-01 16:06 - 2016-07-01 16:06 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-08-01 15:08 - 2016-11-17 11:20 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-08-01 15:08 - 2016-11-17 11:20 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-08-01 15:08 - 2016-11-17 11:20 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-08-01 15:08 - 2016-11-17 11:20 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-08-01 15:08 - 2016-11-17 11:20 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-08-01 15:08 - 2016-11-17 11:20 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-08-24 08:47 - 2016-11-17 11:20 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-08-23 14:05 - 2016-08-23 14:05 - 00048304 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2016-11-14 11:16 - 2016-09-07 21:42 - 50656768 _____ () C:\Users\User\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2016-11-23 11:45 - 2016-11-23 11:45 - 01643008 _____ () C:\Program Files (x86)\Overwolf\0.100.9.0\libglesv2.dll
2016-11-23 11:45 - 2016-11-23 11:45 - 00074752 _____ () C:\Program Files (x86)\Overwolf\0.100.9.0\libegl.dll
2016-10-14 12:34 - 2016-08-04 21:56 - 49825056 _____ () D:\Steam\bin\cef\cef.winxp\libcef.dll
2016-11-14 11:16 - 2016-09-07 21:42 - 01874944 _____ () C:\Users\User\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2016-11-14 11:16 - 2016-09-07 21:42 - 00075264 _____ () C:\Users\User\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2014-04-30 00:23 - 2014-04-30 00:23 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-05-20 19:59 - 2015-09-25 00:52 - 00119208 _____ () D:\Steam\winh264.dll
2016-09-21 10:25 - 2016-12-06 11:19 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2016-09-21 10:25 - 2016-12-06 11:19 - 00012288 _____ () C:\Program Files (x86)\Origin\libEGL.DLL
2016-05-20 20:19 - 2016-06-09 18:13 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\User:Heroes & Generals [38]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\Software\Classes\regfile: regedit.exe "%1" <===== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-12-02 01:23 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: 001d46a7 => C:\Users\User\AppData\Local\Temp\world-super-ext.exe
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudPhotos => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iFunBox => D:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe /tray
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\User\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: XperiaCompanionAgent => "C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{84DE3B2D-826F-4622-9FB6-BDDA7F27D18D}] => D:\Steam\Steam.exe
FirewallRules: [{5E879E77-42B6-4F7A-A873-F32C0ED05280}] => D:\Steam\Steam.exe
FirewallRules: [{6762AF0D-9F37-4184-9A6C-08FAB8EFD7DE}] => D:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{3A848C5C-DA5B-494A-A402-37FF45FB7A35}] => D:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{2AAED2A2-6059-4B48-AE46-F5F64039467B}] => C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{02841AE1-2C2B-4D04-814F-929DC981D4A2}] => C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{771E7286-7D70-4E84-8A1A-B56339E1F7CA}] => C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{DE3C8EB2-B76F-47EB-8A01-3FDACC1828EF}] => C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [TCP Query User{B083FB38-0446-4128-8340-F5782C4FC0F1}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{CC948301-3D4A-45C0-8264-1FC4682324E7}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{DFD8BFF3-E0AE-4886-A8B9-B928D08FF6A3}] => D:\Steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe
FirewallRules: [{3ED9EB4B-76AE-4564-B1EA-A932AF158B30}] => D:\Steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe
FirewallRules: [{31643739-616B-4795-81A8-B043A0535CE4}] => D:\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{86A077B5-60ED-4E94-934B-6C0A25D0905C}] => D:\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{57244F4C-008F-4B40-9288-9CA506C43BE7}] => D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{15025337-F08C-4311-8F91-A81448BAE65F}] => D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D63313CA-0644-498E-958B-4B3A7D1ADBD5}] => D:\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{8FFAAFA2-3DB1-42AD-8205-C9D5507F8ECF}] => D:\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{5614B8E9-5245-4118-A619-092B30AF19B8}] => D:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{AB472C98-7906-475E-9E26-17E7088B2392}] => D:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{3751E5DA-CE50-4A97-87A1-A3A5ACCE2FBC}] => D:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{03F1781C-906E-4BE5-895A-D97F3B8EDDF8}] => D:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{59CA2BFA-F550-49DB-9CAE-D3450515788A}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4B6A457B-E633-467F-BD62-1A5A1035BA04}] => D:\Steam\steamapps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{DCFBE169-8EB6-4908-B025-ED488227B022}] => D:\Steam\steamapps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{CA6784A2-DEC0-4192-9F89-F3BA2DDDC00C}] => D:\Steam\steamapps\common\R.U.S.E\Ruse.exe
FirewallRules: [{138DDAD5-A58F-4047-A0E2-1AAE21B01081}] => D:\Steam\steamapps\common\R.U.S.E\Ruse.exe
FirewallRules: [{F5EF3A7A-9E95-4608-A2CA-369EB4326F48}] => D:\Steam\steamapps\common\Rome Total War Gold\RomeTW.exe
FirewallRules: [{A65E7490-B932-40FA-8DF9-FF110E87EC3E}] => D:\Steam\steamapps\common\Rome Total War Gold\RomeTW.exe
FirewallRules: [{0B3265CB-4CFC-4735-A619-C6F67FD86887}] => D:\Steam\steamapps\common\Rome Total War Gold\RomeTW-BI.exe
FirewallRules: [{8DA66291-AE79-4739-A9C9-9945D15060D9}] => D:\Steam\steamapps\common\Rome Total War Gold\RomeTW-BI.exe
FirewallRules: [{151366ED-4161-4920-AA9B-BF18FA03120E}] => C:\SteamLibrary\steamapps\common\Helldivers\binaries\x64\helldivers.exe
FirewallRules: [{5D02B5B6-2AE7-41CE-A54E-790376D49109}] => C:\SteamLibrary\steamapps\common\Helldivers\binaries\x64\helldivers.exe
FirewallRules: [{7978E655-5D6B-4ACD-BDBF-56B3DECA07D8}] => C:\SteamLibrary\steamapps\common\Helldivers\binaries\x86\helldivers.exe
FirewallRules: [{64E069B9-3F9D-4F79-937F-E72D00ABA919}] => C:\SteamLibrary\steamapps\common\Helldivers\binaries\x86\helldivers.exe
FirewallRules: [{252A2332-5F3C-4DE6-A832-E712302E6D7D}] => C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{A59C8E93-810A-47FC-8182-FC1EE87D08E7}] => C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{6562EBB3-0992-4AEF-9853-34ED2F8F12C3}] => D:\Steam\steamapps\common\Hitman™\Launcher.exe
FirewallRules: [{DFED7820-AB10-4B01-B858-4B612D7968A4}] => D:\Steam\steamapps\common\Hitman™\Launcher.exe
FirewallRules: [{C2EB2DD2-E975-4DDE-8A19-DE5254EEB0A3}] => D:\Steam\steamapps\common\Tom Clancy's The Division\thedivision.exe
FirewallRules: [{FC953AB3-6949-464D-AD0D-B1964D066196}] => D:\Steam\steamapps\common\Tom Clancy's The Division\thedivision.exe
FirewallRules: [{3C81711C-69C5-4423-9EA0-DCFC59D38FA9}] => D:\Steam\steamapps\common\race 07\SteamExpansionApp.exe
FirewallRules: [{EDE8BC2F-EF6F-4C6E-95B4-E7BE5BA0087C}] => D:\Steam\steamapps\common\race 07\SteamExpansionApp.exe
FirewallRules: [{6126A141-A7D6-4AA5-B086-74858C994EBF}] => D:\Steam\steamapps\common\race 07\SteamProxy.exe
FirewallRules: [{1960DEF7-634F-44DF-9FD5-1B6E0A62E333}] => D:\Steam\steamapps\common\race 07\SteamProxy.exe
FirewallRules: [{BC64BA19-FF61-4566-84A8-C6C2C66337FC}] => D:\Steam\steamapps\common\race 07\Config.exe
FirewallRules: [{7A40541B-CA28-498A-9CAE-8CEBA69F19EA}] => D:\Steam\steamapps\common\race 07\Config.exe
FirewallRules: [{36E1B303-75D1-498F-90F3-D2D08DD7028E}] => D:\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{63773F5D-A1C2-4C02-BB9E-6286067A649C}] => D:\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{77CDAE60-0165-463F-AA45-A8A1A4D8D63E}] => D:\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{F40C761C-2416-4C1F-A05E-BC3BECFBD4A2}] => D:\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{82687C43-F210-4513-83B3-68AEB96B9C39}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{31C9400F-311C-4BD2-8B68-0624D96C4AED}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{47DDA37D-17A4-47D0-8A14-F0584C31D416}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{819CFEF1-0399-4370-8425-4D6C638B3808}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{21628142-32B9-45B7-BC62-5E800DC7C72D}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6154CCFD-89C8-4FDD-A20A-BC8A765589AA}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{823B853E-A41D-41A4-A4FF-3D12CA4FB75B}] => D:\Steam\steamapps\common\Scrap Mechanic\Release\ScrapMechanic.exe
FirewallRules: [{B0AFF446-A54D-460B-B2D7-A958F1AD0F87}] => D:\Steam\steamapps\common\Scrap Mechanic\Release\ScrapMechanic.exe
FirewallRules: [{867519B2-A1D5-4CA6-80C4-4C6E80C93432}] => D:\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{576405B5-7257-43C0-A72E-90C6367F141E}] => D:\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{00F32528-AF0E-4DA7-B303-9FFE9C45FE50}] => D:\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{EAAA2EA4-909D-4320-BF2A-58D29B359435}] => D:\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{DF9ECDF6-9ECE-4D42-8A00-CA95069CFAE3}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{82CFC9A0-9B5A-49DF-9E1C-4D0131B35CB9}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E331B238-F7DC-4468-82CF-C9BBABF1EE06}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2B74EEBC-713F-46A2-AA7A-AC3AFF9B3C58}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B9AF3F76-45BD-47BC-B955-B485E7E112AA}] => D:\Origin\Battlefield 3\bf3.exe
FirewallRules: [{0C4F2DB7-3486-4C85-A098-C75C5F359C3D}] => D:\Origin\Battlefield 3\bf3.exe
FirewallRules: [{D000420F-FE55-44E2-8995-91977746A4AB}] => D:\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{EC0550E4-69C7-4618-8669-FD84C95D3467}] => D:\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{FA74C79A-0114-407E-918D-925F24E7AEB1}] => D:\Steam\steamapps\common\ARMA 2 Operation Arrowhead\DLCsetup\BAF\datacachepreprocessor.exe
FirewallRules: [{56788C84-99AA-48C3-8617-A67FCEF155DC}] => D:\Steam\steamapps\common\ARMA 2 Operation Arrowhead\DLCsetup\BAF\datacachepreprocessor.exe
FirewallRules: [{27B62BF7-8746-462F-B8C7-D5BA6CBBC7B8}] => D:\Steam\steamapps\common\ARMA 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{B43A07A5-1C4D-416E-A2B6-A76218F558B2}] => D:\Steam\steamapps\common\ARMA 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{43D8F594-9AB1-4266-B3FE-F548C3C5BD75}] => D:\Steam\steamapps\common\ARMA 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{5520B775-11A5-4063-B935-4C161D0FD54D}] => D:\Steam\steamapps\common\ARMA 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{4D9B5D3D-5443-47DA-97F6-9D9F12E406E0}] => D:\Steam\steamapps\common\ARMA 2 Operation Arrowhead\DLCsetup\ACR\datacachepreprocessor.exe
FirewallRules: [{1185703F-1C34-4506-BEA8-F9A156055C53}] => D:\Steam\steamapps\common\ARMA 2 Operation Arrowhead\DLCsetup\ACR\datacachepreprocessor.exe
FirewallRules: [{154DE94F-0F37-4334-B229-3636008B4085}] => D:\Steam\steamapps\common\ARMA 2 Operation Arrowhead\DLCsetup\PMC\datacachepreprocessor.exe
FirewallRules: [{C844376D-DDE4-4BDA-B63A-792417F97BE5}] => D:\Steam\steamapps\common\ARMA 2 Operation Arrowhead\DLCsetup\PMC\datacachepreprocessor.exe
FirewallRules: [{4155C843-FF1E-49BA-8CFA-FB065B5F29FD}] => D:\Steam\steamapps\common\Oblivion\OblivionLauncher.exe
FirewallRules: [{C296B62F-7D95-4A12-8E30-D69937C3C382}] => D:\Steam\steamapps\common\Oblivion\OblivionLauncher.exe
FirewallRules: [{FEBC665A-E054-4525-BB5C-DD81EEF9A9A5}] => D:\Steam\steamapps\common\Gothic 3\Gothic3.exe
FirewallRules: [{E039518E-9BBB-4711-8D86-A5234E0BB699}] => D:\Steam\steamapps\common\Gothic 3\Gothic3.exe
FirewallRules: [{9BF060A7-EB40-4EE3-9411-28D2EC9EE870}] => D:\Steam\steamapps\common\Risen\bin\Risen.exe
FirewallRules: [{A84EEB85-30EB-4E4A-B802-2FBD8E0E8F23}] => D:\Steam\steamapps\common\Risen\bin\Risen.exe
FirewallRules: [{C269CD84-A64A-4686-9040-2933A929DCDD}] => D:\Steam\steamapps\common\Stronghold3\bin\win32_release\Stronghold3.exe
FirewallRules: [{AE926DF8-C4B0-4BBE-A294-FB70645760ED}] => D:\Steam\steamapps\common\Stronghold3\bin\win32_release\Stronghold3.exe
FirewallRules: [{B367C9BA-D0B8-4902-92E8-C8237705723C}] => D:\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{DC27E43E-96B0-49BA-93F0-A960FCCD1368}] => D:\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [TCP Query User{B5F98E12-D966-409F-8419-2E4EF5A3EBCD}D:\steam\steamapps\common\anno 1404\tools\anno4web.exe] => D:\steam\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [UDP Query User{ACFE8079-5975-441A-AA53-1522A5EFBEC7}D:\steam\steamapps\common\anno 1404\tools\anno4web.exe] => D:\steam\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [{248643E2-EB08-449F-9BAC-DD9C822E1486}] => D:\Steam\steamapps\common\Anno 1404\Anno4.exe
FirewallRules: [{E92FE3E0-F1E7-497E-9EB9-4DCADD9B7AE6}] => D:\Steam\steamapps\common\Anno 1404\Anno4.exe
FirewallRules: [{F555D9C0-0421-41B9-80F3-1C96059DE632}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry Primal\bin\FCPrimal.exe
FirewallRules: [TCP Query User{87BB1149-0FE7-44A9-99BF-1DB851F30E36}D:\steam\steamapps\common\anno 1404\tools\anno4web.exe] => D:\steam\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [UDP Query User{5802B5AB-68D3-4AFA-ACDB-17C3F0AA45A7}D:\steam\steamapps\common\anno 1404\tools\anno4web.exe] => D:\steam\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [TCP Query User{D1DB0B62-87AD-4305-8EE8-E133E4E1F248}D:\steam\steamapps\common\war thunder\win64\aces.exe] => D:\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [UDP Query User{226219F6-3148-4E23-A1C2-04A1BDAD01AB}D:\steam\steamapps\common\war thunder\win64\aces.exe] => D:\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{AB39A4CB-E53D-4482-9117-4241BCB72025}] => D:\Steam\steamapps\common\Hitman Sniper Challenge\HMSC.exe
FirewallRules: [{777C3F91-AFC9-4227-BD0F-BAEADC880478}] => D:\Steam\steamapps\common\Hitman Sniper Challenge\HMSC.exe
FirewallRules: [{9C6654CD-218D-48ED-8FD0-BF0434EFB44A}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{7A24BC1A-C4C5-4221-B307-098B6D59125A}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{DD19ADE0-AD34-4264-B971-BF536CEA768E}] => C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{945EB3F5-9AF3-4F9E-B3E5-9FB6400F997E}] => C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\WDExpress.exe
FirewallRules: [{768E3A20-E621-4BA5-A736-A7B6C7AE5B33}] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4855644F-169A-4E61-A039-250FD856CBA3}] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{16206DF6-2517-4628-BD0B-DA494F14B5BA}] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{73E735BD-0CF4-4B41-AC1B-EABD18537D2F}] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3EAB7584-76DE-419F-9FAE-76109CF25D4F}] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7925C428-126F-4B8F-A7F2-8D0911FB4957}] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2B325A67-5401-4879-8F6E-D8E78FDAFCF8}] => D:\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{7007EB1D-496A-46D7-B9BD-570A40384DEC}] => D:\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{B6C2C8B2-1564-4F22-A984-322280C4578F}] => D:\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{3960A85C-139A-4DED-A3F2-E496654356E2}] => D:\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{4C7E7D57-94E8-4B94-85A0-90BC0C5E5FF2}] => D:\Steam\steamapps\common\Sniper Ghost Warrior\Sniper_x86.exe
FirewallRules: [{00E616D7-C51E-4609-9423-E2025370EB4C}] => D:\Steam\steamapps\common\Sniper Ghost Warrior\Sniper_x86.exe
FirewallRules: [{FAF9F8AF-F41F-4980-94F3-CA1313B27B98}] => D:\Steam\steamapps\common\Wargame European Escalation\WarGame.exe
FirewallRules: [{75546854-E45C-45A5-96C3-F2F43DE7F0F0}] => D:\Steam\steamapps\common\Wargame European Escalation\WarGame.exe
FirewallRules: [{D08513BA-C0E1-4A48-86D8-BD5F1EDF026A}] => D:\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{D2240DDF-8492-4F27-AD23-AA361D2CC56B}] => D:\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{06CB8BCD-EF3F-4DD0-A289-F97C45357C48}] => D:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{15252672-C2EF-407E-85AE-6C89BC28210F}] => D:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{FEF19434-70A5-4993-88B4-369548E0634B}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{0241EB57-9592-4200-9918-CE3F356B0EC1}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{66953C62-8FFD-413B-9125-BEBE3E33B6C0}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{307B4029-E9F3-4D43-B6A9-E83070618EDC}] => D:\Steam\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [{919BA835-E46D-4C8E-A1C0-D27D6D2892EA}] => D:\Steam\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [{657391EA-7E54-4C77-A93F-2CCA79267807}] => D:\Steam\steamapps\common\X-Plane 10\X-Plane.exe
FirewallRules: [{5A6CA695-6601-404B-A170-B8CB8DCD9D4F}] => D:\Steam\steamapps\common\X-Plane 10\X-Plane.exe
FirewallRules: [{81E97738-52DA-4B2C-80BE-40EB3661CE60}] => D:\Steam\steamapps\common\X-Plane 10\X-Plane-32bit.exe
FirewallRules: [{96AB1BE1-1F95-4425-AA58-F1519C86118A}] => D:\Steam\steamapps\common\X-Plane 10\X-Plane-32bit.exe
FirewallRules: [{F5C79FC7-4996-4319-896F-1879EF71B774}] => D:\Steam\steamapps\common\X-Plane 10\Airfoil-Maker.exe
FirewallRules: [{76D344FC-1F1E-47C9-B3CF-45ACE129462A}] => D:\Steam\steamapps\common\X-Plane 10\Airfoil-Maker.exe
FirewallRules: [{DFC0D245-8438-4BA4-8337-B4BA75A17CC9}] => D:\Steam\steamapps\common\X-Plane 10\Plane-Maker.exe
FirewallRules: [{B3D387AE-A111-455C-A0B2-5E6E7151AEF8}] => D:\Steam\steamapps\common\X-Plane 10\Plane-Maker.exe
FirewallRules: [{FD523A9F-E506-4BD9-B202-A6A4B0508F36}] => D:\Steam\steamapps\common\CardHunter\CardHunter.exe
FirewallRules: [{48FE471E-B60A-4643-BAB8-72BCF553F8B4}] => D:\Steam\steamapps\common\CardHunter\CardHunter.exe
FirewallRules: [{3EB328E5-291C-40A9-93DF-D644C9AF0B0F}] => D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{4C323364-E370-41B0-9BE1-46D5AA37C9B4}] => D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{0CBB6E8C-AC41-4984-8360-DFFD17532F45}] => D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{F6516272-9693-4261-BA91-0CFCD6E2D574}] => D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{B4AACF4F-B6F1-4B42-88A3-6D4835E8309A}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{B971D5DD-0C6C-4781-95E7-623FEEAFE51A}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{252E27BF-7DB6-4C6F-B608-6AC5E42BB01C}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6EADD72D-2467-4213-BC54-814A343E9011}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3D4E7B69-6BC3-421B-9E8F-3CD213E5EAC9}] => D:\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{5D020A5A-C7B8-466F-98E6-05A47847ECAE}] => D:\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{64BE4513-C3C5-4689-896D-60F842BD05E0}] => C:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{0871D1E8-E6FA-4A40-810C-79A9EAC09CA4}] => C:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{242F4F43-0EFA-4BA8-8EFA-FFE77721469F}] => C:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{466E7EC2-7E48-4278-8679-1226338DC2FD}] => C:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{749BC2E3-A832-4939-B4CA-3117F6B35B05}] => C:\SteamLibrary\steamapps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{34C73E45-5E9B-4D35-B448-1A1BFA9DB79E}] => C:\SteamLibrary\steamapps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{12207AD0-D615-4310-9757-FEC177D8DB38}] => C:\SteamLibrary\steamapps\common\Tropico 3\Tropico3.exe
FirewallRules: [{64C30B72-BF47-41E8-ADD4-0ACE397FDF67}] => C:\SteamLibrary\steamapps\common\Tropico 3\Tropico3.exe
FirewallRules: [{B71DECA1-2CA3-4EEC-B75E-107D4A261B1A}] => C:\SteamLibrary\steamapps\common\Tropico 4\Tropico4.exe
FirewallRules: [{C5E256AD-CD6A-4A7B-9F91-48CB3FE64235}] => C:\SteamLibrary\steamapps\common\Tropico 4\Tropico4.exe
FirewallRules: [{27A3E106-4136-4152-B9F0-135E5F559A07}] => C:\SteamLibrary\steamapps\common\Kerbal Space Program Demo\KSP.exe
FirewallRules: [{CCE46F63-6EC5-4B28-8A1A-BEBB672228C7}] => C:\SteamLibrary\steamapps\common\Kerbal Space Program Demo\KSP.exe
FirewallRules: [{0ECE1526-61C5-46F0-8D8E-24CC3713A126}] => D:\Steam\steamapps\common\The Guild II\GuildII.exe
FirewallRules: [{4593C1A7-F503-4D6F-93D4-1830FB40FB48}] => D:\Steam\steamapps\common\The Guild II\GuildII.exe
FirewallRules: [{34C0C389-8765-4F07-831C-3F02100453C0}] => D:\Steam\steamapps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{0289AACB-9D71-478D-A712-31876583D279}] => D:\Steam\steamapps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{B52EAC45-73F0-4E30-AAC3-242552602581}] => D:\Steam\steamapps\common\The Guild II - Pirates of the European Seas\GuildII.exe
FirewallRules: [{0F3899F6-3741-4DC9-91C3-026BEC6942E2}] => D:\Steam\steamapps\common\The Guild II - Pirates of the European Seas\GuildII.exe
FirewallRules: [{12188305-81CB-4961-8572-83BAD7A6EE8D}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{9E9A8F99-7F20-4D58-BA01-EC67BF0E6B44}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{1EB1D8E7-86D6-4281-9FAC-6D413013502F}] => D:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{D0BF33C1-13D5-4C4B-9290-B7D4985B1725}] => D:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{7114D6EA-AAB3-4A07-BCC2-AE7C2930B292}] => D:\Steam\steamapps\common\Spacewar\SteamworksExample.exe
FirewallRules: [{BD9B0871-16CD-4E0E-999B-FC25A3E8C381}] => D:\Steam\steamapps\common\Spacewar\SteamworksExample.exe
FirewallRules: [{D1B355CB-9677-4150-B952-9BA36D5CD863}] => D:\Origin\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{150AC812-15DC-407A-9078-9BE656F0A272}] => D:\Origin\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{9D0B3795-4630-440B-835D-342C360B4466}] => D:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{1592B2AF-A1A1-4B2D-8BDA-C8BCDDBE0C24}] => D:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{5D45DA33-C540-4CFC-888C-C24AB50C2737}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{78FE8673-BBDA-4796-8569-79BD16DA92E6}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{CDDCF8D1-A31D-4E69-8E0A-590362CC3F35}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{B5414510-0B85-400F-B314-3B6431AABBD4}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{1F22F295-FF8C-46FF-B35D-EB55E369BA6D}] => D:\Steam\steamapps\common\Miscreated\Miscreated.exe
FirewallRules: [{A615C0B4-9DD7-4C27-86B5-B92778FD6203}] => D:\Steam\steamapps\common\Miscreated\Miscreated.exe
FirewallRules: [{55DD27C1-40C4-4EF9-8880-D239000C7332}] => D:\Steam\steamapps\common\Miscreated\Bin64\Miscreated.exe
FirewallRules: [{5712754A-C81F-4AAF-9E68-336711F63282}] => D:\Steam\steamapps\common\Miscreated\Bin64\Miscreated.exe
FirewallRules: [{28A54D2F-A1BC-4E33-933A-404F08F6D05C}] => D:\Steam\steamapps\common\Miscreated\EasyAntiCheat\EasyAntiCheat_x64.dll
FirewallRules: [{49DEECFA-F2B6-441D-AC28-83E8904CA76E}] => D:\Steam\steamapps\common\Miscreated\EasyAntiCheat\EasyAntiCheat_x64.dll
FirewallRules: [{FC7B30FC-E08B-458C-833B-660685C218A5}] => D:\Steam\steamapps\common\Hearts of Iron 3\hoi3.exe
FirewallRules: [{4CEE71FD-5894-4236-8FB5-AF92BD034E3C}] => D:\Steam\steamapps\common\Hearts of Iron 3\hoi3.exe
FirewallRules: [{007622F6-57AB-44EB-A490-E50167F6FAA6}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{77EA7DF1-EFF8-4A73-A47A-4D1867D92589}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{91D6F19F-15C3-4C8A-A750-74A1AA197B58}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{EE57B003-932A-4CAE-80E1-04831A3D174C}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{54777C18-2489-4784-A98E-CE6B7196A4C7}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{96F4326C-631A-48C1-B820-4FD1A0CFD516}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{85BFB352-57FF-4D7E-B2BD-5AF34CEDA808}] => C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{42CAFBAC-CEF2-4918-BFED-73C75C8144C3}] => C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{6C24CAB2-8AD0-4B96-9843-6C65FCA089A1}] => C:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{BF2BBF47-8A00-4D39-A25A-DD5356B562EE}] => C:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{957962F9-2302-46D4-AAB7-BAC6949CEDD6}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{E6260172-7175-4F65-BF55-FE05AE010A68}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{2E872540-FBFA-41BC-A2DB-6914A73044E6}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{A822EEC3-938C-4674-BC90-0D6805D5FD73}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{23C6334C-E186-44BE-8F33-117D9029CC64}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1D53E72F-C0C5-41A0-9850-67C64507C31F}] => D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{BE76A1CF-CB40-46CD-8FC2-4D67C3EF0969}] => D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{0AF711CA-0113-44C6-8DCE-4D1277E3A101}] => D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{C852C671-58AD-464F-A570-88CB55EE54BD}] => D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{0C3E6EF5-357E-4F4D-B90F-3D75226AF9C2}] => D:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{8DCB90CD-4EB8-4BB6-8E9F-7886CF1AF43B}] => D:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{C3EF1250-9DDD-4EA4-950C-86F94E27A6D7}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9E69F9E6-742C-498E-A43D-974A78A5593E}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1701CB72-6DC5-4A06-ADA5-C950444A51EB}] => D:\Steam\steamapps\common\Oil Enterprise\oilenterprise.exe
FirewallRules: [{5BB79DDF-84DA-41B2-9A4B-5DEEE79A37D5}] => D:\Steam\steamapps\common\Oil Enterprise\oilenterprise.exe
FirewallRules: [{04365906-F513-462C-8DD6-809DE2F5D922}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9FF89CDE-148B-4E4F-A45D-5BB2194B78D5}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{544A7EDE-040B-4FAE-B14F-61DAFCF2FF51}] => D:\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{468D5F0A-EEB4-4FBB-B8DE-E135207E4843}] => D:\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{96E00CAF-DE89-4BC5-8FFD-7A11BCEC7FE8}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{CFA90F7B-7389-42D8-8C57-5E791692DF61}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AA61DD4A-EE00-4DA4-AB9D-0EA39289C48F}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{04CA1975-3996-4B03-B60F-D825653B096B}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5406FA95-DE62-4C5D-835B-707EB2EBFF3E}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{417CCB00-A239-4015-959F-916E91E8020B}] => D:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{F99AF6FF-7E0C-41F6-B2EC-DDB3D5545197}] => D:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{FF5E03A5-D91B-42B6-AF38-7D2A17F20DBA}] => D:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{7D5DD7DA-1556-4E66-BF8F-7DF54B787A51}] => D:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{CC346771-EFAC-4D95-A268-2A14F617AB74}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{72FE3A63-458D-46C0-B0C1-E88F9281496A}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D1C1C2C8-3C92-48D7-A2FE-421AB8577B71}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2C449291-1FBD-485E-8BF1-6DD878880E97}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3CFD77D7-B240-48BC-A54E-DDE76D1CEDC1}] => D:\Steam\steamapps\common\Democracy 3\Democracy3.exe
FirewallRules: [{508114A4-D185-40F0-82DC-2B6838426848}] => D:\Steam\steamapps\common\Democracy 3\Democracy3.exe
FirewallRules: [{BDA65A7A-104E-4D84-9A11-BA8A0431C00C}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{217FC923-DCE7-480A-87D2-E359FB49CE89}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{61F2CEA2-A512-4827-9DC4-36D3815B6BC9}] => D:\Steam\steamapps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{0FAA423A-68D8-42A9-886A-0E0339414C1E}] => D:\Steam\steamapps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{83DAB31E-6126-41C4-99E6-6B1466103A71}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{29C6B89C-F484-42F8-B909-0C98C71C7B39}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{337501D2-4D79-4D34-BE0F-7C0969FC04A7}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6C636658-BCFC-443B-9337-2BBB6A648E82}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{74F3B540-0DDB-4032-B4C7-90A80CD8C072}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E9467076-DE4A-4A84-B53A-C0173C88650B}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B006FB14-6DAB-4CA3-852B-2BCA9E2B700C}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6A115E3E-FD04-4040-A980-64E1A2F7B18A}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{54EA9290-07F3-4ABD-963A-42C21C410E93}] => D:\Steam\steamapps\common\Anno 1404\Addon.exe
FirewallRules: [{C861DA10-DF06-49BF-B4ED-99639DE34E31}] => D:\Steam\steamapps\common\Anno 1404\Addon.exe
FirewallRules: [{758FFFEF-8C26-4630-9F7E-1C925AD89F88}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BE9D1210-D36C-4C5F-B907-E2C1B180E263}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1B096EBC-94B4-4ABB-85DE-E3520EBF00D9}] => D:\Steam\steamapps\common\firstassault\Shipping\nxsteam.exe
FirewallRules: [{EA77747C-DEAF-4BFB-BD63-FDE8003D8517}] => D:\Steam\steamapps\common\firstassault\Shipping\nxsteam.exe
FirewallRules: [{222AA3CA-11B7-4B1B-AB48-CA705459AEA9}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{98784C99-6E50-4866-9F3A-1A09F96AB06F}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{628046D2-4E1C-4D2E-85F6-E8901A7BBA6D}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E910D86B-7F03-4DA3-B216-E142276C4EBC}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2C81C9D9-7755-4CB5-B00B-4956A044842F}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{284103D6-519B-484E-A4D5-B6C3905780EE}] => LPort=1688
FirewallRules: [{A059F795-25C9-4A79-945D-A27465C3F2D7}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2B2F37C8-9442-4649-B5D2-432D11F9735E}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FC5B094C-0C37-4B7F-AF90-ED06DF9F5FBE}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6174F83E-930B-4406-B15A-893B296ABDCC}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{358F3856-EAD6-453E-8E51-5281960600B0}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{583727FC-6BA2-4D9F-A622-B6CB6062C440}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0DF66961-E67D-4C97-A144-524F63C4CE62}] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe
FirewallRules: [{A4FBB3C2-CC44-4AE1-8238-BDE3969D8860}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DABFB464-9FFC-4394-9BC7-351EC6FB6DD0}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AE9A18B4-126E-4428-97B4-E802D7B88730}] => D:\Steam\steamapps\common\FSX\fsx.exe
FirewallRules: [{07CD4FF6-DD93-4AC2-912A-A31B1FD31096}] => D:\Steam\steamapps\common\FSX\fsx.exe
FirewallRules: [{A5D64C23-F1C5-40CF-9687-18D75590BCB2}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{20975BD1-CB7A-48A9-B7AC-3B81DBEA1A95}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D28B7E36-46F8-41A2-8B4C-767109845F6F}] => D:\Origin\Battlefield 1\bf1Trial.exe
FirewallRules: [{C09F5670-6E71-4F31-A99C-1D2C5E726BDB}] => D:\Origin\Battlefield 1\bf1Trial.exe
FirewallRules: [{7E5BFEC5-D4FD-4D56-84C5-518175E0183F}] => D:\Origin\Battlefield 1\bf1.exe
FirewallRules: [{CBB52A74-D238-4444-B6E8-41B103092BF9}] => D:\Origin\Battlefield 1\bf1.exe
FirewallRules: [{BFDD6E5B-6443-480F-B096-6CC653B3C483}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BCDB6C99-3D5B-44EE-B2AC-DD297ECB70E6}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4CFB9FAF-C128-4A7F-A991-7C1FE7520127}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{46ED8759-0D47-435C-B082-2BBEC6523A77}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{680315A1-031C-44F1-BE50-3A516EF1562B}] => D:\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{EE63C5AB-FE03-4328-9B36-8BFD7BC94777}] => D:\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{87728C2F-5EFF-4877-B51F-0E59797FE0EC}] => D:\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{97262891-DDD4-4CEC-BE4E-363B36AB82DE}] => D:\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{59CCD5DA-448A-4FD5-A246-B795D1AE65C0}] => D:\Steam\steamapps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{F950BA83-148E-4593-867A-0AC55AE63871}] => D:\Steam\steamapps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{57BE0F92-4CD6-4895-81FF-513791D0C9FD}] => D:\Steam\steamapps\common\RollerCoaster Tycoon World\RollerCoaster Tycoon World.exe
FirewallRules: [{68D1C4AC-2A34-46D1-8DFC-1BFBF2CAB530}] => D:\Steam\steamapps\common\RollerCoaster Tycoon World\RollerCoaster Tycoon World.exe
FirewallRules: [{FFB81978-5935-4995-A955-688788D06E59}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5928465F-9DE4-4987-9ABD-FC64A334217B}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{72770A45-489B-4FBD-81A3-DA62ED066704}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E4634DE9-774E-4174-8FA6-64A4DB718A6C}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================

Systemfehler:
=============

CodeIntegrity:
===================================
  Date: 2016-12-06 11:01:59.079
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-06 11:01:59.001
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-06 11:01:58.482
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-06 11:01:58.412
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-05 22:09:32.835
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-05 22:09:32.773
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-05 22:09:32.256
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-05 22:09:32.186
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-05 13:04:28.367
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-05 13:04:28.287
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-5775C CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 17%
Installierter physikalischer RAM: 24517.93 MB
Verfügbarer physikalischer RAM: 20212.9 MB
Summe virtueller Speicher: 24902.91 MB
Verfügbarer virtueller Speicher: 20248.66 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:465.54 GB) (Free:13.43 GB) NTFS
Drive d: () (Fixed) (Total:2794.39 GB) (Free:1603.72 GB) NTFS
Drive g: (Global ATC Simulator) (CDROM) (Total:0.48 GB) (Free:0 GB) UDF

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

FRST.txt ist zu lang

M-K-D-B · 06.12.2016, 18:20

Zitat:

Zitat von Botto97

FRST.txt ist zu lang

Auf 2 oder mehrere Posts aufteilen.

Es wäre super, wenn du die Logdateien von Zemana und Avast mit den Funden posten könntest, dann muss ich nicht "halb blind im Dunkeln rumtappen"...

Botto97 · 06.12.2016, 18:23

Avast hat nichts endeckt. Zemana:

Code:

ATTFilter

Zemana AntiMalware 2.70.2.25 (Portable)

-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2016.12.2
Operating System       : Windows 7 64-bit
Processor              : 8X Intel(R) Core(TM) i7-5775C CPU @ 3.30GHz
BIOS Mode              : UEFI
CUID                   : 126ABB4791FFDCA9125C8F
Scan Type              : System Scan
Duration               : 1m 36s
Scanned Objects        : 219115
Detected Objects       : 58
Excluded Objects       : 0
Read Level             : SCSI
Auto Upload            : Enabled
Detect All Extensions  : Disabled
Scan Documents         : Disabled
Domain Info            : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Internet Explorer Shortcut
Status             : Scanned
Object             : hxxp://www.amisites.com/?type=sc&ts=1480590508&z=0615f35ba18e1c689007dbeg4z8bae4w9t7e6wae9q&from=che0812&uid=ST3000DM001-1ER166_Z502SFPNXXXXZ502SFPN
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Internet Explorer Shortcut

Internet Explorer Shortcut
Status             : Scanned
Object             : hxxp://www.amisites.com/?type=sc&ts=1480590508&z=0615f35ba18e1c689007dbeg4z8bae4w9t7e6wae9q&from=che0812&uid=ST3000DM001-1ER166_Z502SFPNXXXXZ502SFPN
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Internet Explorer Shortcut

Internet Explorer Shortcut
Status             : Scanned
Object             : hxxp://www.amisites.com/?type=sc&ts=1480590508&z=0615f35ba18e1c689007dbeg4z8bae4w9t7e6wae9q&from=che0812&uid=ST3000DM001-1ER166_Z502SFPNXXXXZ502SFPN
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Internet Explorer Shortcut

Internet Explorer Search
Status             : Scanned
Object             : amisites - hxxp://amisites.com
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Internet Explorer Search

Internet Explorer Search
Status             : Scanned
Object             : amisites - hxxp://amisites.com
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Internet Explorer Search

Internet Explorer Homepage
Status             : Scanned
Object             : hxxp://www.amisites.com/?type=hp&ts=1480590508&z=0615f35ba18e1c689007dbeg4z8bae4w9t7e6wae9q&from=che0812&uid=ST3000DM001-1ER166_Z502SFPNXXXXZ502SFPN
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Internet Explorer Homepage

Internet Explorer Homepage
Status             : Scanned
Object             : hxxp://www.amisites.com/?type=hp&ts=1480590508&z=0615f35ba18e1c689007dbeg4z8bae4w9t7e6wae9q&from=che0812&uid=ST3000DM001-1ER166_Z502SFPNXXXXZ502SFPN
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Internet Explorer Homepage

Internet Explorer URL
Status             : Scanned
Object             : hxxp://www.amisites.com/search/?type=ds&ts=1480590508&z=0615f35ba18e1c689007dbeg4z8bae4w9t7e6wae9q&from=che0812&uid=ST3000DM001-1ER166_Z502SFPNXXXXZ502SFPN&q={searchTerms}
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Internet Explorer URL

Internet Explorer URL
Status             : Scanned
Object             : hxxp://www.amisites.com/?type=hp&ts=1480590508&z=0615f35ba18e1c689007dbeg4z8bae4w9t7e6wae9q&from=che0812&uid=ST3000DM001-1ER166_Z502SFPNXXXXZ502SFPN
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Internet Explorer URL

Internet Explorer URL
Status             : Scanned
Object             : hxxp://www.amisites.com/search/?type=ds&ts=1480590508&z=0615f35ba18e1c689007dbeg4z8bae4w9t7e6wae9q&from=che0812&uid=ST3000DM001-1ER166_Z502SFPNXXXXZ502SFPN&q={searchTerms}
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Internet Explorer URL

Internet Explorer URL
Status             : Scanned
Object             : hxxp://www.amisites.com/?type=hp&ts=1480590508&z=0615f35ba18e1c689007dbeg4z8bae4w9t7e6wae9q&from=che0812&uid=ST3000DM001-1ER166_Z502SFPNXXXXZ502SFPN
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Internet Explorer URL

Firefox Shortcut
Status             : Scanned
Object             : hxxp://www.amisites.com/?type=sc&ts=1480590508&z=0615f35ba18e1c689007dbeg4z8bae4w9t7e6wae9q&from=che0812&uid=ST3000DM001-1ER166_Z502SFPNXXXXZ502SFPN
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Firefox Shortcut

Firefox Shortcut
Status             : Scanned
Object             : hxxp://www.amisites.com/?type=sc&ts=1480590508&z=0615f35ba18e1c689007dbeg4z8bae4w9t7e6wae9q&from=che0812&uid=ST3000DM001-1ER166_Z502SFPNXXXXZ502SFPN
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Firefox Shortcut

Firefox Shortcut
Status             : Scanned
Object             : hxxp://www.amisites.com/?type=sc&ts=1480590508&z=0615f35ba18e1c689007dbeg4z8bae4w9t7e6wae9q&from=che0812&uid=ST3000DM001-1ER166_Z502SFPNXXXXZ502SFPN
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Firefox Shortcut

Firefox Shortcut
Status             : Scanned
Object             : hxxp://www.amisites.com/?type=sc&ts=1480590508&z=0615f35ba18e1c689007dbeg4z8bae4w9t7e6wae9q&from=che0812&uid=ST3000DM001-1ER166_Z502SFPNXXXXZ502SFPN
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Firefox Shortcut

Chrome Shortcut
Status             : Scanned
Object             : hxxp://www.amisites.com/?type=sc&ts=1480590508&z=0615f35ba18e1c689007dbeg4z8bae4w9t7e6wae9q&from=che0812&uid=ST3000DM001-1ER166_Z502SFPNXXXXZ502SFPN
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Chrome Shortcut

Chrome Shortcut
Status             : Scanned
Object             : hxxp://www.amisites.com/?type=sc&ts=1480590508&z=0615f35ba18e1c689007dbeg4z8bae4w9t7e6wae9q&from=che0812&uid=ST3000DM001-1ER166_Z502SFPNXXXXZ502SFPN
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Chrome Shortcut

Chrome Search
Status             : Scanned
Object             : trotux - hxxp://trotux.com
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Chrome Search

Chrome Startup Url
Status             : Scanned
Object             : hxxp://www.trotux.com/?z=58b06ddc7a5781a80599192gaz9m6t8qce6qcb6e6z&from=icb&uid=ST3000DM001-1ER166_Z502SFPNXXXXZ502SFPN&type=hp
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Chrome Startup Url

Chrome Homepage
Status             : Scanned
Object             : hxxp://www.trotux.com/?z=58b06ddc7a5781a80599192gaz9m6t8qce6qcb6e6z&from=icb&uid=ST3000DM001-1ER166_Z502SFPNXXXXZ502SFPN&type=hp
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Chrome Homepage

Fast search
Status             : Scanned
Object             : %localappdata%\google\chrome\user data\chromedefaultdata\extensions\pbdpajcdgknpendpmecafmopknefafha\1.1.3
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : PUA.ChromeExt!Gr
Cleaning Action    : Repair
Related Objects    :
                Browser Extension - Fast search

Hosts File
Status             : Scanned
Object             : %systemroot%\system32\drivers\etc\hosts
MD5                : 9CD527A0977CBED7DC425181BAB9AE98
Publisher          : -
Size               : 1022
Version            : -
Detection          : Hosts Hijack
Cleaning Action    : Repair
Related Objects    :
                Hosts file - 127.0.0.1 - id
                File - %systemroot%\system32\drivers\etc\hosts

Suspicious Browser Shortcut
Status             : Scanned
Object             : HKLM\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\@
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Setting
Cleaning Action    : Repair
Related Objects    :
                Registry Entry - HKLM\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\@ = C:\Program Files\Internet Explorer\iexplore.exe ht溡≠﷩

Suspicious Browser Shortcut
Status             : Scanned
Object             : HKLM\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\Google Chrome\shell\open\command\@
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Setting
Cleaning Action    : Repair
Related Objects    :
                Registry Entry - HKLM\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\Google Chrome\shell\open\command\@ = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ht锑ᲃ﷩

Suspicious Browser Shortcut
Status             : Scanned
Object             : HKLM\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\@
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Setting
Cleaning Action    : Repair
Related Objects    :
                Registry Entry - HKLM\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\@ = C:\Program Files (x86)\Mozilla Firefox\firefox.exe ht

Suspicious Browser Shortcut
Status             : Scanned
Object             : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\@
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Setting
Cleaning Action    : Repair
Related Objects    :
                Registry Entry - HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\@ = C:\Program Files\Internet Explorer\iexplore.exe hxxp://wi

Suspicious Browser Shortcut
Status             : Scanned
Object             : HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command\@
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Setting
Cleaning Action    : Repair
Related Objects    :
                Registry Entry - HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command\@ = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ht�ᲂҰ

Suspicious Browser Shortcut
Status             : Scanned
Object             : HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\@
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Setting
Cleaning Action    : Repair
Related Objects    :
                Registry Entry - HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\@ = C:\Program Files (x86)\Mozilla Firefox\firefox.exe ht

archer.dll
Status             : Scanned
Object             : %programfiles%\winarcher\archer.dll
MD5                : 7F0CE0CB41F0BE9A51B35A1C787F32B7
Publisher          : -
Size               : 399872
Version            : 1.0.0.1
Detection          : Adware:Win32/BrowserHijack.Gen
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\winarcher\archer.dll
                DLL - 2060 - C:\Windows\SysWOW64\svchost.exe
                Registry Entry - HKLM\System\CurrentControlSet\Services\Archer\Parameters\ServiceDll = C:\Program Files (x86)\WinArcher\Archer.dll

voqlechufusysystem.dll
Status             : Scanned
Object             : %programfiles%\vqerckleent\voqlechufusysystem.dll
MD5                : 00899E9CC9DA67970B1345B06E525AFE
Publisher          : -
Size               : 275968
Version            : -
Detection          : Adware:Win32/BrowserHijack.Gen
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\vqerckleent\voqlechufusysystem.dll
                DLL - 3044 - C:\Windows\SysWOW64\svchost.exe
                Registry Entry - HKLM\System\CurrentControlSet\Services\Mnerghtplurerdom\Parameters\ServiceDll = C:\Program Files (x86)\Vqerckleent\voqlechufusysystem.dll

ReimageRepair.exe
Status             : Scanned
Object             : %programw6432%\reimage\reimage repair\reimagerepair.exe
MD5                : 5AB1619363CD6D32DEFD85F7A5973AB3
Publisher          : Reimage Limited
Size               : 604928
Version            : 1.5.3.9
Detection          : Scareware:Win32/NonBeneficialOptimizer!Ep
Cleaning Action    : Quarantine
Related Objects    :
                File - %programw6432%\reimage\reimage repair\reimagerepair.exe
                Reference - C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk

winsap.dll
Status             : Scanned
Object             : %programdata%\winsapsvc\winsap.dll
MD5                : B56D1D35D46630335E03AF9ADD84B488
Publisher          : -
Size               : 189440
Version            : -
Detection          : Adware:Win32/BrowserHijack.Gen
Cleaning Action    : Quarantine
Related Objects    :
                File - %programdata%\winsapsvc\winsap.dll
                DLL - 5332 - C:\Windows\SysWOW64\svchost.exe
                Registry Entry - HKLM\System\CurrentControlSet\Services\WinSAPSvc\Parameters\ServiceDll = C:\ProgramData\WinSAPSvc\WinSAP.dll

ReiGuard.exe
Status             : Scanned
Object             : %programw6432%\reimage\reimage protector\reiguard.exe
MD5                : 7A6D3B0ABED7B70A44CF3F743A5F5E15
Publisher          : Reimage Limited
Size               : 8016240
Version            : 2.0.1.5
Detection          : Scareware:Win32/NonBeneficialOptimizer!Ep
Cleaning Action    : Quarantine
Related Objects    :
                File - %programw6432%\reimage\reimage protector\reiguard.exe
                Process - 3132 - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
                Registry Entry - HKLM\System\CurrentControlSet\Services\ReimageRealTimeProtector\ImagePath = C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
                Scheduled Task - C:\Windows\System32\Tasks\ReimageUpdater

ReiSystem.exe
Status             : Scanned
Object             : %programw6432%\reimage\reimage protector\reisystem.exe
MD5                : B2D9D49EBC2F2716779E5048AE219ECD
Publisher          : Reimage Limited
Size               : 8033136
Version            : 2.0.1.5
Detection          : Scareware:Win32/NonBeneficialOptimizer!Ep
Cleaning Action    : Quarantine
Related Objects    :
                File - %programw6432%\reimage\reimage protector\reisystem.exe
                Process - 1892 - C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe

UvConverter.exe
Status             : Scanned
Object             : %appdata%\hadga\uvconverter.exe
MD5                : 619F3E8AF91EEB04D23FBC7CC093A76F
Publisher          : -
Size               : 393728
Version            : -
Detection          : Adware:Win32/BrowserHijack.Gen
Cleaning Action    : Quarantine
Related Objects    :
                File - %appdata%\hadga\uvconverter.exe
                Process - 6592 - C:\Users\User\AppData\Roaming\hadga\UvConverter.exe
                Registry Entry - HKLM\System\CurrentControlSet\Services\Convxxxx\ImagePath = "C:\Users\User\AppData\Roaming\hadga\UvConverter.exe" {2C8E8C85-942B-451C-8243-97A089265577}

REI_Axcontrol.dll
Status             : Scanned
Object             : %programw6432%\reimage\reimage repair\rei_axcontrol.dll
MD5                : 4253EE684EFD4FCDCA77F9685B87DE66
Publisher          : Reimage Limited
Size               : 478568
Version            : 1.8.4.9
Detection          : Scareware:Win32/NonBeneficialOptimizer!Ep
Cleaning Action    : Quarantine
Related Objects    :
                File - %programw6432%\reimage\reimage repair\rei_axcontrol.dll
                Registry Entry - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}\@ = C:\Program Files\Reimage\Reimage Repair\REI_Axcontrol.dll
                Registry Entry - HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}\InprocServer32\@ = C:\Program Files\Reimage\Reimage Repair\REI_Axcontrol.dll
                Registry Entry - HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}\InprocServer32\@ = C:\Program Files\Reimage\Reimage Repair\REI_Axcontrol.dll

BrowserUpdate.exe
Status             : Scanned
Object             : %programdata%\chelfnotify\browserupdate.exe
MD5                : 5BCE955CF12AF3417F055DADC0212920
Publisher          : Tencent Technology(Shenzhen) Company Limited
Size               : 690144
Version            : 9.3.6494.400
Detection          : PUA:Win32/BrowserHijacker!Ep
Cleaning Action    : Quarantine
Related Objects    :
                File - %programdata%\chelfnotify\browserupdate.exe
                Scheduled Task - C:\Windows\System32\Tasks\ChelfNotify Task

SoundProvider.exe
Status             : Scanned
Object             : %userprofile%\soundprovider\soundprovider.exe
MD5                : FE855E471D5F2921A4A57B46AAF94256
Publisher          : -
Size               : 28672
Version            : 1.0.1.104
Detection          : Malware:Win32/Kasatura.A!Ekee
Cleaning Action    : Quarantine
Related Objects    :
                File - %userprofile%\soundprovider\soundprovider.exe
                Scheduled Task - C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia\SoundProvider

ReimageReminder.exe
Status             : Scanned
Object             : %programw6432%\reimage\reimage repair\reimagereminder.exe
MD5                : 68B9C0EA2814E6A887BF9FCC724EFBAE
Publisher          : Reimage Limited
Size               : 4477800
Version            : 2.0.1.3
Detection          : Scareware:Win32/NonBeneficialOptimizer!Ep
Cleaning Action    : Quarantine
Related Objects    :
                File - %programw6432%\reimage\reimage repair\reimagereminder.exe
                Scheduled Task - C:\Windows\System32\Tasks\Reimage Reminder

reimage
Status             : Scanned
Object             : NE->c:\program files\reimage
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : PUA:Win32/Reimage.A!Neng
Cleaning Action    : Quarantine
Related Objects    :
                (null) - (null)

vnsyc92.tmp
Status             : Scanned
Object             : NE->c:\program files (x86)\1aa89a20-1480147065-11dd-9995-2c56dc94012f\vnsyc92.tmp
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Adware:Win32/YellowSend.A!Neng
Cleaning Action    : Quarantine
Related Objects    :
                (null) - (null)

launcher_38.dll
Status             : Scanned
Object             : NE->c:\program files (x86)\vqerckleent\launcher_38.dll
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Adware:Win32/Youndoo.L!Neng
Cleaning Action    : Quarantine
Related Objects    :
                (null) - (null)

ytbmusicbox
Status             : Scanned
Object             : NE->c:\program files (x86)\ytbmusicbox
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : PUA:Win32/YTB Music Box.A!Neng
Cleaning Action    : Quarantine
Related Objects    :
                (null) - (null)

chelfnotify
Status             : Scanned
Object             : NE->c:\programdata\chelfnotify
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Adware:Win32/Youndoo.H!Neng
Cleaning Action    : Quarantine
Related Objects    :
                (null) - (null)

reimage repair
Status             : Scanned
Object             : NE->c:\programdata\microsoft\windows\start menu\programs\reimage repair
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : PUA:Win32/Reimage.C!Neng
Cleaning Action    : Quarantine
Related Objects    :
                (null) - (null)

ytb music box
Status             : Scanned
Object             : NE->c:\programdata\microsoft\windows\start menu\programs\ytb music box
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : PUA:Win32/YTB Music Box.B!Neng
Cleaning Action    : Quarantine
Related Objects    :
                (null) - (null)

reimage protector
Status             : Scanned
Object             : NE->c:\programdata\reimage protector
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : PUA:Win32/Reimage.D!Neng
Cleaning Action    : Quarantine
Related Objects    :
                (null) - (null)

rei
Status             : Scanned
Object             : NE->c:\rei
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : PUA:Win32/Reimage.E!Neng
Cleaning Action    : Quarantine
Related Objects    :
                (null) - (null)

ytbmusicbox
Status             : Scanned
Object             : NE->c:\users\user\appdata\local\ytbmusicbox
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : PUA:Win32/YTB Music Box.C!Neng
Cleaning Action    : Quarantine
Related Objects    :
                (null) - (null)

aspackage
Status             : Scanned
Object             : NE->c:\users\user\appdata\roaming\aspackage
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Adware:Win32/AnySend.A!Neng
Cleaning Action    : Quarantine
Related Objects    :
                (null) - (null)

reimage.ini
Status             : Scanned
Object             : NE->c:\windows\reimage.ini
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : PUA:Win32/Reimage.F!Neng
Cleaning Action    : Quarantine
Related Objects    :
                (null) - (null)

reimage reminder
Status             : Scanned
Object             : NE->c:\windows\system32\tasks\reimage reminder
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : PUA:Win32/Reimage.G!Neng
Cleaning Action    : Quarantine
Related Objects    :
                (null) - (null)

reimageupdater
Status             : Scanned
Object             : NE->c:\windows\system32\tasks\reimageupdater
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : PUA:Win32/Reimage.G!Neng
Cleaning Action    : Quarantine
Related Objects    :
                (null) - (null)


Cleaning Result
-------------------------------------------------------
Cleaned               : 56
Reported as safe      : 2
Failed                : 0

Botto97 · 06.12.2016, 18:24

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-12-2016
durchgeführt von User (Administrator) auf USER-PC (06-12-2016 17:37:06)
Gestartet von C:\Users\User\Desktop
Geladene Profile: User (Verfügbare Profile: User & Nadine & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Sony) C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve Corporation) D:\Steam\Steam.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.100.9.0\OverwolfBrowser.exe
(Valve Corporation) D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Razer, Inc.) C:\Users\User\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.100.9.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.100.9.0\OverwolfHelper64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Valve Corporation) D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Valve Corporation) D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\4.1.0\UninstMon\PubMonitor.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
() C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Users\User\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8900104 2016-11-04] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-11-04] (Razer Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [299504 2016-06-20] (Intel Corporation)
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\Run: [Steam] => D:\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation)
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4295360 2016-06-08] (Disc Soft Ltd)
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9108184 2016-11-07] (Piriform Ltd)
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [247344 2016-11-23] ()
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [798352 2016-09-22] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\MountPoints2: {720c4d20-37bc-11e6-a9b2-2c56dc94012f} - cbs.exe
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\MountPoints2: {720c50ad-37bc-11e6-a9b2-2c56dc94012f} - G:\setup.exe
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\MountPoints2: {dbb36d82-30b2-11e6-bc24-2c56dc94012f} - G:\setup.exe
ShellExecuteHooks:  - {E61BD264-A5BC-11E6-BDC9-64006A5CFC23} -  Keine Datei [ ]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-09] (AVAST Software)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{19A85D3D-7A8C-49C6-B71A-6B9F95CD8203}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9634F382-7D29-46EB-AD92-13B0657457DE}: [NameServer] 77.234.40.79
ManualProxies: 

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-21-1652729561-1798351166-2891734009-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-30] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-28] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-10-30] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-30] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-10-30] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\ssv.dll [2016-11-04] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-28] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-10-30] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-30] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\jp2ssv.dll [2016-11-04] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 48hk48r0.default
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\48hk48r0.default\Profiles\48hk48r0.default [nicht gefunden]
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\qfgrr71f.default-1480591788312 [2016-12-06]
FF NetworkProxy: Mozilla\Firefox\Profiles\qfgrr71f.default-1480591788312 -> http", "185.90.81.137"
FF NetworkProxy: Mozilla\Firefox\Profiles\qfgrr71f.default-1480591788312 -> http_port", 3128
FF Extension: (TrackMeNot) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\qfgrr71f.default-1480591788312\Extensions\trackmenot@mrl.nyu.edu.xpi [2016-12-02]
FF Extension: (Adblock Plus) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\qfgrr71f.default-1480591788312\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-01]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-09]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-26] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-26] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-30] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-30] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.112.2 -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\dtplugin\npDeployJava1.dll [2016-11-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.112.2 -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\plugin2\npjp2.dll [2016-11-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-30] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-22] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: ChromeDefaultData
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-12-06] <==== ACHTUNG
CHR Extension: (Kein Name) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-22]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-22]
CHR Extension: (Spotiload (former Spotify Vk Downloader)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\baggnalhgbpeanbhedjlbndhjgmimmhl [2016-10-22]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-10]
CHR Extension: (Avast SafePrice) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-10-22]
CHR Extension: (Google Tabellen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-10]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-13]
CHR Extension: (Avast Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-10]
CHR Extension: () - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pbdpajcdgknpendpmecafmopknefafha [2016-12-02]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-10]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-22]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-09] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2016-09-09] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1456136 2016-10-12] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3294912 2016-10-30] (Microsoft Corporation)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2016-08-18] () [Datei ist nicht signiert]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1458368 2016-06-08] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [392480 2016-12-02] (EasyAntiCheat Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [354936 2016-03-14] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-30] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-01] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-12-06] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2016-12-06] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1316080 2016-11-23] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-05-21] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-06-28] ()
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [69744 2016-10-18] (Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-09-22] (Sandboxie Holdings, LLC)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
S2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation) [DependOnService: iThemes5]<==== ACHTUNG
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2085760 2016-09-16] (Sony)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18232 2016-08-22] (Intel(R) Corporation)
S2 ed2kidle; "C:\Program Files (x86)\amuleC1\ed2k.exe" -downloadwhenidle [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-09] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [28312 2016-07-01] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [453192 2016-09-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-09] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2016-07-01] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2016-11-13] () [Datei ist nicht signiert]
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-06-12] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-06-12] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-07-19] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31712 2016-07-19] (Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37072 2016-08-03] (Intel Corporation)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2016-11-13] () [Datei ist nicht signiert]
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-07-19] (Intel Corporation)
S3 NvnUsbAudio; C:\Windows\System32\DRIVERS\nvnusbaudio.sys [54000 2015-06-10] (Novation DMS Ltd.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [51224 2016-04-07] (Razer Inc)
R3 rzmpos; C:\Windows\System32\DRIVERS\rzmpos.sys [47640 2016-04-07] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
S3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2016-02-15] (Windows (R) Win 7 DDK provider)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-09-22] (Sandboxie Holdings, LLC)
S3 tap0901_openvpn_accl; C:\Windows\System32\DRIVERS\tap0901_openvpn_accl.sys [37912 2016-07-18] (The OpenVPN Project)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2016-05-12] (WinISO.com)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2016-12-02] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2016-12-02] (Zemana Ltd.)
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-06 17:37 - 2016-12-06 17:37 - 00026596 _____ C:\Users\User\Desktop\FRST.txt
2016-12-06 17:35 - 2016-12-06 17:35 - 00000000 ____D C:\Users\User\Downloads\FRST-OlderVersion
2016-12-06 17:28 - 2016-12-06 17:28 - 00000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics
2016-12-06 17:27 - 2016-12-06 17:27 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-06 17:27 - 2016-12-01 18:04 - 00134712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-12-06 17:27 - 2016-09-09 19:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-12-06 17:27 - 2016-09-09 19:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2016-12-06 17:27 - 2016-09-09 19:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-12-06 17:27 - 2016-09-09 19:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2016-12-06 17:26 - 2016-12-06 17:26 - 00000000 ____D C:\Windows\LastGood
2016-12-06 17:25 - 2016-12-01 20:52 - 40125496 _____ C:\Windows\system32\nvcompiler.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 35222976 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 34703416 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 28137920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 19948848 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 17440744 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 14055360 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-12-06 17:25 - 2016-12-01 20:52 - 10912744 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 10795312 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 10346208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 09151400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 08913328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 08754160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 03645496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 03206592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 01951680 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437619.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437619.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 01036736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00974272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00943552 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00895424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00683824 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00573072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00521096 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00438208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00435904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00407064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00390200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00170872 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00148200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00131536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-12-06 11:05 - 2016-12-02 18:00 - 00392480 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2016-12-06 11:01 - 2016-12-06 11:01 - 00000022 _____ C:\Windows\S.dirmngr
2016-12-04 21:56 - 2016-12-04 21:56 - 00000000 ____D C:\Users\User\AppData\Local\Gaijin
2016-12-04 14:31 - 2016-12-04 14:31 - 00000000 ____D C:\Users\User\AppData\LocalLow\Nvizzio Creations
2016-12-04 00:57 - 2016-12-04 00:57 - 00000202 _____ C:\Users\User\Desktop\RollerCoaster Tycoon World.url
2016-12-04 00:48 - 2016-12-04 00:48 - 00001463 _____ C:\Users\User\Desktop\mysummercar - Verknüpfung.lnk
2016-12-02 22:00 - 2016-12-02 22:00 - 00000000 ____D C:\Users\User\AppData\LocalLow\Bossa Studios
2016-12-02 21:59 - 2016-12-02 21:59 - 00000202 _____ C:\Users\User\Desktop\Surgeon Simulator.url
2016-12-02 19:00 - 2016-12-02 19:00 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\User\Desktop\rkill64.exe
2016-12-02 17:25 - 2016-12-02 17:27 - 00099926 _____ C:\Users\User\Downloads\Addition.txt
2016-12-02 17:24 - 2016-12-06 17:37 - 00000000 ____D C:\FRST
2016-12-02 17:24 - 2016-12-06 17:35 - 02419712 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2016-12-02 17:24 - 2016-12-02 17:27 - 00143116 _____ C:\Users\User\Downloads\FRST.txt
2016-12-02 01:34 - 2016-12-02 01:34 - 00000080 _____ C:\Users\Public\Desktop\Die SimsT 3 Traumkarrieren.lnk
2016-12-02 01:31 - 2016-12-02 01:31 - 07800248 _____ (PC Tools ) C:\Users\User\Downloads\tfinstall.exe
2016-12-02 01:26 - 2016-12-02 01:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-02 01:23 - 2016-12-02 01:23 - 22851472 _____ (Malwarebytes ) C:\Users\User\Downloads\mbam-setup-2.2.1.1043.exe
2016-12-02 01:21 - 2016-12-06 17:37 - 00371255 _____ C:\Windows\ZAM.krnl.trace
2016-12-02 01:21 - 2016-12-06 17:37 - 00349293 _____ C:\Windows\ZAM_Guard.krnl.trace
2016-12-02 01:21 - 2016-12-02 01:21 - 05188032 _____ (Zemana Ltd.) C:\Users\User\Downloads\Zemana.AntiMalware.Portable.exe
2016-12-02 01:21 - 2016-12-02 01:21 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2016-12-02 01:21 - 2016-12-02 01:21 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2016-12-02 01:21 - 2016-12-02 01:21 - 00000000 ____D C:\Users\User\AppData\Local\Zemana
2016-12-02 01:19 - 2016-12-02 01:19 - 00000000 ____D C:\Windows\system32\appmgmt
2016-12-01 23:20 - 2016-12-01 23:20 - 00000000 ____D C:\Users\User\AppData\LocalLow\Amistech
2016-12-01 23:19 - 2016-12-01 23:20 - 00000000 ____D C:\Users\User\Desktop\My.Summer.Car.Early.Access-P2P
2016-12-01 21:38 - 2016-12-01 22:54 - 324777801 _____ C:\Users\User\Downloads\da22a593d6c9bb63e4958970cf8c048c.rar
2016-12-01 12:08 - 2016-12-02 01:23 - 00000000 ____D C:\Users\User\AppData\Roaming\hadga
2016-12-01 12:08 - 2016-12-01 12:08 - 00000000 ____D C:\Program Files (x86)\UvConverter
2016-12-01 11:03 - 2016-12-01 11:03 - 00000000 ____D C:\Users\User\Documents\Battlefield 1
2016-12-01 10:49 - 2016-12-02 01:34 - 00000649 _____ C:\Users\Public\Desktop\Battlefield 1.lnk
2016-12-01 10:49 - 2016-12-01 10:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 1
2016-11-30 10:07 - 2016-12-02 01:24 - 00000000 ____D C:\ProgramData\WinSAPSvc
2016-11-30 10:07 - 2016-12-02 01:24 - 00000000 ____D C:\Program Files (x86)\WinArcher
2016-11-30 09:57 - 2016-11-30 10:07 - 00000000 ____D C:\Program Files (x86)\u0cr1spw
2016-11-29 12:20 - 2016-11-29 12:20 - 07822784 _____ C:\Users\User\Downloads\A320_AS_FSX_LHA3_DAAST.zip
2016-11-29 12:18 - 2016-11-29 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft
2016-11-29 12:17 - 2016-11-29 12:17 - 07822595 _____ C:\Users\User\Downloads\A320_AXE_FSX_LHA3_DAAST.zip
2016-11-28 19:39 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-11-28 19:39 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-11-28 19:39 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-11-28 19:39 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-11-28 19:39 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-11-28 19:39 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-11-28 19:39 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-11-28 19:39 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-11-28 19:39 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-11-28 19:39 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-11-28 19:39 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-11-28 19:39 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-11-28 19:39 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-11-28 19:39 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-11-28 19:39 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-11-28 19:39 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-11-28 19:39 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-11-28 19:39 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-11-28 19:39 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-11-28 19:39 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-11-28 19:39 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-11-28 19:39 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2016-11-28 19:39 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-11-28 19:39 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-11-28 19:39 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-11-28 19:39 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-11-28 19:39 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-11-28 19:39 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-11-28 19:39 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-11-28 19:39 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-11-28 19:39 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-11-28 19:39 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-11-28 19:39 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-11-28 19:39 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-11-28 19:39 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-11-28 19:39 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-11-28 19:39 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-11-28 19:39 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-11-28 19:39 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-11-28 19:39 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-11-28 19:39 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-11-28 19:39 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-11-28 19:39 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-11-28 19:39 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-11-28 19:39 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-11-28 19:39 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-11-28 19:39 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-11-28 19:39 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-11-28 19:39 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-11-28 19:39 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-11-28 19:39 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-11-28 19:39 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-11-28 19:39 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-11-28 19:39 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-11-28 19:39 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-11-28 19:39 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-11-28 19:39 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-11-28 19:39 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-11-28 19:39 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-11-28 19:39 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-11-28 19:39 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-11-28 19:39 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-11-28 19:39 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-11-28 19:39 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-11-28 19:39 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-11-28 19:39 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-11-28 19:39 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-11-28 19:39 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-11-28 19:39 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-11-28 19:39 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-11-28 19:39 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-11-28 19:39 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-11-28 19:39 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-11-28 19:39 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-11-28 19:39 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-11-28 19:39 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-11-28 19:39 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-11-28 19:39 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-11-28 19:39 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-11-28 19:39 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-11-28 19:39 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-11-28 19:39 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-11-28 19:39 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-11-28 19:32 - 2016-11-24 21:54 - 01951680 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437609.dll
2016-11-28 19:32 - 2016-11-24 21:54 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437609.dll
2016-11-28 16:50 - 2016-11-28 16:50 - 00000017 _____ C:\Users\User\AppData\Local\resmon.resmoncfg
2016-11-27 14:53 - 2016-12-02 01:34 - 00001398 _____ C:\Users\Public\Desktop\Die Sims 3.lnk
2016-11-27 13:25 - 2016-11-29 12:18 - 00000000 ____D C:\Users\User\Documents\Aerosoft
2016-11-27 13:24 - 2016-12-02 01:34 - 00000870 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Global ATC Simulator.lnk
2016-11-27 13:24 - 2016-12-02 01:34 - 00000858 _____ C:\Users\Public\Desktop\Global ATC Simulator.lnk
2016-11-27 13:24 - 2016-11-27 13:26 - 00000000 ____D C:\Program Files (x86)\Global ATC Simulator
2016-11-27 13:24 - 2016-11-27 13:24 - 00000000 ____D C:\Users\User\Desktop\Global.ATC.Simulator-HI2U
2016-11-27 13:22 - 2016-11-27 13:23 - 512361856 _____ C:\Users\User\Downloads\2789cf0718883772293db622b5d669dd.rar
2016-11-27 00:59 - 2016-11-27 00:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SquawkBox
2016-11-27 00:59 - 2016-11-27 00:59 - 00000000 ____D C:\Program Files (x86)\SquawkBox
2016-11-27 00:59 - 2008-07-29 23:07 - 28487680 _____ C:\Users\User\Desktop\sb4setup.exe
2016-11-27 00:58 - 2016-11-27 00:58 - 27766733 _____ C:\Users\User\Downloads\squawkbox.zip
2016-11-26 19:45 - 2016-11-26 19:45 - 02599189 _____ C:\Users\User\Downloads\CRJ2_POSKY_FS9FSX_LHA3_DADME.zip
2016-11-26 19:23 - 2016-11-26 19:43 - 60493791 _____ C:\Users\User\Downloads\pos200fx.zip
2016-11-26 16:57 - 2016-11-26 16:57 - 17248991 _____ C:\Users\User\Downloads\AFAS6.zip
2016-11-26 16:57 - 2016-11-26 16:57 - 00046887 _____ C:\Users\User\Downloads\Bedienungsanleitung_AFAS_2.2-01.odt
2016-11-26 16:45 - 2016-11-26 16:45 - 14595297 _____ C:\Users\User\Downloads\pa320_basepack_fs9_2014-09-08.zip
2016-11-26 16:43 - 2016-11-26 16:43 - 06961600 _____ C:\Users\User\Downloads\A320_PA_FS9FSX_LHA3_DAABF.zip
2016-11-26 16:27 - 2016-11-26 16:27 - 03162141 _____ C:\Users\User\Downloads\DH8D_Majestic_FSX_LHA3_DABUD.zip
2016-11-26 16:19 - 2016-11-26 16:19 - 00000527 _____ C:\Users\User\Documents\pirep
2016-11-26 15:13 - 2016-11-26 15:13 - 00000061 ___SH C:\Windows\cnerolf.bin
2016-11-26 15:11 - 2016-11-26 15:11 - 00003126 _____ C:\Windows\System32\Tasks\{4732A461-F2FA-4F65-B3E6-C5F6F1AF4FDE}
2016-11-26 15:09 - 2016-11-26 15:09 - 03993096 _____ C:\Users\User\Downloads\FSUIPC4.zip
2016-11-26 15:09 - 2016-11-08 11:10 - 03810816 _____ (Peter L. Dowson) C:\Users\User\Desktop\Install FSUIPC4.exe
2016-11-26 15:05 - 2016-11-26 15:05 - 00000860 _____ C:\Users\User\Downloads\EDDF-ELLX.pln
2016-11-26 14:59 - 2016-11-26 18:19 - 00000000 ____D C:\Users\User\Desktop\XACARS for MSFS
2016-11-26 14:59 - 2016-11-26 14:59 - 00979161 _____ C:\Users\User\Downloads\XACARS_MSFS-de_DE-2.5.6.zip
2016-11-26 14:57 - 2016-11-26 14:57 - 01664059 _____ C:\Users\User\Downloads\fsacars4.zip
2016-11-26 14:57 - 2016-11-26 14:57 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FSacars
2016-11-26 14:57 - 2016-11-26 14:57 - 00000000 ____D C:\Program Files (x86)\FSacars
2016-11-26 14:57 - 2004-08-30 19:00 - 01778176 _____ C:\Users\User\Desktop\fsacars.msi
2016-11-26 14:51 - 2016-11-26 14:51 - 02455301 _____ C:\Users\User\Downloads\LHA Piloten-Handbuch 5. Ausgabe-pdf.zip
2016-11-26 14:51 - 2006-10-30 18:06 - 02793219 _____ C:\Users\User\Desktop\Piloten-Handbuch.pdf
2016-11-26 14:38 - 2016-12-02 01:34 - 00001904 _____ C:\Users\User\Desktop\vPilot.lnk
2016-11-26 14:38 - 2016-11-27 00:51 - 00000000 ____D C:\Users\User\Documents\vPilot Files
2016-11-26 14:38 - 2016-11-26 14:38 - 01912149 _____ C:\Users\User\Downloads\vPilot-Setup-1.1.5901.24775.exe
2016-11-26 14:38 - 2016-11-26 14:38 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vPilot
2016-11-26 14:38 - 2016-11-26 14:38 - 00000000 ____D C:\Users\User\AppData\Local\vPilot
2016-11-26 14:23 - 2016-11-26 14:23 - 00000000 ____D C:\Users\User\AppData\Local\Microsoft Game Studios
2016-11-26 14:23 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-11-26 14:23 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-11-26 14:23 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-11-26 14:23 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-11-26 14:23 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-11-26 14:23 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-11-26 14:23 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-11-26 14:23 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-11-26 14:23 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-11-26 14:23 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-11-26 14:23 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-11-26 14:23 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-11-26 14:23 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-11-26 14:23 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-11-26 14:23 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-11-26 14:23 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-11-26 14:23 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-11-26 14:23 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-11-26 14:23 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-11-26 14:23 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-11-26 14:23 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-11-26 14:23 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-11-26 14:23 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-11-26 14:23 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-11-26 14:23 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-11-26 14:23 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-11-26 14:23 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-11-26 14:23 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-11-26 14:23 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-11-26 14:23 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-11-26 14:23 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-11-26 14:23 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-11-26 14:23 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-11-26 14:23 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-11-26 14:23 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-11-26 14:23 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-11-26 14:23 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-11-26 14:23 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-11-26 14:23 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-11-26 14:23 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-11-26 14:23 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-11-26 14:23 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-11-26 14:23 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-11-26 14:23 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-11-26 14:23 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-11-26 14:23 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-11-26 14:23 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-11-26 14:23 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-11-26 14:23 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-11-26 14:23 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-11-26 14:23 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-11-26 14:23 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-11-26 14:23 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-11-26 14:23 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-11-26 14:23 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-11-26 14:23 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-11-26 14:23 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-11-26 14:23 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-11-26 14:23 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2016-11-26 14:19 - 2016-11-26 14:20 - 00000000 ____D C:\Users\User\Downloads\Microsoft.Flight.Simulator.X.Acceleration.Expansion.GERMAN-ENiGMA
2016-11-26 13:41 - 2016-11-26 13:45 - 482933672 _____ C:\Users\User\Downloads\e8c906f4d52e08c22244d63ecc2e7cba.part6.rar
2016-11-26 13:41 - 2016-11-26 13:44 - 524288000 _____ C:\Users\User\Downloads\e8c906f4d52e08c22244d63ecc2e7cba.part5.rar
2016-11-26 13:41 - 2016-11-26 13:44 - 524288000 _____ C:\Users\User\Downloads\e8c906f4d52e08c22244d63ecc2e7cba.part4.rar
2016-11-26 13:41 - 2016-11-26 13:44 - 524288000 _____ C:\Users\User\Downloads\e8c906f4d52e08c22244d63ecc2e7cba.part3.rar
2016-11-26 13:41 - 2016-11-26 13:44 - 524288000 _____ C:\Users\User\Downloads\e8c906f4d52e08c22244d63ecc2e7cba.part2.rar
2016-11-26 13:34 - 2016-11-26 13:42 - 524288000 _____ C:\Users\User\Downloads\e8c906f4d52e08c22244d63ecc2e7cba.part1.rar
2016-11-26 13:31 - 2016-11-26 15:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FsPassengersX
2016-11-26 13:30 - 2016-11-26 13:30 - 90220751 _____ C:\Users\User\Downloads\FSPassenger_X.zip
2016-11-26 13:30 - 2016-11-26 13:30 - 00000000 ____D C:\Users\User\Desktop\PSPX crack
2016-11-26 13:30 - 2015-11-10 14:37 - 88536024 _____ (SecondReality Software sarl) C:\Users\User\Desktop\FsPassengersX_setup.exe
2016-11-26 11:49 - 2016-11-26 15:32 - 00000000 ____D C:\Users\User\Documents\Flight Simulator X-Dateien
2016-11-26 11:43 - 2016-07-02 18:32 - 1442741564 _____ () C:\Users\User\Desktop\FSX_DE_Setup.exe
2016-11-26 10:50 - 2016-11-26 10:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Just Flight
2016-11-26 10:48 - 2016-11-26 11:43 - 00000000 ____D C:\Users\User\Downloads\Microsoft.Flight.Simulator.FSX.My.Traffic.X-SKIDROW
2016-11-26 10:40 - 2016-11-26 10:40 - 00000042 _____ C:\Users\User\Desktop\Neues Textdokument (2).txt
2016-11-26 09:23 - 2016-11-26 09:23 - 00000000 ___RD C:\Users\User\Desktop\CamSim Airbus 350-1000 V4 Lufthansa
2016-11-26 09:15 - 2016-11-26 09:15 - 00000000 ____D C:\Users\User\AppData\Local\World_of_AI
2016-11-26 09:14 - 2016-11-26 09:19 - 00000000 ____D C:\Users\User\Desktop\ai
2016-11-26 09:05 - 2016-11-26 09:05 - 00000000 _____ C:\Windows\system32\__00000001402FF151__C0000005.dmp
2016-11-26 08:57 - 2016-11-17 03:04 - 01953336 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437595.dll
2016-11-26 08:57 - 2016-11-17 03:04 - 01585088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437595.dll
2016-11-26 08:56 - 2016-11-26 09:05 - 00000000 ____D C:\Windows\system32\SSL
2016-11-26 08:55 - 2016-12-02 01:34 - 00001416 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-11-26 08:55 - 2016-11-26 08:58 - 00000000 ____D C:\Users\User\AppData\Local\GeoLocator
2016-11-26 08:54 - 2016-11-17 14:45 - 00101824 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-11-26 08:54 - 2016-11-17 14:45 - 00091584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-11-26 08:54 - 2016-11-17 14:45 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-11-26 08:52 - 2016-12-02 01:34 - 00002292 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2016-11-24 21:24 - 2016-11-24 21:24 - 01897142 _____ C:\Windows\53721adc3be20fefca9ac4a452af8226.exe
2016-11-23 18:29 - 2016-12-02 01:34 - 00001392 _____ C:\Users\User\Desktop\FS2004.lnk
2016-11-23 18:29 - 2016-11-23 18:29 - 00002992 _____ C:\Windows\System32\Tasks\{2EFA6E8F-7BD5-4E75-BB02-B7202C56991C}
2016-11-23 15:33 - 2016-11-23 15:33 - 00001109 _____ C:\Users\Public\Desktop\Die Sims™ 3 Traumkarrieren.lnk
2016-11-22 12:13 - 2016-11-22 12:13 - 00000000 _____ C:\Users\User\Desktop\Neues Textdokument.txt
2016-11-21 20:05 - 2016-11-21 20:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2016-11-20 20:44 - 2016-06-06 16:43 - 06873864 ____N (Softpointer Inc ) C:\Users\User\Desktop\TagRename397.exe
2016-11-20 20:44 - 2016-01-03 15:02 - 00280617 ____N C:\Users\User\Desktop\1080735366.bin
2016-11-20 20:21 - 2016-12-02 01:34 - 00002161 _____ C:\Users\Public\Desktop\Xperia Companion.lnk
2016-11-20 20:21 - 2016-11-20 20:21 - 00000000 ____D C:\Users\User\Documents\Sony
2016-11-20 20:21 - 2016-11-20 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-11-20 20:21 - 2016-11-20 20:21 - 00000000 ____D C:\Program Files\Sony
2016-11-20 20:21 - 2016-11-20 20:21 - 00000000 ____D C:\Program Files (x86)\Sony
2016-11-20 14:10 - 2016-12-02 01:34 - 00000987 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-11-20 14:10 - 2016-12-02 01:34 - 00000975 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-11-20 14:10 - 2016-12-01 12:29 - 00000000 ____D C:\Users\User\Desktop\Alte Firefox-Daten
2016-11-20 14:10 - 2016-12-01 10:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-20 14:10 - 2016-12-01 10:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-20 02:59 - 2016-12-04 16:10 - 00002460 _____ C:\Users\User\Desktop\Rkill.txt
2016-11-20 02:59 - 2016-11-20 02:59 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\User\Desktop\rkill.exe
2016-11-20 02:54 - 2016-11-20 02:54 - 00000000 ____D C:\ProgramData\Avira
2016-11-20 02:54 - 2016-11-20 02:54 - 00000000 ____D C:\ProgramData\Avg
2016-11-20 02:53 - 2016-12-02 01:23 - 00000000 ____D C:\Users\User\SoundProvider
2016-11-20 02:53 - 2016-11-27 12:56 - 00000000 ____D C:\Users\User\AppData\Roaming\Caduph
2016-11-20 02:53 - 2016-11-20 02:53 - 00006018 _____ C:\Windows\System32\Tasks\Stumuied Client
2016-11-20 02:53 - 2016-11-20 02:53 - 00000000 ____D C:\Users\User\AppData\Local\Clekilygrerde
2016-11-19 13:48 - 2016-12-02 01:34 - 00002198 _____ C:\Users\User\Desktop\MegaTrainer eXperience.lnk
2016-11-19 13:48 - 2016-12-02 01:34 - 00002185 _____ C:\Users\User\Desktop\MT-X - Anleitung.lnk
2016-11-19 13:48 - 2016-11-19 13:48 - 00000047 _____ C:\Users\User\Documents\mt-x_hook.txt
2016-11-19 13:48 - 2013-01-25 06:21 - 19965984 _____ ( ) C:\Users\User\Desktop\mt-x_1158_setup.exe
2016-11-19 13:45 - 2016-12-02 01:34 - 00001367 _____ C:\Users\Public\Desktop\MegaTrainer.lnk
2016-11-19 13:45 - 2016-11-19 13:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaTrainerUltimate
2016-11-19 13:45 - 2016-11-19 13:45 - 00000000 ____D C:\ProgramData\MegaTrainerUltimate
2016-11-19 13:00 - 2016-12-02 01:34 - 00000959 _____ C:\Users\Public\Desktop\Patrician IV - Rise of a Dynasty.lnk
2016-11-19 13:00 - 2016-12-02 01:34 - 00000941 _____ C:\Users\Public\Desktop\Patrician IV.lnk
2016-11-19 13:00 - 2016-11-19 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kalypso Media
2016-11-18 16:25 - 2016-12-06 17:29 - 00000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2016-11-16 23:47 - 2016-11-16 23:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1
2016-11-16 23:47 - 2016-11-16 23:47 - 00000000 ____D C:\Program Files\Steinberg
2016-11-16 23:45 - 2016-11-16 23:45 - 00000512 _____ C:\Users\User\Desktop\License.dat
2016-11-16 23:43 - 2016-12-06 17:27 - 00001648 _____ C:\Windows\Sandboxie.ini
2016-11-16 23:43 - 2016-12-02 01:34 - 00001020 _____ C:\Users\User\Desktop\Sandboxed Web Browser.lnk
2016-11-16 23:43 - 2016-11-16 23:43 - 00000000 ___RD C:\Sandbox
2016-11-16 23:43 - 2016-11-16 23:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2016-11-16 23:43 - 2016-11-16 23:43 - 00000000 ____D C:\Program Files\Sandboxie
2016-11-16 23:34 - 2016-11-16 23:35 - 00000000 ____D C:\Users\User\Desktop\HEADS WILL ROLL
2016-11-16 12:53 - 2016-11-16 12:53 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Axolot Games
2016-11-16 12:51 - 2016-11-16 12:51 - 00000000 ____D C:\Users\Gast\AppData\Roaming\tropico 5
2016-11-16 12:50 - 2016-11-16 12:50 - 00000000 ____D C:\Users\Gast\AppData\Roaming\tropico 4
2016-11-15 19:40 - 2016-12-02 01:34 - 00001245 _____ C:\Users\User\Desktop\taskmgr.lnk
2016-11-15 18:52 - 2016-11-15 18:52 - 00001785 _____ C:\Users\Nadine\Desktop\Word .lnk
2016-11-15 18:52 - 2016-11-15 18:52 - 00000000 ____D C:\Users\Nadine\AppData\Local\CEF
2016-11-15 18:51 - 2016-11-15 18:51 - 00000000 ____D C:\Users\Nadine\AppData\Roaming\Mozilla
2016-11-15 18:51 - 2016-11-15 18:51 - 00000000 ____D C:\Users\Nadine\AppData\Roaming\Intel Corporation
2016-11-15 18:51 - 2016-11-15 18:51 - 00000000 ____D C:\Users\Nadine\AppData\Local\Mozilla
2016-11-15 18:50 - 2016-11-29 20:46 - 00114944 _____ C:\Users\Nadine\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-15 18:50 - 2016-11-15 18:52 - 00000000 ____D C:\Users\Nadine\AppData\Local\NVIDIA Corporation
2016-11-15 18:50 - 2016-11-15 18:50 - 00001425 _____ C:\Users\Nadine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-11-15 18:50 - 2016-11-15 18:50 - 00000020 ___SH C:\Users\Nadine\ntuser.ini
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Vorlagen
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Startmenü
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Netzwerkumgebung
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Lokale Einstellungen
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Eigene Dateien
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Druckumgebung
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Documents\Eigene Videos
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Documents\Eigene Musik
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Documents\Eigene Bilder
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\AppData\Local\Verlauf
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\AppData\Local\Anwendungsdaten
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Anwendungsdaten
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 ____D C:\Users\Nadine\AppData\Roaming\AVAST Software
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 ____D C:\Users\Nadine\AppData\Roaming\Adobe
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 ____D C:\Users\Nadine\AppData\Local\VirtualStore
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 ____D C:\Users\Nadine\AppData\Local\Razer
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 ____D C:\Users\Nadine\AppData\Local\NVIDIA
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 ____D C:\Users\Nadine\AppData\Local\Google
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 ____D C:\Users\Nadine
2016-11-15 18:50 - 2016-07-04 18:48 - 00002124 _____ C:\Users\Nadine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-11-15 18:50 - 2011-04-12 09:28 - 00000000 ____D C:\Users\Nadine\AppData\Roaming\Media Center Programs
2016-11-15 17:44 - 2016-11-15 17:44 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Macromedia
2016-11-15 17:44 - 2016-11-15 17:44 - 00000000 ____D C:\Users\Gast\AppData\Local\Macromedia
2016-11-15 17:40 - 2016-11-15 17:40 - 00001781 _____ C:\Users\Gast\Desktop\Word.lnk
2016-11-15 13:53 - 2016-11-15 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2016-11-15 13:52 - 2016-11-15 17:40 - 00000000 ____D C:\xampp
2016-11-14 14:13 - 2016-11-14 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANNO 1503
2016-11-14 11:20 - 2016-11-14 11:20 - 00003150 _____ C:\Windows\System32\Tasks\{3F138AF1-2993-4400-8D86-ECA499A76DD4}
2016-11-14 11:16 - 2016-09-17 02:12 - 00044144 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2016-11-13 21:45 - 2016-11-13 21:46 - 00036892 _____ C:\Windows\SysWOW64\bassmod.dll
2016-11-13 21:35 - 2016-11-13 21:35 - 00000000 ____D C:\Users\User\Documents\ANNO 2070
2016-11-13 19:04 - 2016-11-19 00:24 - 00000000 ____D C:\Users\User\Documents\The Witcher 3
2016-11-13 19:02 - 2016-11-13 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-11-13 15:31 - 2016-11-13 15:31 - 00000000 ____D C:\Users\User\Documents\Anno 2205
2016-11-13 15:31 - 2016-11-13 15:31 - 00000000 ____D C:\Users\User\AppData\Roaming\uplay
2016-11-13 15:30 - 2016-12-02 01:34 - 00000893 _____ C:\Users\User\Desktop\Anno 2205.lnk
2016-11-13 15:30 - 2016-11-13 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anno 2205
2016-11-13 14:01 - 2016-11-13 14:01 - 00303616 _____ C:\Windows\system32\Drivers\atksgt.sys
2016-11-13 14:01 - 2016-11-13 14:01 - 00035328 _____ C:\Windows\system32\Drivers\lirsgt.sys
2016-11-13 14:01 - 2016-11-13 14:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anno 1701
2016-11-11 23:20 - 2016-11-11 23:20 - 00002247 _____ C:\Users\Gast\Desktop\Google Chrome.lnk
2016-11-11 17:44 - 2016-11-11 17:44 - 00000000 ____D C:\Users\User\AppData\Local\2K Games
2016-11-11 17:04 - 2016-12-02 01:34 - 00000509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia III.lnk
2016-11-10 12:07 - 2016-11-10 12:07 - 00000201 _____ C:\Users\User\Desktop\Anno 1404 Venice.url
2016-11-09 21:19 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-09 21:19 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-11-09 21:19 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-09 21:19 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-11-09 21:19 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-11-09 21:19 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-09 21:19 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-11-09 21:19 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-11-09 21:19 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-11-09 21:19 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-09 21:19 - 2016-10-28 04:59 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-09 21:19 - 2016-10-28 04:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-09 21:19 - 2016-10-27 20:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-09 21:19 - 2016-10-27 20:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-09 21:19 - 2016-10-27 19:55 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-09 21:19 - 2016-10-27 19:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-09 21:19 - 2016-10-27 19:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-09 21:19 - 2016-10-27 19:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-09 21:19 - 2016-10-27 19:53 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-09 21:19 - 2016-10-27 19:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-09 21:19 - 2016-10-27 19:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-09 21:19 - 2016-10-27 19:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-09 21:19 - 2016-10-27 19:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-09 21:19 - 2016-10-27 19:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-09 21:19 - 2016-10-27 19:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-09 21:19 - 2016-10-27 19:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-09 21:19 - 2016-10-27 19:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-09 21:19 - 2016-10-27 19:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-09 21:19 - 2016-10-27 19:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-09 21:19 - 2016-10-27 19:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-09 21:19 - 2016-10-27 19:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-09 21:19 - 2016-10-27 19:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-09 21:19 - 2016-10-27 19:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-09 21:19 - 2016-10-27 19:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-09 21:19 - 2016-10-27 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-09 21:19 - 2016-10-27 19:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-09 21:19 - 2016-10-27 19:02 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-09 21:19 - 2016-10-27 18:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-09 21:19 - 2016-10-27 18:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-09 21:19 - 2016-10-27 18:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-09 21:19 - 2016-10-27 18:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-09 21:19 - 2016-10-27 18:44 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-09 21:19 - 2016-10-27 18:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-09 21:19 - 2016-10-27 18:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-09 21:19 - 2016-10-27 18:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-09 21:19 - 2016-10-27 17:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-09 21:19 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-09 21:19 - 2016-10-25 16:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-09 21:19 - 2016-10-22 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-09 21:19 - 2016-10-22 18:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-09 21:19 - 2016-10-22 18:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-09 21:19 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-09 21:19 - 2016-10-22 18:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-09 21:19 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-09 21:19 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-09 21:19 - 2016-10-22 18:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-09 21:19 - 2016-10-22 18:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-09 21:19 - 2016-10-22 18:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-09 21:19 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-09 21:19 - 2016-10-22 18:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-09 21:19 - 2016-10-22 18:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-09 21:19 - 2016-10-22 18:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-09 21:19 - 2016-10-22 18:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-09 21:19 - 2016-10-22 18:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-09 21:19 - 2016-10-22 17:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-09 21:19 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-09 21:19 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-09 21:19 - 2016-10-22 17:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-09 21:19 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-09 21:19 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-09 21:19 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-09 21:19 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-09 21:19 - 2016-10-22 17:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-09 21:19 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-09 21:19 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-09 21:19 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-09 21:19 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-09 21:19 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-09 21:19 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-09 21:19 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-09 21:19 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-09 21:19 - 2016-10-11 16:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-09 21:19 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-11-09 21:19 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-09 21:19 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-11-09 21:19 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-11-09 21:19 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-09 21:19 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-11-09 21:19 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-11-09 21:19 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-11-09 21:19 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-11-09 21:19 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-11-09 21:19 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-11-09 21:19 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-11-09 21:19 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-09 21:19 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-11-09 21:19 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-09 21:19 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-11-09 21:19 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-09 21:19 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-09 21:19 - 2016-10-10 16:38 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-09 21:19 - 2016-10-10 16:38 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-09 21:19 - 2016-10-10 16:34 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-09 21:19 - 2016-10-10 16:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-09 21:19 - 2016-10-10 16:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-09 21:19 - 2016-10-10 16:34 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-09 21:19 - 2016-10-10 16:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-09 21:19 - 2016-10-10 15:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-09 21:19 - 2016-10-10 15:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-09 21:19 - 2016-10-10 15:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-09 21:19 - 2016-10-10 15:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-09 21:19 - 2016-10-10 15:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-09 21:19 - 2016-10-10 15:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-09 21:19 - 2016-10-07 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-09 21:19 - 2016-10-07 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-09 21:19 - 2016-10-07 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-09 21:19 - 2016-10-07 16:35 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:18 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-09 21:19 - 2016-10-07 16:18 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-09 21:19 - 2016-10-07 16:15 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:04 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-09 21:19 - 2016-10-07 16:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-09 21:19 - 2016-10-07 16:04 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-09 21:19 - 2016-10-07 16:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-09 21:19 - 2016-10-07 16:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-09 21:19 - 2016-10-07 15:56 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-09 21:19 - 2016-10-07 15:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-09 21:19 - 2016-10-07 15:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-09 21:19 - 2016-10-07 15:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-09 21:19 - 2016-10-07 15:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-09 21:19 - 2016-10-07 15:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 15:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 15:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 15:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-09 21:19 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-09 21:19 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-11-09 21:19 - 2016-09-13 16:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-11-09 21:19 - 2016-09-13 16:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-11-09 21:19 - 2016-09-09 19:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-09 21:19 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-11-09 21:19 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll

Botto97 · 06.12.2016, 18:25

Code:

ATTFilter

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-06 17:37 - 2016-05-20 20:19 - 00000000 ____D C:\Users\User\AppData\Roaming\Origin
2016-12-06 17:31 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-12-06 17:27 - 2016-05-20 20:18 - 00000000 ____D C:\ProgramData\Origin
2016-12-06 17:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-06 17:27 - 2009-01-01 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-12-06 17:27 - 2009-01-01 00:24 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-06 17:27 - 2009-01-01 00:23 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-06 17:26 - 2016-10-22 16:21 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-06 17:26 - 2016-10-22 16:21 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-06 17:25 - 2016-06-07 02:13 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps
2016-12-06 17:13 - 2016-11-04 15:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-06 11:19 - 2016-05-20 20:17 - 00000000 ____D C:\Program Files (x86)\Origin
2016-12-06 11:17 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-06 11:17 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-06 11:08 - 2013-01-28 08:58 - 00736146 _____ C:\Windows\system32\perfh013.dat
2016-12-06 11:08 - 2013-01-28 08:58 - 00153312 _____ C:\Windows\system32\perfc013.dat
2016-12-06 11:08 - 2013-01-28 08:55 - 00732694 _____ C:\Windows\system32\perfh010.dat
2016-12-06 11:08 - 2013-01-28 08:55 - 00147056 _____ C:\Windows\system32\perfc010.dat
2016-12-06 11:08 - 2013-01-28 08:53 - 00738364 _____ C:\Windows\system32\perfh00C.dat
2016-12-06 11:08 - 2013-01-28 08:53 - 00149790 _____ C:\Windows\system32\perfc00C.dat
2016-12-06 11:08 - 2013-01-28 08:50 - 00738104 _____ C:\Windows\system32\perfh00A.dat
2016-12-06 11:08 - 2013-01-28 08:50 - 00158684 _____ C:\Windows\system32\perfc00A.dat
2016-12-06 11:08 - 2013-01-28 08:48 - 00700146 _____ C:\Windows\system32\perfh007.dat
2016-12-06 11:08 - 2013-01-28 08:48 - 00149784 _____ C:\Windows\system32\perfc007.dat
2016-12-06 11:08 - 2009-07-14 06:13 - 05176728 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-06 11:07 - 2016-11-04 15:10 - 00002882 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (User)
2016-12-06 11:02 - 2016-07-19 17:45 - 00000000 ____D C:\Users\User\AppData\Local\Overwolf
2016-12-06 11:02 - 2016-05-17 08:33 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-12-06 11:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-02 01:34 - 2016-10-22 16:21 - 00001164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-02 01:34 - 2016-10-18 19:35 - 00000681 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crazy Machines 3.lnk
2016-12-02 01:34 - 2016-10-17 13:34 - 00000881 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Suite.lnk
2016-12-02 01:34 - 2016-10-07 20:58 - 00000857 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Big Pharma Marketing and Malpractice.lnk
2016-12-02 01:34 - 2016-09-21 12:11 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-12-02 01:34 - 2016-08-25 13:38 - 00001272 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\OpenIV.lnk
2016-12-02 01:34 - 2016-08-11 13:12 - 00000737 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bus Simulator 16.lnk
2016-12-02 01:34 - 2016-07-18 11:16 - 00001058 _____ C:\Users\User\Desktop\Freenet.lnk
2016-12-02 01:34 - 2016-07-05 00:27 - 00002591 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-12-02 01:34 - 2016-07-04 18:48 - 00002176 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002372 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-12-02 01:34 - 2016-07-01 16:07 - 00001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-12-02 01:34 - 2016-06-16 22:26 - 00001084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk
2016-12-02 01:34 - 2016-06-16 22:21 - 00001534 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-12-02 01:34 - 2016-06-13 20:24 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-12-02 01:34 - 2016-06-12 17:06 - 00000673 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project CARS.lnk
2016-12-02 01:34 - 2016-06-09 14:33 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-12-02 01:34 - 2016-05-30 20:45 - 00001785 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-12-02 01:34 - 2016-05-21 10:05 - 00000973 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2016-12-02 01:34 - 2016-05-17 07:33 - 00000879 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-12-02 01:34 - 2014-06-17 20:35 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-12-02 01:34 - 2014-06-17 20:35 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-12-02 01:34 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-02 01:34 - 2009-07-14 06:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-12-02 01:34 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-12-02 01:34 - 2009-07-14 05:57 - 00001352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-12-02 01:34 - 2009-07-14 05:57 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-12-02 01:34 - 2009-07-14 05:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-12-02 01:34 - 2009-07-14 05:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-12-02 01:34 - 2009-07-14 05:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-12-02 01:15 - 2016-06-09 17:39 - 00000000 ____D C:\Users\User\AppData\Roaming\UseNeXT
2016-12-01 20:52 - 2016-11-04 15:16 - 00491536 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-12-01 20:52 - 2014-10-16 17:54 - 17373312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-12-01 20:52 - 2014-10-16 17:54 - 14410120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-12-01 20:52 - 2014-10-16 17:54 - 03941536 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-12-01 20:52 - 2014-10-16 17:54 - 03479560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-12-01 20:52 - 2009-01-01 00:23 - 00041344 _____ C:\Windows\system32\nvinfo.pb
2016-12-01 19:34 - 2016-05-20 20:20 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-12-01 18:33 - 2016-08-24 08:47 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2016-12-01 18:32 - 2016-05-28 11:44 - 00546752 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-12-01 18:32 - 2016-05-28 11:44 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-12-01 18:32 - 2009-01-01 00:24 - 06384576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-12-01 18:32 - 2009-01-01 00:24 - 02475968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-12-01 18:32 - 2009-01-01 00:24 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-12-01 18:32 - 2009-01-01 00:24 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-12-01 18:32 - 2009-01-01 00:24 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-12-01 10:49 - 2016-08-31 11:08 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller
2016-12-01 10:48 - 2016-05-17 16:15 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-30 13:28 - 2016-07-05 00:26 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2016-11-30 10:34 - 2009-01-01 00:24 - 07607057 _____ C:\Windows\system32\nvcoproc.bin
2016-11-30 09:57 - 2009-07-14 05:45 - 00417608 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-29 12:56 - 2016-06-07 02:20 - 00000000 ____D C:\Users\User\Documents\Flight Simulator X Files
2016-11-29 12:23 - 2016-05-17 07:34 - 00114944 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-28 23:46 - 2016-07-19 17:46 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-11-28 20:21 - 2016-06-06 21:24 - 00000000 ____D C:\Users\User\AppData\Local\Ubisoft Game Launcher
2016-11-28 19:28 - 2016-07-19 17:46 - 00000002 _____ C:\END
2016-11-28 19:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-11-28 14:52 - 2016-06-13 20:24 - 00000000 ____D C:\Users\User\Documents\Flight Simulator-Dateien
2016-11-28 10:41 - 2016-06-12 16:51 - 00000000 ____D C:\Users\User\AppData\Roaming\DAEMON Tools Lite
2016-11-28 10:02 - 2016-07-01 16:06 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-11-27 14:24 - 2016-08-11 12:53 - 00000000 ____D C:\Users\User\AppData\Roaming\tropico 5
2016-11-26 10:50 - 2016-05-17 16:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-11-26 09:08 - 2016-07-04 18:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-11-26 09:07 - 2016-07-04 18:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-11-26 08:55 - 2016-09-21 08:29 - 00003590 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-26 08:55 - 2016-08-01 15:08 - 00003828 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-26 08:55 - 2016-08-01 15:08 - 00003828 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-26 08:55 - 2016-08-01 15:08 - 00003778 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-26 08:55 - 2016-08-01 15:08 - 00003766 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-26 08:55 - 2016-08-01 15:08 - 00003530 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-26 08:55 - 2009-01-01 00:23 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-11-26 08:55 - 2009-01-01 00:23 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-11-26 08:54 - 2016-11-04 15:21 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-26 08:54 - 2016-05-20 20:24 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-26 08:54 - 2016-05-20 20:24 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-26 08:54 - 2016-05-20 20:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-26 08:54 - 2016-05-20 20:24 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-26 08:53 - 2016-07-19 10:46 - 00000000 ____D C:\ProgramData\ProductData
2016-11-26 08:52 - 2016-11-04 15:10 - 00003250 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2016-11-26 08:52 - 2016-11-04 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2016-11-26 08:49 - 2009-07-14 06:08 - 00032628 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-11-24 21:54 - 2016-11-04 15:16 - 00491536 _____ (NVIDIA Corporation) C:\Windows\system32\SET54BF.tmp
2016-11-24 21:54 - 2014-10-16 17:54 - 17373312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\SET5B1B.tmp
2016-11-24 21:54 - 2014-10-16 17:54 - 14410120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\SET57E7.tmp
2016-11-24 21:54 - 2014-10-16 17:54 - 03941720 _____ (NVIDIA Corporation) C:\Windows\system32\SET4FE2.tmp
2016-11-24 21:54 - 2014-10-16 17:54 - 03479744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\SET55D0.tmp
2016-11-24 00:18 - 2016-08-16 16:11 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
2016-11-23 17:43 - 2016-07-19 15:05 - 00000015 _____ C:\Users\User\AppData\Local\X-Plane_drm.prf
2016-11-23 11:53 - 2016-05-21 20:40 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2016-11-23 11:52 - 2016-05-21 20:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-23 11:52 - 2016-05-21 20:39 - 00000000 ____D C:\ProgramData\Skype
2016-11-21 19:45 - 2016-07-19 17:46 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2016-11-20 20:18 - 2016-03-29 10:12 - 00000000 ____D C:\Users\User\Desktop\Xperia_Z3_Compact
2016-11-20 16:52 - 2016-10-17 11:57 - 00000000 ____D C:\Users\User\Documents\Bewerbung
2016-11-20 02:54 - 2016-07-19 10:46 - 00000000 ____D C:\Program Files (x86)\IObit
2016-11-20 02:54 - 2016-07-01 22:29 - 00000000 ____D C:\Program Files (x86)\OpenAL
2016-11-20 02:54 - 2016-06-20 23:23 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2016-11-20 02:54 - 2016-06-09 17:39 - 00000000 ____D C:\Program Files (x86)\UseNeXT
2016-11-20 02:53 - 2016-10-29 15:52 - 00000000 ___HD C:\Program Files (x86)\Zero G Registry
2016-11-20 02:53 - 2016-10-23 09:51 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-11-20 02:53 - 2016-10-23 09:50 - 00000000 ____D C:\Program Files (x86)\WinISO Computing
2016-11-20 02:53 - 2016-10-18 15:10 - 00000000 ____D C:\Program Files (x86)\Novation
2016-11-20 02:53 - 2016-10-17 11:36 - 00000000 ____D C:\Program Files (x86)\VirtualDJ
2016-11-20 02:53 - 2016-10-05 10:40 - 00000000 ____D C:\Program Files (x86)\Software2000
2016-11-20 02:53 - 2016-09-22 15:29 - 00000000 ____D C:\Program Files (x86)\GameDog
2016-11-20 02:53 - 2016-09-22 15:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2016-11-20 02:53 - 2016-09-21 12:11 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-11-20 02:53 - 2016-09-15 22:55 - 00000000 ____D C:\Program Files (x86)\Pidgin
2016-11-20 02:53 - 2016-09-14 11:42 - 00000000 ____D C:\Program Files (x86)\GNU
2016-11-20 02:53 - 2016-09-09 15:40 - 00000000 ____D C:\Program Files (x86)\The Mighty Quest For Epic Loot
2016-11-20 02:53 - 2016-09-06 20:38 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2016-11-20 02:53 - 2016-09-06 20:38 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2016-11-20 02:53 - 2016-09-06 20:36 - 00000000 ____D C:\Program Files (x86)\Image-Line
2016-11-20 02:53 - 2016-08-22 13:19 - 00000000 ____D C:\Program Files (x86)\Windows Media Components
2016-11-20 02:53 - 2016-08-21 20:10 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-11-20 02:53 - 2016-08-16 16:10 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-11-20 02:53 - 2016-07-05 00:21 - 00000000 ____D C:\Program Files (x86)\BitTyrant
2016-11-20 02:53 - 2016-07-05 00:20 - 00000000 ____D C:\Program Files (x86)\Azureus
2016-11-20 02:53 - 2016-07-04 20:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2016-11-20 02:53 - 2016-07-04 20:38 - 00000000 ____D C:\Program Files (x86)\NuGet
2016-11-20 02:53 - 2016-07-04 20:36 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2016-11-20 02:53 - 2016-07-04 20:35 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-11-20 02:53 - 2016-07-04 20:35 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-11-20 02:53 - 2016-07-04 20:35 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-11-20 02:53 - 2016-07-04 20:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2016-11-20 02:53 - 2016-07-04 20:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2016-11-20 02:53 - 2016-07-04 18:48 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-11-20 02:53 - 2016-07-02 09:11 - 00000000 ____D C:\Program Files (x86)\MegaDev
2016-11-20 02:53 - 2016-07-01 22:30 - 00000000 ____D C:\Program Files (x86)\Xvid
2016-11-20 02:53 - 2016-06-27 18:40 - 00000000 ____D C:\Program Files (x86)\Minecraft
2016-11-20 02:53 - 2016-06-17 00:02 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2016-11-20 02:53 - 2016-06-16 22:56 - 00000000 ____D C:\Program Files (x86)\SQL Anywhere 16
2016-11-20 02:53 - 2016-06-09 21:19 - 00000000 ____D C:\Program Files (x86)\Java
2016-11-20 02:53 - 2016-06-09 14:33 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-11-20 02:53 - 2016-06-09 14:33 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-11-20 02:53 - 2016-06-07 02:16 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2016-11-20 02:53 - 2016-06-02 21:56 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.5.1
2016-11-20 02:53 - 2016-05-21 10:08 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-11-20 02:53 - 2016-05-21 09:49 - 00000000 ____D C:\Program Files (x86)\Google
2016-11-20 02:53 - 2016-05-21 09:33 - 00000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2016-11-20 02:53 - 2016-05-21 09:32 - 00000000 ____D C:\Program Files (x86)\Razer
2016-11-20 02:53 - 2016-05-20 20:40 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2016-11-20 02:53 - 2016-05-17 16:19 - 00000000 ____D C:\Program Files (x86)\Intel
2016-11-20 02:53 - 2016-05-17 16:16 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-11-20 02:53 - 2016-05-17 16:16 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-11-20 02:53 - 2016-05-17 16:15 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-11-20 02:53 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-11-20 02:53 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-11-20 02:53 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-11-20 02:53 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-11-20 02:53 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-11-20 02:53 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-11-20 02:53 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-11-19 18:19 - 2016-08-11 14:06 - 00000000 ____D C:\Users\User\AppData\Roaming\Kalypso Media
2016-11-19 13:50 - 2016-07-02 09:13 - 00000007 _____ C:\Users\User\Documents\mt-e_hook.txt
2016-11-17 14:45 - 2016-05-28 11:40 - 01854400 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-11-17 14:45 - 2016-05-28 11:40 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-11-17 14:45 - 2016-05-28 11:40 - 01452480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-11-17 14:45 - 2016-05-28 11:40 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-11-17 14:45 - 2016-05-28 11:40 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-11-16 12:53 - 2016-07-27 20:30 - 00000000 ____D C:\Users\Gast\Documents\My Games
2016-11-16 12:28 - 2016-06-02 22:04 - 00000000 ____D C:\Users\User\AppData\Local\Arma 3 Launcher
2016-11-16 12:16 - 2016-06-02 22:04 - 00000000 ____D C:\Users\User\AppData\Local\Arma 3
2016-11-15 13:34 - 2016-07-01 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
2016-11-15 13:33 - 2016-09-15 21:40 - 00000000 ____D C:\Users\User\AppData\Roaming\Nox
2016-11-15 13:33 - 2016-09-15 21:40 - 00000000 ____D C:\Users\User\AppData\Local\Nox
2016-11-15 13:33 - 2016-07-19 10:45 - 00000000 ____D C:\Users\User\AppData\Roaming\IObit
2016-11-15 13:32 - 2016-07-04 18:49 - 00000000 ____D C:\Program Files\KMSpico
2016-11-15 13:31 - 2016-10-10 21:26 - 00000000 ____D C:\Users\User\AppData\Local\Apple Inc
2016-11-15 13:31 - 2016-06-09 14:33 - 00000000 ____D C:\Users\User\AppData\Roaming\Apple Computer
2016-11-15 13:31 - 2016-06-09 14:32 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-11-13 23:56 - 2016-10-28 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-11-13 23:56 - 2016-10-28 21:09 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2016-11-13 19:01 - 2016-08-24 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-11-13 18:57 - 2016-06-28 21:57 - 00000000 ____D C:\Users\User\AppData\Roaming\Ubisoft
2016-11-13 15:09 - 2016-05-21 10:05 - 00000000 ____D C:\Users\User\AppData\Roaming\TS3Client
2016-11-12 20:08 - 2016-07-01 21:21 - 00000000 ____D C:\Users\User\Documents\Anno 1404
2016-11-12 20:08 - 2016-06-28 22:34 - 00000000 ____D C:\Users\User\Documents\ANNO 1404 Venedig
2016-11-11 23:21 - 2016-06-19 16:04 - 00000000 ____D C:\Users\Gast\AppData\Local\NVIDIA Corporation
2016-11-11 23:20 - 2016-06-19 16:04 - 00111400 _____ C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-09 23:15 - 2014-06-17 22:46 - 00000000 ____D C:\Windows\system32\MRT
2016-11-09 23:12 - 2014-06-17 22:46 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-09 13:43 - 2016-10-28 20:33 - 00000000 ____D C:\Users\User\AppData\Local\Skyrim Special Edition

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-06-27 14:55 - 2016-08-23 13:16 - 0000099 _____ () C:\Users\User\AppData\Roaming\LauncherSettings_live.cfg
2016-06-27 14:27 - 2016-06-27 14:27 - 0000040 _____ () C:\Users\User\AppData\Roaming\TheHunterSettings_steam_live.cfg
2016-11-28 16:50 - 2016-11-28 16:50 - 0000017 _____ () C:\Users\User\AppData\Local\resmon.resmoncfg
2016-07-19 15:05 - 2016-11-23 17:43 - 0000015 _____ () C:\Users\User\AppData\Local\X-Plane_drm.prf
2016-07-19 15:05 - 2016-07-22 09:13 - 0000061 _____ () C:\Users\User\AppData\Local\x-plane_install_10.txt
2016-05-17 16:17 - 2016-05-17 16:17 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-07-07 18:05 - 2016-07-07 18:05 - 0000111 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc

Einige Dateien in TEMP:
====================
C:\Users\User\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\User\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\User\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-12-04 15:48

==================== Ende von FRST.txt ============================

M-K-D-B · 06.12.2016, 20:56

Servus,

also es ist noch einiges an Adware auf dem PC, was auch der Grund für deine Probleme sein wird... Firefox ist infiziert, Google Chrome ebenso... aktive Adware läuft immer noch.

Hast du eigentlich Zemana schon wieder deinstalliert (ich sehe nämlich noch einiges an Resten davon auf dem PC)?
Sollen wir das später auch vollständig wieder mit entfernen?

Dann starten wir mal:

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- Image File Execution Options Schlüssel
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Internet Explorer Richtlinien
- Chrome Richtlinien
- Chrome Einstellungen
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von JRT,
die beiden neuen Logdateien von FRST.

Botto97 · 06.12.2016, 22:32

Danke für die Tipps

Hier die Log Files

Code:

ATTFilter

# AdwCleaner v6.040 - Bericht erstellt am 06/12/2016 um 22:03:46
# Aktualisiert am 02/12/2016 von Malwarebytes
# Datenbank : 2016-12-06.1 [Lokal]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : User - USER-PC
# Gestartet von : C:\Users\User\Downloads\AdwCleaner_6.040.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

[-] Dienst gelöscht: ed2kidle


***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\User\SoundProvider
[-] Ordner gelöscht: C:\ProgramData\WinSAPSvc
[-] Ordner gelöscht: C:\Program Files (x86)\WinArcher
[-] Ordner gelöscht: C:\Program Files (x86)\UvConverter
[-] Ordner gelöscht: C:\Users\User\AppData\Roaming\Mozilla\Firefox\naweriweentcofise


***** [ Dateien ] *****

[-] Datei gelöscht: C:\END


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****

[-] Aufgabe gelöscht: Microsoft\Windows\Multimedia\SoundProvider
[-] Aufgabe gelöscht: Stumuied Client


AdwCleaner


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\ompndb
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\jhdbca
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\ompndb
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\jhdbca
[-] Schlüssel gelöscht: HKLM\SOFTWARE\ompndb
[-] Schlüssel gelöscht: HKLM\SOFTWARE\jhdbca
[-] Schlüssel gelöscht: HKLM\SOFTWARE\YTBMusicBox
[-] Schlüssel gelöscht: HKLM\SOFTWARE\WinArcher
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\ompndb
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\jhdbca
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Installer\Features\F39E5917C417B4041A46F88010121C6E
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Installer\Products\F39E5917C417B4041A46F88010121C6E
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F39E5917C417B4041A46F88010121C6E
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F39E5917C417B4041A46F88010121C6E
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Installer\Features\F39E5917C417B4041A46F88010121C6E
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Installer\Products\F39E5917C417B4041A46F88010121C6E
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [WinSAPSvc]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost [ArcherGroupEx]


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: TCP/IP Einstellungen zurückgesetzt
:: BITS Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
:: Chrome Einstellungen zurückgesetzt: C:\Users\User\AppData\Local\Google\Chrome\User Data\ChromeDefaultData

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3784 Bytes] - [06/12/2016 22:03:46]
C:\AdwCleaner\AdwCleaner[S0].txt - [3473 Bytes] - [06/12/2016 22:02:52]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3930 Bytes] ##########

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 06.12.2016
Suchlaufzeit: 22:08
Protokolldatei: 
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.12.06.09
Rootkit-Datenbank: v2016.11.20.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: User

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 434713
Abgelaufene Zeit: 4 Min., 43 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 1
PUP.Optional.GeoLocator, C:\Users\User\AppData\Local\GeoLocator, In Quarantäne, [c65b598bc3d771c5ec606c343ec28f71], 

Dateien: 8
PUP.Optional.GeoLocator, C:\Users\User\AppData\Local\GeoLocator\unins000.dat, In Quarantäne, [c65b598bc3d771c5ec606c343ec28f71], 
PUP.Optional.GeoLocator, C:\Users\User\AppData\Local\GeoLocator\unins000.exe, In Quarantäne, [c65b598bc3d771c5ec606c343ec28f71], 
PUP.Optional.Trotux, C:\Users\User\AppData\Roaming\Profiles\Gagckgrelecult.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.defaultenginename", "trotux");), Ersetzt,[df42aa3ad2c86bcba64d8dac8779d927]
PUP.Optional.Trotux, C:\Users\User\AppData\Roaming\Profiles\Gagckgrelecult.default\prefs.js, Gut: (), Schlecht: (ge toser_pref("app.update.enabled", false);
user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1479505249);
user_pref("app.update.lastUpdateTime.background-), Ersetzt,[68b9d90bfaa01f17f300f940e41ce21e]
PUP.Optional.Trotux, C:\Users\User\AppData\Roaming\Profiles\Gagckgrelecult.default\prefs.js, Gut: (), Schlecht: (astUpdateTime.addon-background-update-timer", 1479505249);
user_pref("app.update.lastUpdateTime.background-update-timer", 1479559534);
user_pref("app.update.lastUpdateTime.blocklist-background-upda), Ersetzt,[73aeaa3a0b8f71c5cd2674c514ec7c84]
PUP.Optional.Trotux, C:\Users\User\AppData\Roaming\Profiles\Gagckgrelecult.default\prefs.js, Gut: (), Schlecht: (e-timer", 1479559534);
user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1479505369);
user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1479579239);
user_pref), Ersetzt,[53ce18cc2773c76fba393cfdcd3333cd]
PUP.Optional.Trotux, C:\Users\User\AppData\Roaming\Profiles\Gagckgrelecult.default\prefs.js, Gut: (), Schlecht: (kground-update-timer", 1479505249);
user_pref("app.u), Ersetzt,[1a07ca1a53475cda985b5adf40c07f81]
PUP.Optional.Trotux, C:\Users\User\AppData\Roaming\Profiles\Gagckgrelecult.default\prefs.js, Gut: (), Schlecht: (d-update-timer", 1479505369);
user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 1479579239);
user_pref("app.update.lastUpdateTime.experiments-update-tim), Ersetzt,[b170677d5c3e58de945ff346ac5450b0]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 7 Professional x64 
Ran by User (Administrator) on 06.12.2016 at 22:27:36,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 40 

Successfully deleted: C:\ProgramData\iobit\driver booster (Folder) 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\User\AppData\Local\crashrpt (Folder) 
Successfully deleted: C:\Users\User\AppData\Roaming\iobit\driver booster (Folder) 
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster Beta SkipUAC (User) (Task)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster Scheduler (Task)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster SkipUAC (User) (Task)
Successfully deleted: C:\Program Files (x86)\iobit\driver booster (Folder) 
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0IYOEXIA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0OHDNLGN (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6057VXI6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9O863PPX (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JC0OLNMC (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KOJ6CD5U (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PTFCP5U0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWX1VKEM (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UJNC4XMF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VK6I5GDF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XO2656CZ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YE1XB4D0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0IYOEXIA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0OHDNLGN (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6057VXI6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9O863PPX (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JC0OLNMC (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KOJ6CD5U (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PTFCP5U0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RWX1VKEM (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UJNC4XMF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VK6I5GDF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XO2656CZ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YE1XB4D0 (Temporary Internet Files Folder) 



Registry: 1 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.12.2016 at 22:28:48,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-12-2016
durchgeführt von User (06-12-2016 22:30:10)
Gestartet von C:\Users\User\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-05-17 06:32:56)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1652729561-1798351166-2891734009-500 - Administrator - Disabled)
Gast (S-1-5-21-1652729561-1798351166-2891734009-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1652729561-1798351166-2891734009-1013 - Limited - Enabled)
Nadine (S-1-5-21-1652729561-1798351166-2891734009-1014 - Limited - Enabled) => C:\Users\Nadine
User (S-1-5-21-1652729561-1798351166-2891734009-1000 - Administrator - Enabled) => C:\Users\User

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Avast Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.)
Ableton Live 9 Suite (HKLM\...\{48EC4E57-1D04-4831-90A7-151DA2269495}) (Version: 9.0.0.0 - Ableton)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.205 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Aerosoft's - Airbus A320-A321 - FSX STEAM Edition (HKLM-x32\...\Airbus A320-A321 - FSX STEAM Edition) (Version: 1.30 - Aerosoft)
Age of Empires II: HD Edition (HKLM\...\Steam App 221380) (Version:  - Skybox Labs)
AGEIA PhysX v7.07.24 (HKLM-x32\...\{EFC1B35C-FFF2-41D8-A70A-CE6037F8040B}) (Version: 7.07.24 - AGEIA Technologies, Inc.)
Anno 1404 (HKLM\...\Steam App 33250) (Version:  - Blue Byte)
Anno 1404: Venice (HKLM\...\Steam App 33350) (Version:  - Blue Byte)
ANNO 1503 (HKLM-x32\...\{EBBB1DEF-8878-4CB8-BC0D-1196B30E7527}) (Version:  - )
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.00 - Sunflowers)
Anno 2070 (HKLM-x32\...\{435C32E1-96F0-4518-B051-A5403900C389}_is1) (Version: 1.01 - RAF)
Anno 2205 (HKLM-x32\...\Anno 2205_is1) (Version:  - )
Ansel (Version: 376.19 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version:  - Studio Wildcard)
Arma 2 (HKLM\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: British Armed Forces (HKLM\...\Steam App 65700) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 2: Private Military Company (HKLM\...\Steam App 65720) (Version:  - Bohemia Interactive)
Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.7.5.0 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.7.5.0 - ASUSTek COMPUTER INC.) Hidden
Automap 4.10 (HKLM\...\Automap Universal_is1) (Version: 4.10 - Focusrite Audio Engineering Ltd.)
Avast Premier (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.10.265 - Electronic Arts)
Battlefield™ 1 Open Beta (HKLM-x32\...\{F9E19363-7B10-4F8A-8640-945C36D4B504}) (Version: 1.0.8.10777 - Electronic Arts)
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Big Pharma: Marketing and Malpractice (HKLM\...\YmlncGhhcm1hbWFya2V0aW5nYW5kbWFscHJhY3RpY2U_is1) (Version: 1 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Build Tools - amd64 (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.40629 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Bus Simulator 16 (HKLM\...\YnVzc2ltdWxhdG9yMTY_is1) (Version: 1 - )
Card Hunter (HKLM\...\Steam App 293260) (Version:  - Blue Manchu)
CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
Cheat Engine 6.5.1 (HKLM-x32\...\Cheat Engine 6.5.1_is1) (Version:  - Cheat Engine)
Chivalry: Medieval Warfare (HKLM\...\Steam App 219640) (Version:  - Torn Banner Studios)
Cities In Motion - Design Classics (HKLM-x32\...\{37F03AE9-D51D-4B1C-806F-3DA898E330BD}_is1) (Version:  - )
Cities In Motion - Design Marvels (HKLM-x32\...\{68416881-7697-46F7-BBAF-8741D5C3584F}_is1) (Version:  - )
Cities In Motion - Design Now (HKLM-x32\...\{7B3050F8-E4DA-4276-8972-A75DC2A671A2}_is1) (Version:  - )
Cities In Motion - German Cities (HKLM-x32\...\{AD6FDE5E-FDA6-43CA-93B6-C90C9DB3FE52}_is1) (Version:  - )
Cities In Motion - Metro Stations (HKLM-x32\...\{899EF246-6FF0-4A9C-9689-80C2CA0BD868}_is1) (Version:  - )
Cities In Motion - Patch 1.0.22 (HKLM-x32\...\{34D52D01-C65D-4A29-99E0-E02030597B4F}_is1) (Version:  - )
Cities In Motion - Tokyo (HKLM-x32\...\{9C29DF2E-4EC8-485A-AAB9-A70727F29494}_is1) (Version:  - )
Cities In Motion - U.S. Cities (HKLM-x32\...\{B11E789C-8A0B-470A-AB34-63CD65F9CE81}_is1) (Version:  - )
Cities In Motion (HKLM-x32\...\{15FA5ED6-2F98-4B5E-AF0B-18E5F4723FAD}_is1) (Version:  - )
Core Temp 1.0 RC8 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version:  - Valve)
Crazy Machines 3 (HKLM\...\Y3JhenltYWNoaW5lczM_is1) (Version: 1 - )
Crazy Machines II (HKLM-x32\...\{112B0ED9-57F8-4883-8E6A-5BEAABDABBC1}) (Version: 1.00 - FAKT Software GmbH)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0191 - Disc Soft Ltd)
DayZ (HKLM\...\Steam App 221100) (Version:  - Bohemia Interactive)
Democracy 3 (HKLM\...\Steam App 245470) (Version:  - Positech Games)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
Die Sims™ 3 Diesel Accessoires (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
Die Sims™ 3 Gib Gas-Accessoires (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Late Night) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Generations) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 High-End Loft Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Showtime (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Showtime) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Die Sims™ 3 Traumsuite-Accessoires (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Master Suite Stuff) (Version: 1.0.0.0 - Electronic Arts Inc.)
Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
Dirty Bomb (HKLM\...\Steam App 333930) (Version:  - Splash Damage®)
Dota 2 (HKLM\...\Steam App 570) (Version:  - Valve)
Driver Booster 4.1 (HKLM-x32\...\Driver Booster_is1) (Version: 4.1.0 - IObit)
Dying Light (HKLM\...\Steam App 239140) (Version:  - Techland)
Empire Earth II Gold Edition (HKLM-x32\...\GOGPACKEMPIREEARTH2GOLD_is1) (Version: 2.0.0.17 - GOG.com)
Entity Framework 6.1.3 Tools  for Visual Studio 2013 (HKLM-x32\...\{D5170452-84D1-4725-AD9C-F9ECFD0A9E9F}) (Version: 12.0.40302.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
Far Cry Primal (HKLM-x32\...\Uplay Install 2010) (Version:  - Ubisoft)
FileZilla Client 3.21.0 (HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\FileZilla Client) (Version: 3.21.0 - Tim Kosse)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Flight Simulator X (HKLM-x32\...\RTMshadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.6.321 - Foxit Software Inc.)
Freenet Version 0.7.5 build 1475 (HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\{3196C62F-9C7B-4392-88B4-05C037D05518}_is1) (Version: 0.7.5 build 1475 - freenetproject.org)
FSacars (HKLM-x32\...\{FFC78FC9-2FE6-4648-BFEB-446C61C2D61E}) (Version: 4.0 - Jose Oliveira/FSacars team)
FSX Concorde 1.1 (HKLM\...\{C9EFD0D5-86AB-4205-8556-8C0AF2765CFB}) (Version: 1.1 - Fly Away Simulation)
GameDog (HKLM-x32\...\{05C30AD9-6CDF-4767-A4E6-6D6C9F41CA0C}) (Version: 2.4.5955.41964 - Wolfspirit)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2013 Sprachpaket (DEU) - v1.4 (x32 Version: 1.4.30416.1601 - Microsoft Corporation) Hidden
Ghost in the Shell Stand Alone Complex First Assault Online (HKLM\...\Steam App 369200) (Version:  - Neople)
Global ATC Simulator (HKLM-x32\...\R2xvYmFsQVRDU2ltdWxhdG9y_is1) (Version: 1 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Gothic 3 (HKLM\...\Steam App 39500) (Version:  - Piranha – Bytes)
Gpg4win (2.3.3) (HKLM-x32\...\GPG4Win) (Version: 2.3.3 - The Gpg4win Project)
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
GPUTweakStreaming (x32 Version: 1.0.3.5 - ASUS) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version:  - Rockstar North)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
GTR Evolution (HKLM\...\Steam App 8660) (Version:  - SimBin)
Hearts of Iron III (HKLM\...\Steam App 25890) (Version:  - Paradox Development Studio)
Hearts of Iron IV (HKLM\...\Steam App 394360) (Version:  - Paradox Development Studios)
HELLDIVERS™ (HKLM\...\Steam App 394510) (Version:  - Arrowhead Game Studios)
Heroes & Generals (HKLM\...\Steam App 227940) (Version:  - Reto-Moto)
Hitman: Sniper Challenge (HKLM\...\Steam App 205930) (Version:  - IO Interactive)
HITMAN™ (HKLM\...\Steam App 236870) (Version:  - Io-Interactive)
Hounds Last Hope 1.0 (HKLM-x32\...\Hounds Last Hope) (Version: 1.0 - RebornGames Inc.)
iFunbox (v3.0.3939.1352) (HKLM-x32\...\iFunbox_is1) (Version: v3.0.3939.1352 - iFunbox DevTeam)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel Extreme Tuning Utility (HKLM-x32\...\{e227ceea-7188-42a4-9e8d-6c36bbf0fa9f}) (Version: 6.1.2.11 - Intel Corporation)
Intel Extreme Tuning Utility (x32 Version: 6.1.2.11 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.0.17 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4380 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.6.60 - Intel Corporation)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 112 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180112F0}) (Version: 8.0.1120.15 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Java 8 Update 92 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Just Cause 2 (HKLM\...\Steam App 8190) (Version:  - Avalanche Studios)
Just Flight - Traffic X (HKLM-x32\...\{D186EE99-F905-4F87-B188-01D60D8FF1B3}) (Version: 1.00.000 - Just Flight)
Kerbal Space Program Demo (HKLM\...\Steam App 231410) (Version:  - Squad)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Mafia III (HKLM\...\bWFmaWFpaWk_is1) (Version: 1 - )
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MegaTrainer eXperience V1.1.5.8 (HKLM-x32\...\MegaTrainer eXperience_is1) (Version:  - )
MegaTrainer Ultimate Version 1.4.6 (HKLM-x32\...\{68A5CFDB-E05C-46BC-B2EB-988D1E2C2444}_is1) (Version: 1.4.6 - MegaDev)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Flight Simulator 2004 - Das Jahrhundert der Luftfahrt (HKLM-x32\...\Flight Simulator 9.0) (Version: 9.0 - Microsoft)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62615.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62615.0 - Microsoft Corporation)
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Flight Simulator X: Steam Edition (HKLM\...\Steam App 314160) (Version:  - Microsoft Game Studios)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.7466.2038 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.41012.0) (HKLM-x32\...\{79AB8378-D661-4021-9941-FE5F4AEB57BB}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server*2014 Express LocalDB  (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU mit Update 5 (HKLM-x32\...\{6502e1ac-767b-4caf-b03d-5ee3c638c46d}) (Version: 12.0.40629.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{9408684F-E1CC-4D2E-AE15-886023557682}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{B9A7B46F-0120-406B-9A12-3AD1DCC94D97}) (Version: 12.0.2000.8 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Miscreated (HKLM\...\Steam App 299740) (Version:  - Entrada Interactive LLC)
Mount & Blade: Warband (HKLM\...\Steam App 48700) (Version:  - TaleWorlds Entertainment)
Mozilla Firefox 50.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 de)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Napoleon: Total War (HKLM\...\Steam App 34030) (Version:  - The Creative Assembly)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.7 - Black Tree Gaming)
No Mans Sky (HKLM-x32\...\No Mans Sky_is1) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
Novation USB Audio Driver 2.7 (HKLM\...\Novation USB Audio Driver_is1) (Version: 2.7 - Novation DMS Ltd.)
NVIDIA 3D Vision Controller-Treiber 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 376.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.19 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.19 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7426.1015 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Oil Enterprise (HKLM\...\Steam App 353630) (Version:  - Crafty Studios)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenIV (HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\OpenIV) (Version: 2.8.703 - .black/OpenIV Team)
Origin (HKLM-x32\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.100.9.0 - Overwolf Ltd.)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Patrician IV Gold Edition (HKLM-x32\...\Patrician IV Gold Edition_is1) (Version:  - )
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
PhoneBrowse 3.2.0 (HKLM-x32\...\{6A4F3A46-FC4A-4B5C-917C-B9BAAB99FE01}}_is1) (Version: 3.2.0 - iMobie Inc.)
Pioneer MIX 64bit Driver (HKLM\...\Pioneer MIX) (Version: 4.2.4.0001 - Pioneer DJ Corporation.)
Pizza Connection 2 (HKLM-x32\...\{DA47ABC4-52DF-468D-988D-B9E768A3DF52}) (Version:  - )
Portal 2 (HKLM\...\Steam App 620) (Version:  - Valve)
PowerShellIntegration.Notifications (x32 Version: 2.6.0.0 - Microsoft Corporation) Hidden
Prison Architect (HKLM\...\Steam App 233450) (Version:  - Introversion Software)
Project CARS Game Of The Year Edition (HKLM\...\cHJvamVjdGNhcnM_is1) (Version: 1 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
R.U.S.E (HKLM\...\Steam App 21970) (Version:  - Eugen Systems)
RACE 07 (HKLM\...\Steam App 8600) (Version:  - SimBin)
RaceRoom Racing Experience  (HKLM\...\Steam App 211500) (Version:  - Sector3 Studios)
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - Sector3 Studios)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.10.6 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.1104 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.87.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7930 - Realtek Semiconductor Corp.)
Red Bull Air Race - The Game (HKLM-x32\...\{6577A275-7D02-4DD9-A619-41FF2E30BB2F}_is1) (Version: 0004 - Wingracers Sports Games)
rekordbox 4.2.4 64bit (HKLM\...\Pioneer rekordbox 4.2.4) (Version: 4.2.4.0001 - Pioneer DJ)
Risen (HKLM\...\Steam App 40300) (Version:  - Piranha Bytes)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.5 - Rockstar Games)
RollerCoaster Tycoon World (HKLM\...\Steam App 282560) (Version:  - Nvizzio Creations)
Rome: Total War (HKLM\...\Steam App 4760) (Version:  - The Creative Assembly)
Rust (HKLM\...\Steam App 252490) (Version:  - Facepunch Studios)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Sandboxie 5.14 (64-bit) (HKLM\...\Sandboxie) (Version: 5.14 - Sandboxie Holdings, LLC)
Scrap Mechanic (HKLM\...\Steam App 387990) (Version:  - Axolot Games)
SHIELD Streaming (Version: 7.1.0340 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version:  - Firaxis Games)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Sniper: Ghost Warrior (HKLM\...\Steam App 34830) (Version:  - City Interactive)
South Park™: The Stick of Truth™ (HKLM\...\Steam App 213670) (Version:  - Obsidian Entertainment)
Spacewar (HKLM\...\Steam App 480) (Version:  - Valve)
Spotify (HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\Spotify) (Version: 1.0.31.56.g526cfefe - Spotify AB)
SquawkBox (HKLM-x32\...\SquawkBox) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteamVR Performance Test (HKLM\...\Steam App 323910) (Version:  - Valve)
Stronghold 3 (HKLM\...\Steam App 47400) (Version:  - FireFly Studios)
Stronghold Crusader 2 (HKLM\...\Steam App 232890) (Version:  - FireFly Studios)
Surgeon Simulator (HKLM\...\Steam App 233720) (Version:  - Bossa Studios)
Sylenth1 v2.20 (HKLM\...\Sylenth1_is1) (Version:  - )
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
Terraria (HKLM\...\Steam App 105600) (Version:  - Re-Logic)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version:  - Ubisoft)
The Elder Scrolls IV: Oblivion  (HKLM\...\Steam App 22330) (Version:  - Bethesda Game Studios)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Elder Scrolls V: Skyrim Special Edition (HKLM\...\Steam App 489830) (Version:  - Bethesda Game Studios)
The Guild II - Pirates of the European Seas (HKLM\...\Steam App 39660) (Version:  - 4 Head Studios)
The Guild II (HKLM\...\Steam App 39650) (Version:  - 4 Head Studios)
The Guild II: Renaissance (HKLM\...\Steam App 39680) (Version:  - Rune Forge)
The Mighty Quest For Epic Loot Version 1.237368 (HKLM-x32\...\The Mighty Quest For Epic Loot_is1) (Version: 1.237368 - )
The Witcher 3 - Wild Hunt (HKLM-x32\...\1495134320_is1) (Version: 2.0.0.51 - GOG.com)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
Tom Clancy's The Division (HKLM\...\Steam App 365590) (Version:  - Massive Entertainment)
Total War: ROME II - Emperor Edition (HKLM\...\Steam App 214950) (Version:  - Creative Assembly)
Total War: WARHAMMER (HKLM\...\Steam App 364360) (Version:  - Creative Assembly)
Tropico 3: Absolute Power (HKLM\...\Steam App 57600) (Version:  - Haemimont Games)
Tropico 4 (HKLM\...\Steam App 57690) (Version:  - Haemimont Games)
Tropico 5 (HKLM\...\Steam App 245620) (Version:  - Haemimont Games)
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 19.1 - Ubisoft)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden
VirtualDJ 8 (HKLM-x32\...\{415D8B6F-2597-4B84-B677-B4A936C10E37}) (Version: 8.1.2832.0 - Atomix Productions)
Visual Studio 2013 Update 5 (KB2829760) (HKLM-x32\...\{17551f85-1d1c-4142-a83f-bbd18a3522c2}) (Version: 12.0.40629 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
vPilot (HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\vPilot) (Version: 1.1.5901.24775 - Ross Carlson)
VS Update core components (x32 Version: 12.0.40629 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
War Thunder (HKLM\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Wargame: European Escalation (HKLM\...\Steam App 58610) (Version:  - Eugen Systems)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
WinISO (HKLM-x32\...\WinISO) (Version: 6.4.1.5976 - WinISO Computing Inc.)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.24-2 - Bitnami)
Xperia Companion (HKLM-x32\...\{f494d3ac-4796-4bbd-b7a0-1873600d110d}) (Version: 1.3.2.0 - Sony)
Xperia Companion (x32 Version: 1.3.2.0 - Sony) Hidden
Xperia Companion Service (Version: 1.3.2.0 - Sony) Hidden
X-Plane 10 Global - 64 Bit (HKLM\...\Steam App 292180) (Version:  - Laminar Research)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1652729561-1798351166-2891734009-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1652729561-1798351166-2891734009-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1652729561-1798351166-2891734009-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1652729561-1798351166-2891734009-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1652729561-1798351166-2891734009-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1652729561-1798351166-2891734009-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {085870E5-7A70-48B7-8443-F61C99FFB16A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {0EA204A4-946F-41AD-89D2-8CB5D47C1EC7} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-11-23] (Overwolf LTD)
Task: {12E3435F-595F-414D-B798-2AC88535C825} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-11-17] (NVIDIA Corporation)
Task: {2187C87B-4AF8-425A-A0E7-2300FCB8B9BD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-11-02] (Microsoft Corporation)
Task: {2F94EAEF-D7FD-4D30-9BD2-0BB1B93EB316} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation)
Task: {36D100DF-44DC-4AE3-958C-0F1DC84E9B32} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {3A558D9A-8421-467A-AE80-B94C57CEC30F} - System32\Tasks\{2EFA6E8F-7BD5-4E75-BB02-B7202C56991C} => D:\Program Files (x86)\Microsoft Games\Flight Simulator 9\fs9.exe [2004-09-01] (Microsoft Corporation)
Task: {3F8F8E37-917C-4D74-A1B8-B17E960274C0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-26] (Adobe Systems Incorporated)
Task: {4D6A2C70-E736-44FD-AC84-A6FACE453210} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {4F83B571-7C3D-49BF-BD46-8397B65CAC67} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {5A76032C-336A-4829-8A14-0D7A4665C7EF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-11-17] (NVIDIA Corporation)
Task: {6AF6EDEA-5BEF-4C79-975F-536BBA12612C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-22] (Google Inc.)
Task: {78E67C7A-4C81-4715-8BF9-178C759E0FBF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-09] (AVAST Software)
Task: {893DFF73-789D-4AC0-BDE5-B9A061D7B5B4} - System32\Tasks\{4732A461-F2FA-4F65-B3E6-C5F6F1AF4FDE} => pcalua.exe -a "C:\Users\User\Desktop\Install FSUIPC4.exe" -d C:\Users\User\Desktop
Task: {99D8FFA9-63AB-4454-B182-B96AFAB279C2} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-11-20] (Intel Corporation)
Task: {A142B6B1-51E0-40A9-9FA4-F4F1481E8960} - System32\Tasks\SafeZone scheduled Autoupdate 1467385642 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {A20C4AD7-C5F7-4503-A905-F3D227B20DAF} - System32\Tasks\{3F138AF1-2993-4400-8D86-ECA499A76DD4} => pcalua.exe -a C:\Users\User\Downloads\TWEE_German_language_pack.exe -d C:\Users\User\Downloads
Task: {B02DEAFA-45C0-487E-8327-BA8F18E5F5AD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-22] (Google Inc.)
Task: {BE4A1E7F-3E71-43BE-80E7-FB9575FC753B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {C16ABE74-1611-4196-94B8-7A0F004A3874} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-11-17] (NVIDIA Corporation)
Task: {C393BF12-D085-4224-AF63-1CF2A04C54C5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-30] (Microsoft Corporation)
Task: {CC55469A-B4D1-4DED-AC83-B165F15CAC45} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-11-07] (Piriform Ltd)
Task: {F822A841-C14E-4013-8ACC-FE0128A1FD86} - System32\Tasks\{81E21091-ECC2-4598-9770-E678EE83EFFA} => pcalua.exe -a C:\Users\User\Desktop\A380v2Demo09\A380demo.exe -d C:\Users\User\Desktop\A380v2Demo09
Task: {F9B617E4-276C-4894-9B04-937D4C6EF69A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-11-02] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki/
Shortcut: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com/

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-05-17 16:15 - 2014-01-28 04:16 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2012-01-17 10:24 - 2012-01-17 10:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2016-08-18 09:27 - 2016-08-18 09:27 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2016-05-20 20:39 - 2016-06-28 13:35 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-09-25 00:20 - 2016-09-25 00:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-07-04 18:47 - 2016-10-30 17:12 - 08924864 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2016-08-23 14:05 - 2016-08-23 14:05 - 00052400 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-11-07 21:27 - 2016-11-07 21:27 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-08-01 15:08 - 2016-11-17 14:45 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-08-01 15:08 - 2016-11-17 14:45 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-08-24 08:47 - 2016-11-17 14:45 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-09-09 10:01 - 2016-09-09 10:01 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-12-06 22:05 - 2016-12-06 22:05 - 03067392 _____ () C:\Program Files\AVAST Software\Avast\defs\16120600\algo.dll
2016-09-09 10:01 - 2016-09-09 10:01 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-05-17 16:15 - 2016-12-06 22:15 - 00032552 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2016-05-17 16:15 - 2014-01-28 04:16 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2016-08-18 09:14 - 2016-08-18 09:14 - 00222720 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2016-08-18 09:09 - 2016-08-18 09:09 - 00103424 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2016-08-18 09:03 - 2016-08-18 09:03 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2016-08-18 09:14 - 2016-08-18 09:14 - 00073728 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2016-08-18 09:17 - 2016-08-18 09:17 - 00751104 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2014-04-30 00:23 - 2014-04-30 00:23 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-07-01 16:06 - 2016-07-01 16:06 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-08-01 15:08 - 2016-11-17 14:45 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-08-01 15:08 - 2016-11-17 14:45 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-08-01 15:08 - 2016-11-17 14:45 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\User:Heroes & Generals [38]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\Software\Classes\regfile: regedit.exe "%1" <===== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-12-02 01:23 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: 001d46a7 => C:\Users\User\AppData\Local\Temp\world-super-ext.exe
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudPhotos => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iFunBox => D:\Program Files (x86)\i-Funbox DevTeam\iFunBox_x64.exe /tray
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\User\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: XperiaCompanionAgent => "C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{84DE3B2D-826F-4622-9FB6-BDDA7F27D18D}] => D:\Steam\Steam.exe
FirewallRules: [{5E879E77-42B6-4F7A-A873-F32C0ED05280}] => D:\Steam\Steam.exe
FirewallRules: [{6762AF0D-9F37-4184-9A6C-08FAB8EFD7DE}] => D:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{3A848C5C-DA5B-494A-A402-37FF45FB7A35}] => D:\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{2AAED2A2-6059-4B48-AE46-F5F64039467B}] => C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{02841AE1-2C2B-4D04-814F-929DC981D4A2}] => C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{771E7286-7D70-4E84-8A1A-B56339E1F7CA}] => C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{DE3C8EB2-B76F-47EB-8A01-3FDACC1828EF}] => C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [TCP Query User{B083FB38-0446-4128-8340-F5782C4FC0F1}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{CC948301-3D4A-45C0-8264-1FC4682324E7}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{DFD8BFF3-E0AE-4886-A8B9-B928D08FF6A3}] => D:\Steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe
FirewallRules: [{3ED9EB4B-76AE-4564-B1EA-A932AF158B30}] => D:\Steam\steamapps\common\SteamVRPerformanceTest\bin\win64\vr.exe
FirewallRules: [{31643739-616B-4795-81A8-B043A0535CE4}] => D:\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{86A077B5-60ED-4E94-934B-6C0A25D0905C}] => D:\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{57244F4C-008F-4B40-9288-9CA506C43BE7}] => D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{15025337-F08C-4311-8F91-A81448BAE65F}] => D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D63313CA-0644-498E-958B-4B3A7D1ADBD5}] => D:\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{8FFAAFA2-3DB1-42AD-8205-C9D5507F8ECF}] => D:\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{5614B8E9-5245-4118-A619-092B30AF19B8}] => D:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{AB472C98-7906-475E-9E26-17E7088B2392}] => D:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{3751E5DA-CE50-4A97-87A1-A3A5ACCE2FBC}] => D:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{03F1781C-906E-4BE5-895A-D97F3B8EDDF8}] => D:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{59CA2BFA-F550-49DB-9CAE-D3450515788A}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4B6A457B-E633-467F-BD62-1A5A1035BA04}] => D:\Steam\steamapps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{DCFBE169-8EB6-4908-B025-ED488227B022}] => D:\Steam\steamapps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{CA6784A2-DEC0-4192-9F89-F3BA2DDDC00C}] => D:\Steam\steamapps\common\R.U.S.E\Ruse.exe
FirewallRules: [{138DDAD5-A58F-4047-A0E2-1AAE21B01081}] => D:\Steam\steamapps\common\R.U.S.E\Ruse.exe
FirewallRules: [{F5EF3A7A-9E95-4608-A2CA-369EB4326F48}] => D:\Steam\steamapps\common\Rome Total War Gold\RomeTW.exe
FirewallRules: [{A65E7490-B932-40FA-8DF9-FF110E87EC3E}] => D:\Steam\steamapps\common\Rome Total War Gold\RomeTW.exe
FirewallRules: [{0B3265CB-4CFC-4735-A619-C6F67FD86887}] => D:\Steam\steamapps\common\Rome Total War Gold\RomeTW-BI.exe
FirewallRules: [{8DA66291-AE79-4739-A9C9-9945D15060D9}] => D:\Steam\steamapps\common\Rome Total War Gold\RomeTW-BI.exe
FirewallRules: [{151366ED-4161-4920-AA9B-BF18FA03120E}] => C:\SteamLibrary\steamapps\common\Helldivers\binaries\x64\helldivers.exe
FirewallRules: [{5D02B5B6-2AE7-41CE-A54E-790376D49109}] => C:\SteamLibrary\steamapps\common\Helldivers\binaries\x64\helldivers.exe
FirewallRules: [{7978E655-5D6B-4ACD-BDBF-56B3DECA07D8}] => C:\SteamLibrary\steamapps\common\Helldivers\binaries\x86\helldivers.exe
FirewallRules: [{64E069B9-3F9D-4F79-937F-E72D00ABA919}] => C:\SteamLibrary\steamapps\common\Helldivers\binaries\x86\helldivers.exe
FirewallRules: [{252A2332-5F3C-4DE6-A832-E712302E6D7D}] => C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{A59C8E93-810A-47FC-8182-FC1EE87D08E7}] => C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{6562EBB3-0992-4AEF-9853-34ED2F8F12C3}] => D:\Steam\steamapps\common\Hitman™\Launcher.exe
FirewallRules: [{DFED7820-AB10-4B01-B858-4B612D7968A4}] => D:\Steam\steamapps\common\Hitman™\Launcher.exe
FirewallRules: [{C2EB2DD2-E975-4DDE-8A19-DE5254EEB0A3}] => D:\Steam\steamapps\common\Tom Clancy's The Division\thedivision.exe
FirewallRules: [{FC953AB3-6949-464D-AD0D-B1964D066196}] => D:\Steam\steamapps\common\Tom Clancy's The Division\thedivision.exe
FirewallRules: [{3C81711C-69C5-4423-9EA0-DCFC59D38FA9}] => D:\Steam\steamapps\common\race 07\SteamExpansionApp.exe
FirewallRules: [{EDE8BC2F-EF6F-4C6E-95B4-E7BE5BA0087C}] => D:\Steam\steamapps\common\race 07\SteamExpansionApp.exe
FirewallRules: [{6126A141-A7D6-4AA5-B086-74858C994EBF}] => D:\Steam\steamapps\common\race 07\SteamProxy.exe
FirewallRules: [{1960DEF7-634F-44DF-9FD5-1B6E0A62E333}] => D:\Steam\steamapps\common\race 07\SteamProxy.exe
FirewallRules: [{BC64BA19-FF61-4566-84A8-C6C2C66337FC}] => D:\Steam\steamapps\common\race 07\Config.exe
FirewallRules: [{7A40541B-CA28-498A-9CAE-8CEBA69F19EA}] => D:\Steam\steamapps\common\race 07\Config.exe
FirewallRules: [{36E1B303-75D1-498F-90F3-D2D08DD7028E}] => D:\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{63773F5D-A1C2-4C02-BB9E-6286067A649C}] => D:\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{77CDAE60-0165-463F-AA45-A8A1A4D8D63E}] => D:\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{F40C761C-2416-4C1F-A05E-BC3BECFBD4A2}] => D:\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{82687C43-F210-4513-83B3-68AEB96B9C39}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{31C9400F-311C-4BD2-8B68-0624D96C4AED}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{47DDA37D-17A4-47D0-8A14-F0584C31D416}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{819CFEF1-0399-4370-8425-4D6C638B3808}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{21628142-32B9-45B7-BC62-5E800DC7C72D}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6154CCFD-89C8-4FDD-A20A-BC8A765589AA}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{823B853E-A41D-41A4-A4FF-3D12CA4FB75B}] => D:\Steam\steamapps\common\Scrap Mechanic\Release\ScrapMechanic.exe
FirewallRules: [{B0AFF446-A54D-460B-B2D7-A958F1AD0F87}] => D:\Steam\steamapps\common\Scrap Mechanic\Release\ScrapMechanic.exe
FirewallRules: [{867519B2-A1D5-4CA6-80C4-4C6E80C93432}] => D:\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{576405B5-7257-43C0-A72E-90C6367F141E}] => D:\Steam\steamapps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{00F32528-AF0E-4DA7-B303-9FFE9C45FE50}] => D:\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{EAAA2EA4-909D-4320-BF2A-58D29B359435}] => D:\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{DF9ECDF6-9ECE-4D42-8A00-CA95069CFAE3}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{82CFC9A0-9B5A-49DF-9E1C-4D0131B35CB9}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E331B238-F7DC-4468-82CF-C9BBABF1EE06}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2B74EEBC-713F-46A2-AA7A-AC3AFF9B3C58}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B9AF3F76-45BD-47BC-B955-B485E7E112AA}] => D:\Origin\Battlefield 3\bf3.exe
FirewallRules: [{0C4F2DB7-3486-4C85-A098-C75C5F359C3D}] => D:\Origin\Battlefield 3\bf3.exe
FirewallRules: [{D000420F-FE55-44E2-8995-91977746A4AB}] => D:\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{EC0550E4-69C7-4618-8669-FD84C95D3467}] => D:\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{FA74C79A-0114-407E-918D-925F24E7AEB1}] => D:\Steam\steamapps\common\ARMA 2 Operation Arrowhead\DLCsetup\BAF\datacachepreprocessor.exe
FirewallRules: [{56788C84-99AA-48C3-8617-A67FCEF155DC}] => D:\Steam\steamapps\common\ARMA 2 Operation Arrowhead\DLCsetup\BAF\datacachepreprocessor.exe
FirewallRules: [{27B62BF7-8746-462F-B8C7-D5BA6CBBC7B8}] => D:\Steam\steamapps\common\ARMA 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{B43A07A5-1C4D-416E-A2B6-A76218F558B2}] => D:\Steam\steamapps\common\ARMA 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{43D8F594-9AB1-4266-B3FE-F548C3C5BD75}] => D:\Steam\steamapps\common\ARMA 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{5520B775-11A5-4063-B935-4C161D0FD54D}] => D:\Steam\steamapps\common\ARMA 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{4D9B5D3D-5443-47DA-97F6-9D9F12E406E0}] => D:\Steam\steamapps\common\ARMA 2 Operation Arrowhead\DLCsetup\ACR\datacachepreprocessor.exe
FirewallRules: [{1185703F-1C34-4506-BEA8-F9A156055C53}] => D:\Steam\steamapps\common\ARMA 2 Operation Arrowhead\DLCsetup\ACR\datacachepreprocessor.exe
FirewallRules: [{154DE94F-0F37-4334-B229-3636008B4085}] => D:\Steam\steamapps\common\ARMA 2 Operation Arrowhead\DLCsetup\PMC\datacachepreprocessor.exe
FirewallRules: [{C844376D-DDE4-4BDA-B63A-792417F97BE5}] => D:\Steam\steamapps\common\ARMA 2 Operation Arrowhead\DLCsetup\PMC\datacachepreprocessor.exe
FirewallRules: [{4155C843-FF1E-49BA-8CFA-FB065B5F29FD}] => D:\Steam\steamapps\common\Oblivion\OblivionLauncher.exe
FirewallRules: [{C296B62F-7D95-4A12-8E30-D69937C3C382}] => D:\Steam\steamapps\common\Oblivion\OblivionLauncher.exe
FirewallRules: [{FEBC665A-E054-4525-BB5C-DD81EEF9A9A5}] => D:\Steam\steamapps\common\Gothic 3\Gothic3.exe
FirewallRules: [{E039518E-9BBB-4711-8D86-A5234E0BB699}] => D:\Steam\steamapps\common\Gothic 3\Gothic3.exe
FirewallRules: [{9BF060A7-EB40-4EE3-9411-28D2EC9EE870}] => D:\Steam\steamapps\common\Risen\bin\Risen.exe
FirewallRules: [{A84EEB85-30EB-4E4A-B802-2FBD8E0E8F23}] => D:\Steam\steamapps\common\Risen\bin\Risen.exe
FirewallRules: [{C269CD84-A64A-4686-9040-2933A929DCDD}] => D:\Steam\steamapps\common\Stronghold3\bin\win32_release\Stronghold3.exe
FirewallRules: [{AE926DF8-C4B0-4BBE-A294-FB70645760ED}] => D:\Steam\steamapps\common\Stronghold3\bin\win32_release\Stronghold3.exe
FirewallRules: [{B367C9BA-D0B8-4902-92E8-C8237705723C}] => D:\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{DC27E43E-96B0-49BA-93F0-A960FCCD1368}] => D:\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [TCP Query User{B5F98E12-D966-409F-8419-2E4EF5A3EBCD}D:\steam\steamapps\common\anno 1404\tools\anno4web.exe] => D:\steam\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [UDP Query User{ACFE8079-5975-441A-AA53-1522A5EFBEC7}D:\steam\steamapps\common\anno 1404\tools\anno4web.exe] => D:\steam\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [{248643E2-EB08-449F-9BAC-DD9C822E1486}] => D:\Steam\steamapps\common\Anno 1404\Anno4.exe
FirewallRules: [{E92FE3E0-F1E7-497E-9EB9-4DCADD9B7AE6}] => D:\Steam\steamapps\common\Anno 1404\Anno4.exe
FirewallRules: [{F555D9C0-0421-41B9-80F3-1C96059DE632}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Far Cry Primal\bin\FCPrimal.exe
FirewallRules: [TCP Query User{87BB1149-0FE7-44A9-99BF-1DB851F30E36}D:\steam\steamapps\common\anno 1404\tools\anno4web.exe] => D:\steam\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [UDP Query User{5802B5AB-68D3-4AFA-ACDB-17C3F0AA45A7}D:\steam\steamapps\common\anno 1404\tools\anno4web.exe] => D:\steam\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [TCP Query User{D1DB0B62-87AD-4305-8EE8-E133E4E1F248}D:\steam\steamapps\common\war thunder\win64\aces.exe] => D:\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [UDP Query User{226219F6-3148-4E23-A1C2-04A1BDAD01AB}D:\steam\steamapps\common\war thunder\win64\aces.exe] => D:\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{AB39A4CB-E53D-4482-9117-4241BCB72025}] => D:\Steam\steamapps\common\Hitman Sniper Challenge\HMSC.exe
FirewallRules: [{777C3F91-AFC9-4227-BD0F-BAEADC880478}] => D:\Steam\steamapps\common\Hitman Sniper Challenge\HMSC.exe
FirewallRules: [{9C6654CD-218D-48ED-8FD0-BF0434EFB44A}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{7A24BC1A-C4C5-4221-B307-098B6D59125A}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{DD19ADE0-AD34-4264-B971-BF536CEA768E}] => C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{945EB3F5-9AF3-4F9E-B3E5-9FB6400F997E}] => C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\WDExpress.exe
FirewallRules: [{768E3A20-E621-4BA5-A736-A7B6C7AE5B33}] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4855644F-169A-4E61-A039-250FD856CBA3}] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{16206DF6-2517-4628-BD0B-DA494F14B5BA}] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{73E735BD-0CF4-4B41-AC1B-EABD18537D2F}] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3EAB7584-76DE-419F-9FAE-76109CF25D4F}] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7925C428-126F-4B8F-A7F2-8D0911FB4957}] => C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2B325A67-5401-4879-8F6E-D8E78FDAFCF8}] => D:\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{7007EB1D-496A-46D7-B9BD-570A40384DEC}] => D:\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{B6C2C8B2-1564-4F22-A984-322280C4578F}] => D:\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{3960A85C-139A-4DED-A3F2-E496654356E2}] => D:\Steam\steamapps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{4C7E7D57-94E8-4B94-85A0-90BC0C5E5FF2}] => D:\Steam\steamapps\common\Sniper Ghost Warrior\Sniper_x86.exe
FirewallRules: [{00E616D7-C51E-4609-9423-E2025370EB4C}] => D:\Steam\steamapps\common\Sniper Ghost Warrior\Sniper_x86.exe
FirewallRules: [{FAF9F8AF-F41F-4980-94F3-CA1313B27B98}] => D:\Steam\steamapps\common\Wargame European Escalation\WarGame.exe
FirewallRules: [{75546854-E45C-45A5-96C3-F2F43DE7F0F0}] => D:\Steam\steamapps\common\Wargame European Escalation\WarGame.exe
FirewallRules: [{D08513BA-C0E1-4A48-86D8-BD5F1EDF026A}] => D:\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{D2240DDF-8492-4F27-AD23-AA361D2CC56B}] => D:\Steam\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{06CB8BCD-EF3F-4DD0-A289-F97C45357C48}] => D:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{15252672-C2EF-407E-85AE-6C89BC28210F}] => D:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{FEF19434-70A5-4993-88B4-369548E0634B}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{0241EB57-9592-4200-9918-CE3F356B0EC1}] => C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{66953C62-8FFD-413B-9125-BEBE3E33B6C0}] => C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{307B4029-E9F3-4D43-B6A9-E83070618EDC}] => D:\Steam\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [{919BA835-E46D-4C8E-A1C0-D27D6D2892EA}] => D:\Steam\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [{657391EA-7E54-4C77-A93F-2CCA79267807}] => D:\Steam\steamapps\common\X-Plane 10\X-Plane.exe
FirewallRules: [{5A6CA695-6601-404B-A170-B8CB8DCD9D4F}] => D:\Steam\steamapps\common\X-Plane 10\X-Plane.exe
FirewallRules: [{81E97738-52DA-4B2C-80BE-40EB3661CE60}] => D:\Steam\steamapps\common\X-Plane 10\X-Plane-32bit.exe
FirewallRules: [{96AB1BE1-1F95-4425-AA58-F1519C86118A}] => D:\Steam\steamapps\common\X-Plane 10\X-Plane-32bit.exe
FirewallRules: [{F5C79FC7-4996-4319-896F-1879EF71B774}] => D:\Steam\steamapps\common\X-Plane 10\Airfoil-Maker.exe
FirewallRules: [{76D344FC-1F1E-47C9-B3CF-45ACE129462A}] => D:\Steam\steamapps\common\X-Plane 10\Airfoil-Maker.exe
FirewallRules: [{DFC0D245-8438-4BA4-8337-B4BA75A17CC9}] => D:\Steam\steamapps\common\X-Plane 10\Plane-Maker.exe
FirewallRules: [{B3D387AE-A111-455C-A0B2-5E6E7151AEF8}] => D:\Steam\steamapps\common\X-Plane 10\Plane-Maker.exe
FirewallRules: [{FD523A9F-E506-4BD9-B202-A6A4B0508F36}] => D:\Steam\steamapps\common\CardHunter\CardHunter.exe
FirewallRules: [{48FE471E-B60A-4643-BAB8-72BCF553F8B4}] => D:\Steam\steamapps\common\CardHunter\CardHunter.exe
FirewallRules: [{3EB328E5-291C-40A9-93DF-D644C9AF0B0F}] => D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{4C323364-E370-41B0-9BE1-46D5AA37C9B4}] => D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{0CBB6E8C-AC41-4984-8360-DFFD17532F45}] => D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{F6516272-9693-4261-BA91-0CFCD6E2D574}] => D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{B4AACF4F-B6F1-4B42-88A3-6D4835E8309A}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{B971D5DD-0C6C-4781-95E7-623FEEAFE51A}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{252E27BF-7DB6-4C6F-B608-6AC5E42BB01C}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6EADD72D-2467-4213-BC54-814A343E9011}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3D4E7B69-6BC3-421B-9E8F-3CD213E5EAC9}] => D:\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{5D020A5A-C7B8-466F-98E6-05A47847ECAE}] => D:\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{64BE4513-C3C5-4689-896D-60F842BD05E0}] => C:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{0871D1E8-E6FA-4A40-810C-79A9EAC09CA4}] => C:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{242F4F43-0EFA-4BA8-8EFA-FFE77721469F}] => C:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{466E7EC2-7E48-4278-8679-1226338DC2FD}] => C:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe
FirewallRules: [{749BC2E3-A832-4939-B4CA-3117F6B35B05}] => C:\SteamLibrary\steamapps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{34C73E45-5E9B-4D35-B448-1A1BFA9DB79E}] => C:\SteamLibrary\steamapps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{12207AD0-D615-4310-9757-FEC177D8DB38}] => C:\SteamLibrary\steamapps\common\Tropico 3\Tropico3.exe
FirewallRules: [{64C30B72-BF47-41E8-ADD4-0ACE397FDF67}] => C:\SteamLibrary\steamapps\common\Tropico 3\Tropico3.exe
FirewallRules: [{B71DECA1-2CA3-4EEC-B75E-107D4A261B1A}] => C:\SteamLibrary\steamapps\common\Tropico 4\Tropico4.exe
FirewallRules: [{C5E256AD-CD6A-4A7B-9F91-48CB3FE64235}] => C:\SteamLibrary\steamapps\common\Tropico 4\Tropico4.exe
FirewallRules: [{27A3E106-4136-4152-B9F0-135E5F559A07}] => C:\SteamLibrary\steamapps\common\Kerbal Space Program Demo\KSP.exe
FirewallRules: [{CCE46F63-6EC5-4B28-8A1A-BEBB672228C7}] => C:\SteamLibrary\steamapps\common\Kerbal Space Program Demo\KSP.exe
FirewallRules: [{0ECE1526-61C5-46F0-8D8E-24CC3713A126}] => D:\Steam\steamapps\common\The Guild II\GuildII.exe
FirewallRules: [{4593C1A7-F503-4D6F-93D4-1830FB40FB48}] => D:\Steam\steamapps\common\The Guild II\GuildII.exe
FirewallRules: [{34C0C389-8765-4F07-831C-3F02100453C0}] => D:\Steam\steamapps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{0289AACB-9D71-478D-A712-31876583D279}] => D:\Steam\steamapps\common\The Guild 2 Renaissance\GuildII.exe
FirewallRules: [{B52EAC45-73F0-4E30-AAC3-242552602581}] => D:\Steam\steamapps\common\The Guild II - Pirates of the European Seas\GuildII.exe
FirewallRules: [{0F3899F6-3741-4DC9-91C3-026BEC6942E2}] => D:\Steam\steamapps\common\The Guild II - Pirates of the European Seas\GuildII.exe
FirewallRules: [{12188305-81CB-4961-8572-83BAD7A6EE8D}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{9E9A8F99-7F20-4D58-BA01-EC67BF0E6B44}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{1EB1D8E7-86D6-4281-9FAC-6D413013502F}] => D:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{D0BF33C1-13D5-4C4B-9290-B7D4985B1725}] => D:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{7114D6EA-AAB3-4A07-BCC2-AE7C2930B292}] => D:\Steam\steamapps\common\Spacewar\SteamworksExample.exe
FirewallRules: [{BD9B0871-16CD-4E0E-999B-FC25A3E8C381}] => D:\Steam\steamapps\common\Spacewar\SteamworksExample.exe
FirewallRules: [{D1B355CB-9677-4150-B952-9BA36D5CD863}] => D:\Origin\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{150AC812-15DC-407A-9078-9BE656F0A272}] => D:\Origin\Battlefield 1 Open Beta\bf1.exe
FirewallRules: [{9D0B3795-4630-440B-835D-342C360B4466}] => D:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{1592B2AF-A1A1-4B2D-8BDA-C8BCDDBE0C24}] => D:\Steam\steamapps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{5D45DA33-C540-4CFC-888C-C24AB50C2737}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{78FE8673-BBDA-4796-8569-79BD16DA92E6}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{CDDCF8D1-A31D-4E69-8E0A-590362CC3F35}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{B5414510-0B85-400F-B314-3B6431AABBD4}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{1F22F295-FF8C-46FF-B35D-EB55E369BA6D}] => D:\Steam\steamapps\common\Miscreated\Miscreated.exe
FirewallRules: [{A615C0B4-9DD7-4C27-86B5-B92778FD6203}] => D:\Steam\steamapps\common\Miscreated\Miscreated.exe
FirewallRules: [{55DD27C1-40C4-4EF9-8880-D239000C7332}] => D:\Steam\steamapps\common\Miscreated\Bin64\Miscreated.exe
FirewallRules: [{5712754A-C81F-4AAF-9E68-336711F63282}] => D:\Steam\steamapps\common\Miscreated\Bin64\Miscreated.exe
FirewallRules: [{28A54D2F-A1BC-4E33-933A-404F08F6D05C}] => D:\Steam\steamapps\common\Miscreated\EasyAntiCheat\EasyAntiCheat_x64.dll
FirewallRules: [{49DEECFA-F2B6-441D-AC28-83E8904CA76E}] => D:\Steam\steamapps\common\Miscreated\EasyAntiCheat\EasyAntiCheat_x64.dll
FirewallRules: [{FC7B30FC-E08B-458C-833B-660685C218A5}] => D:\Steam\steamapps\common\Hearts of Iron 3\hoi3.exe
FirewallRules: [{4CEE71FD-5894-4236-8FB5-AF92BD034E3C}] => D:\Steam\steamapps\common\Hearts of Iron 3\hoi3.exe
FirewallRules: [{007622F6-57AB-44EB-A490-E50167F6FAA6}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{77EA7DF1-EFF8-4A73-A47A-4D1867D92589}] => D:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{91D6F19F-15C3-4C8A-A750-74A1AA197B58}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{EE57B003-932A-4CAE-80E1-04831A3D174C}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{54777C18-2489-4784-A98E-CE6B7196A4C7}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{96F4326C-631A-48C1-B820-4FD1A0CFD516}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{85BFB352-57FF-4D7E-B2BD-5AF34CEDA808}] => C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{42CAFBAC-CEF2-4918-BFED-73C75C8144C3}] => C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{6C24CAB2-8AD0-4B96-9843-6C65FCA089A1}] => C:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{BF2BBF47-8A00-4D39-A25A-DD5356B562EE}] => C:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{957962F9-2302-46D4-AAB7-BAC6949CEDD6}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{E6260172-7175-4F65-BF55-FE05AE010A68}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{2E872540-FBFA-41BC-A2DB-6914A73044E6}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe
FirewallRules: [{A822EEC3-938C-4674-BC90-0D6805D5FD73}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{23C6334C-E186-44BE-8F33-117D9029CC64}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1D53E72F-C0C5-41A0-9850-67C64507C31F}] => D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{BE76A1CF-CB40-46CD-8FC2-4D67C3EF0969}] => D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{0AF711CA-0113-44C6-8DCE-4D1277E3A101}] => D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{C852C671-58AD-464F-A570-88CB55EE54BD}] => D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{0C3E6EF5-357E-4F4D-B90F-3D75226AF9C2}] => D:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{8DCB90CD-4EB8-4BB6-8E9F-7886CF1AF43B}] => D:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{C3EF1250-9DDD-4EA4-950C-86F94E27A6D7}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9E69F9E6-742C-498E-A43D-974A78A5593E}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1701CB72-6DC5-4A06-ADA5-C950444A51EB}] => D:\Steam\steamapps\common\Oil Enterprise\oilenterprise.exe
FirewallRules: [{5BB79DDF-84DA-41B2-9A4B-5DEEE79A37D5}] => D:\Steam\steamapps\common\Oil Enterprise\oilenterprise.exe
FirewallRules: [{04365906-F513-462C-8DD6-809DE2F5D922}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{9FF89CDE-148B-4E4F-A45D-5BB2194B78D5}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{544A7EDE-040B-4FAE-B14F-61DAFCF2FF51}] => D:\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{468D5F0A-EEB4-4FBB-B8DE-E135207E4843}] => D:\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{96E00CAF-DE89-4BC5-8FFD-7A11BCEC7FE8}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{CFA90F7B-7389-42D8-8C57-5E791692DF61}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AA61DD4A-EE00-4DA4-AB9D-0EA39289C48F}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{04CA1975-3996-4B03-B60F-D825653B096B}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5406FA95-DE62-4C5D-835B-707EB2EBFF3E}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{417CCB00-A239-4015-959F-916E91E8020B}] => D:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{F99AF6FF-7E0C-41F6-B2EC-DDB3D5545197}] => D:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{FF5E03A5-D91B-42B6-AF38-7D2A17F20DBA}] => D:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{7D5DD7DA-1556-4E66-BF8F-7DF54B787A51}] => D:\Steam\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe
FirewallRules: [{CC346771-EFAC-4D95-A268-2A14F617AB74}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{72FE3A63-458D-46C0-B0C1-E88F9281496A}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D1C1C2C8-3C92-48D7-A2FE-421AB8577B71}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2C449291-1FBD-485E-8BF1-6DD878880E97}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{3CFD77D7-B240-48BC-A54E-DDE76D1CEDC1}] => D:\Steam\steamapps\common\Democracy 3\Democracy3.exe
FirewallRules: [{508114A4-D185-40F0-82DC-2B6838426848}] => D:\Steam\steamapps\common\Democracy 3\Democracy3.exe
FirewallRules: [{BDA65A7A-104E-4D84-9A11-BA8A0431C00C}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{217FC923-DCE7-480A-87D2-E359FB49CE89}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{61F2CEA2-A512-4827-9DC4-36D3815B6BC9}] => D:\Steam\steamapps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{0FAA423A-68D8-42A9-886A-0E0339414C1E}] => D:\Steam\steamapps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{83DAB31E-6126-41C4-99E6-6B1466103A71}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{29C6B89C-F484-42F8-B909-0C98C71C7B39}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{337501D2-4D79-4D34-BE0F-7C0969FC04A7}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6C636658-BCFC-443B-9337-2BBB6A648E82}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{74F3B540-0DDB-4032-B4C7-90A80CD8C072}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E9467076-DE4A-4A84-B53A-C0173C88650B}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{B006FB14-6DAB-4CA3-852B-2BCA9E2B700C}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6A115E3E-FD04-4040-A980-64E1A2F7B18A}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{54EA9290-07F3-4ABD-963A-42C21C410E93}] => D:\Steam\steamapps\common\Anno 1404\Addon.exe
FirewallRules: [{C861DA10-DF06-49BF-B4ED-99639DE34E31}] => D:\Steam\steamapps\common\Anno 1404\Addon.exe
FirewallRules: [{758FFFEF-8C26-4630-9F7E-1C925AD89F88}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BE9D1210-D36C-4C5F-B907-E2C1B180E263}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{1B096EBC-94B4-4ABB-85DE-E3520EBF00D9}] => D:\Steam\steamapps\common\firstassault\Shipping\nxsteam.exe
FirewallRules: [{EA77747C-DEAF-4BFB-BD63-FDE8003D8517}] => D:\Steam\steamapps\common\firstassault\Shipping\nxsteam.exe
FirewallRules: [{222AA3CA-11B7-4B1B-AB48-CA705459AEA9}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{98784C99-6E50-4866-9F3A-1A09F96AB06F}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{628046D2-4E1C-4D2E-85F6-E8901A7BBA6D}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E910D86B-7F03-4DA3-B216-E142276C4EBC}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2C81C9D9-7755-4CB5-B00B-4956A044842F}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{284103D6-519B-484E-A4D5-B6C3905780EE}] => LPort=1688
FirewallRules: [{A059F795-25C9-4A79-945D-A27465C3F2D7}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2B2F37C8-9442-4649-B5D2-432D11F9735E}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{FC5B094C-0C37-4B7F-AF90-ED06DF9F5FBE}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{6174F83E-930B-4406-B15A-893B296ABDCC}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{358F3856-EAD6-453E-8E51-5281960600B0}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{583727FC-6BA2-4D9F-A622-B6CB6062C440}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0DF66961-E67D-4C97-A144-524F63C4CE62}] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe
FirewallRules: [{A4FBB3C2-CC44-4AE1-8238-BDE3969D8860}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{DABFB464-9FFC-4394-9BC7-351EC6FB6DD0}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{AE9A18B4-126E-4428-97B4-E802D7B88730}] => D:\Steam\steamapps\common\FSX\fsx.exe
FirewallRules: [{07CD4FF6-DD93-4AC2-912A-A31B1FD31096}] => D:\Steam\steamapps\common\FSX\fsx.exe
FirewallRules: [{A5D64C23-F1C5-40CF-9687-18D75590BCB2}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{20975BD1-CB7A-48A9-B7AC-3B81DBEA1A95}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{D28B7E36-46F8-41A2-8B4C-767109845F6F}] => D:\Origin\Battlefield 1\bf1Trial.exe
FirewallRules: [{C09F5670-6E71-4F31-A99C-1D2C5E726BDB}] => D:\Origin\Battlefield 1\bf1Trial.exe
FirewallRules: [{7E5BFEC5-D4FD-4D56-84C5-518175E0183F}] => D:\Origin\Battlefield 1\bf1.exe
FirewallRules: [{CBB52A74-D238-4444-B6E8-41B103092BF9}] => D:\Origin\Battlefield 1\bf1.exe
FirewallRules: [{BFDD6E5B-6443-480F-B096-6CC653B3C483}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{BCDB6C99-3D5B-44EE-B2AC-DD297ECB70E6}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{4CFB9FAF-C128-4A7F-A991-7C1FE7520127}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{46ED8759-0D47-435C-B082-2BBEC6523A77}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{680315A1-031C-44F1-BE50-3A516EF1562B}] => D:\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{EE63C5AB-FE03-4328-9B36-8BFD7BC94777}] => D:\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{87728C2F-5EFF-4877-B51F-0E59797FE0EC}] => D:\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{97262891-DDD4-4CEC-BE4E-363B36AB82DE}] => D:\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{59CCD5DA-448A-4FD5-A246-B795D1AE65C0}] => D:\Steam\steamapps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{F950BA83-148E-4593-867A-0AC55AE63871}] => D:\Steam\steamapps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{57BE0F92-4CD6-4895-81FF-513791D0C9FD}] => D:\Steam\steamapps\common\RollerCoaster Tycoon World\RollerCoaster Tycoon World.exe
FirewallRules: [{68D1C4AC-2A34-46D1-8DFC-1BFBF2CAB530}] => D:\Steam\steamapps\common\RollerCoaster Tycoon World\RollerCoaster Tycoon World.exe
FirewallRules: [{FFB81978-5935-4995-A955-688788D06E59}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{5928465F-9DE4-4987-9ABD-FC64A334217B}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{72770A45-489B-4FBD-81A3-DA62ED066704}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{E4634DE9-774E-4174-8FA6-64A4DB718A6C}] => D:\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{A3C5DB80-C280-4937-B979-67E0921C7DE6}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{768E530C-A934-42BB-A955-A9FAA76C94C2}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DriverBooster.exe
FirewallRules: [{52D58527-CDBB-4D1C-9BA3-A7EA1CA7DFAB}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{85371F4B-7089-48C3-B1F4-E8F96F18A098}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\DBDownloader.exe
FirewallRules: [{9D274111-0A69-4598-B0C5-536CD4F7FA67}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe
FirewallRules: [{33BB781C-2ED1-4D14-8922-1FA2349BDCBB}] => C:\Program Files (x86)\IObit\Driver Booster\4.1.0\AutoUpdate.exe

==================== Wiederherstellungspunkte =========================

06-12-2016 22:27:38 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/06/2016 10:25:26 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for D:\Steam\bin\steamwebhelper.exe

Error: (12/06/2016 10:16:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/06/2016 10:05:12 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for D:\Steam\bin\steamwebhelper.exe

Error: (12/06/2016 10:05:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.


Systemfehler:
=============
Error: (12/06/2016 10:30:19 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Designs" ist von folgendem Dienst abhängig: iThemes5. Dieser Dienst ist eventuell nicht installiert.

Error: (12/06/2016 10:28:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/06/2016 10:16:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (12/06/2016 10:16:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (12/06/2016 10:15:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (12/06/2016 10:15:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.

Error: (12/06/2016 10:15:28 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Designs" ist von folgendem Dienst abhängig: iThemes5. Dieser Dienst ist eventuell nicht installiert.

Error: (12/06/2016 10:05:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (12/06/2016 10:05:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (12/06/2016 10:04:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die digitale Signatur dieser Datei kann nicht überprüft werden. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um böswillige Software aus einer unbekannten Quelle handelt, installiert.


CodeIntegrity:
===================================
  Date: 2016-12-06 22:15:33.979
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-06 22:15:33.916
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-06 22:15:33.424
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-06 22:15:33.344
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-06 22:04:32.810
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-06 22:04:32.732
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-06 22:04:32.236
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-06 22:04:32.166
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-06 11:01:59.079
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-12-06 11:01:59.001
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-5775C CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 12%
Installierter physikalischer RAM: 24517.93 MB
Verfügbarer physikalischer RAM: 21389.43 MB
Summe virtueller Speicher: 26564.12 MB
Verfügbarer virtueller Speicher: 23477.53 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:465.54 GB) (Free:11.57 GB) NTFS
Drive d: () (Fixed) (Total:2794.39 GB) (Free:1603.72 GB) NTFS
Drive g: (Global ATC Simulator) (CDROM) (Total:0.48 GB) (Free:0 GB) UDF

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

Botto97 · 06.12.2016, 22:34

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-12-2016
durchgeführt von User (Administrator) auf USER-PC (06-12-2016 22:29:54)
Gestartet von C:\Users\User\Desktop
Geladene Profile: User (Verfügbare Profile: User & Nadine & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Sony) C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8900104 2016-11-04] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-11-04] (Razer Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [299504 2016-06-20] (Intel Corporation)
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\Run: [Steam] => D:\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation)
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4295360 2016-06-08] (Disc Soft Ltd)
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9108184 2016-11-07] (Piriform Ltd)
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [247344 2016-11-23] ()
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [798352 2016-09-22] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\MountPoints2: {720c4d20-37bc-11e6-a9b2-2c56dc94012f} - cbs.exe
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\MountPoints2: {720c50ad-37bc-11e6-a9b2-2c56dc94012f} - G:\setup.exe
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\MountPoints2: {dbb36d82-30b2-11e6-bc24-2c56dc94012f} - G:\setup.exe
ShellExecuteHooks:  - {E61BD264-A5BC-11E6-BDC9-64006A5CFC23} -  Keine Datei [ ]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-09] (AVAST Software)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{19A85D3D-7A8C-49C6-B71A-6B9F95CD8203}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9634F382-7D29-46EB-AD92-13B0657457DE}: [NameServer] 77.234.40.79
ManualProxies: 

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-30] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-28] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-10-30] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-30] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-10-30] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\ssv.dll [2016-11-04] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-28] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-10-30] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-30] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\jp2ssv.dll [2016-11-04] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\qfgrr71f.default-1480591788312 [2016-12-06]
FF NetworkProxy: Mozilla\Firefox\Profiles\qfgrr71f.default-1480591788312 -> http", "185.90.81.137"
FF NetworkProxy: Mozilla\Firefox\Profiles\qfgrr71f.default-1480591788312 -> http_port", 3128
FF Extension: (TrackMeNot) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\qfgrr71f.default-1480591788312\Extensions\trackmenot@mrl.nyu.edu.xpi [2016-12-02]
FF Extension: (Adblock Plus) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\qfgrr71f.default-1480591788312\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-01]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-09]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-26] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-26] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-30] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-30] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.112.2 -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\dtplugin\npDeployJava1.dll [2016-11-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.112.2 -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\plugin2\npjp2.dll [2016-11-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-30] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-22] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: ChromeDefaultData
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-09] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2016-09-09] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1456136 2016-10-12] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3294912 2016-10-30] (Microsoft Corporation)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2016-08-18] () [Datei ist nicht signiert]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1458368 2016-06-08] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [392480 2016-12-02] (EasyAntiCheat Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [354936 2016-03-14] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-30] (Intel Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-01] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-12-06] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2016-12-06] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1316080 2016-11-23] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-05-21] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-06-28] ()
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [69744 2016-10-18] (Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-09-22] (Sandboxie Holdings, LLC)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
S2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation) [DependOnService: iThemes5]<==== ACHTUNG
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2085760 2016-09-16] (Sony)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18232 2016-08-22] (Intel(R) Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-09] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [28312 2016-07-01] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [453192 2016-09-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-09] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2016-07-01] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2016-11-13] () [Datei ist nicht signiert]
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-06-12] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-06-12] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-07-19] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31712 2016-07-19] (Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37072 2016-08-03] (Intel Corporation)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2016-11-13] () [Datei ist nicht signiert]
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-07-19] (Intel Corporation)
S3 NvnUsbAudio; C:\Windows\System32\DRIVERS\nvnusbaudio.sys [54000 2015-06-10] (Novation DMS Ltd.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [51224 2016-04-07] (Razer Inc)
R3 rzmpos; C:\Windows\System32\DRIVERS\rzmpos.sys [47640 2016-04-07] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
S3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2016-02-15] (Windows (R) Win 7 DDK provider)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-09-22] (Sandboxie Holdings, LLC)
S3 tap0901_openvpn_accl; C:\Windows\System32\DRIVERS\tap0901_openvpn_accl.sys [37912 2016-07-18] (The OpenVPN Project)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2016-05-12] (WinISO.com)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2016-12-02] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2016-12-02] (Zemana Ltd.)
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-06 22:29 - 2016-12-06 22:30 - 00022496 _____ C:\Users\User\Desktop\FRST.txt
2016-12-06 22:15 - 2016-12-06 22:15 - 00000022 _____ C:\Windows\S.dirmngr
2016-12-06 22:10 - 2016-12-06 22:10 - 01631928 _____ (Malwarebytes) C:\Users\User\Downloads\JRT.exe
2016-12-06 22:07 - 2016-12-06 22:25 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-06 22:07 - 2016-12-06 22:07 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-12-06 22:07 - 2016-12-06 22:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-12-06 22:07 - 2016-12-06 22:07 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-12-06 22:07 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-12-06 22:07 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-12-06 22:07 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-12-06 22:00 - 2016-12-06 22:03 - 00000000 ____D C:\AdwCleaner
2016-12-06 22:00 - 2016-12-06 22:00 - 03968464 _____ C:\Users\User\Downloads\AdwCleaner_6.040.exe
2016-12-06 17:35 - 2016-12-06 17:35 - 00000000 ____D C:\Users\User\Downloads\FRST-OlderVersion
2016-12-06 17:28 - 2016-12-06 17:28 - 00000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics
2016-12-06 17:27 - 2016-12-06 17:27 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-06 17:27 - 2016-12-01 18:04 - 00134712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-12-06 17:27 - 2016-09-09 19:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-12-06 17:27 - 2016-09-09 19:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2016-12-06 17:27 - 2016-09-09 19:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-12-06 17:27 - 2016-09-09 19:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2016-12-06 17:25 - 2016-12-01 20:52 - 40125496 _____ C:\Windows\system32\nvcompiler.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 35222976 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 34703416 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 28137920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 19948848 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 17440744 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 14055360 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-12-06 17:25 - 2016-12-01 20:52 - 10912744 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 10795312 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 10346208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 09151400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 08913328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 08754160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 03645496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 03206592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 01951680 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437619.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437619.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 01036736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00974272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00943552 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00895424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00683824 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00573072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00521096 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00438208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00435904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00407064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00390200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00170872 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00148200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00131536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-12-06 11:05 - 2016-12-02 18:00 - 00392480 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2016-12-04 21:56 - 2016-12-04 21:56 - 00000000 ____D C:\Users\User\AppData\Local\Gaijin
2016-12-04 14:31 - 2016-12-04 14:31 - 00000000 ____D C:\Users\User\AppData\LocalLow\Nvizzio Creations
2016-12-04 00:57 - 2016-12-04 00:57 - 00000202 _____ C:\Users\User\Desktop\RollerCoaster Tycoon World.url
2016-12-04 00:48 - 2016-12-04 00:48 - 00001463 _____ C:\Users\User\Desktop\mysummercar - Verknüpfung.lnk
2016-12-02 22:00 - 2016-12-02 22:00 - 00000000 ____D C:\Users\User\AppData\LocalLow\Bossa Studios
2016-12-02 21:59 - 2016-12-02 21:59 - 00000202 _____ C:\Users\User\Desktop\Surgeon Simulator.url
2016-12-02 19:00 - 2016-12-02 19:00 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\User\Desktop\rkill64.exe
2016-12-02 17:25 - 2016-12-02 17:27 - 00099926 _____ C:\Users\User\Downloads\Addition.txt
2016-12-02 17:24 - 2016-12-06 22:29 - 00000000 ____D C:\FRST
2016-12-02 17:24 - 2016-12-06 17:35 - 02419712 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2016-12-02 17:24 - 2016-12-02 17:27 - 00143116 _____ C:\Users\User\Downloads\FRST.txt
2016-12-02 01:34 - 2016-12-02 01:34 - 00000080 _____ C:\Users\Public\Desktop\Die SimsT 3 Traumkarrieren.lnk
2016-12-02 01:31 - 2016-12-02 01:31 - 07800248 _____ (PC Tools ) C:\Users\User\Downloads\tfinstall.exe
2016-12-02 01:26 - 2016-12-02 01:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-02 01:23 - 2016-12-02 01:23 - 22851472 _____ (Malwarebytes ) C:\Users\User\Downloads\mbam-setup-2.2.1.1043.exe
2016-12-02 01:21 - 2016-12-06 22:29 - 00399742 _____ C:\Windows\ZAM.krnl.trace
2016-12-02 01:21 - 2016-12-06 22:29 - 00384588 _____ C:\Windows\ZAM_Guard.krnl.trace
2016-12-02 01:21 - 2016-12-02 01:21 - 05188032 _____ (Zemana Ltd.) C:\Users\User\Downloads\Zemana.AntiMalware.Portable.exe
2016-12-02 01:21 - 2016-12-02 01:21 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2016-12-02 01:21 - 2016-12-02 01:21 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2016-12-02 01:21 - 2016-12-02 01:21 - 00000000 ____D C:\Users\User\AppData\Local\Zemana
2016-12-02 01:19 - 2016-12-02 01:19 - 00000000 ____D C:\Windows\system32\appmgmt
2016-12-01 23:20 - 2016-12-01 23:20 - 00000000 ____D C:\Users\User\AppData\LocalLow\Amistech
2016-12-01 23:19 - 2016-12-01 23:20 - 00000000 ____D C:\Users\User\Desktop\My.Summer.Car.Early.Access-P2P
2016-12-01 21:38 - 2016-12-01 22:54 - 324777801 _____ C:\Users\User\Downloads\da22a593d6c9bb63e4958970cf8c048c.rar
2016-12-01 12:08 - 2016-12-02 01:23 - 00000000 ____D C:\Users\User\AppData\Roaming\hadga
2016-12-01 11:03 - 2016-12-01 11:03 - 00000000 ____D C:\Users\User\Documents\Battlefield 1
2016-12-01 10:49 - 2016-12-02 01:34 - 00000649 _____ C:\Users\Public\Desktop\Battlefield 1.lnk
2016-12-01 10:49 - 2016-12-01 10:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 1
2016-11-30 09:57 - 2016-11-30 10:07 - 00000000 ____D C:\Program Files (x86)\u0cr1spw
2016-11-29 12:20 - 2016-11-29 12:20 - 07822784 _____ C:\Users\User\Downloads\A320_AS_FSX_LHA3_DAAST.zip
2016-11-29 12:18 - 2016-11-29 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft
2016-11-29 12:17 - 2016-11-29 12:17 - 07822595 _____ C:\Users\User\Downloads\A320_AXE_FSX_LHA3_DAAST.zip
2016-11-28 19:39 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-11-28 19:39 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-11-28 19:39 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-11-28 19:39 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-11-28 19:39 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-11-28 19:39 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-11-28 19:39 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-11-28 19:39 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-11-28 19:39 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-11-28 19:39 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-11-28 19:39 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-11-28 19:39 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-11-28 19:39 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-11-28 19:39 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-11-28 19:39 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-11-28 19:39 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-11-28 19:39 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-11-28 19:39 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-11-28 19:39 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-11-28 19:39 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-11-28 19:39 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-11-28 19:39 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2016-11-28 19:39 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-11-28 19:39 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-11-28 19:39 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-11-28 19:39 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-11-28 19:39 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-11-28 19:39 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-11-28 19:39 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-11-28 19:39 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-11-28 19:39 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-11-28 19:39 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-11-28 19:39 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-11-28 19:39 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-11-28 19:39 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-11-28 19:39 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-11-28 19:39 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-11-28 19:39 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-11-28 19:39 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-11-28 19:39 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-11-28 19:39 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-11-28 19:39 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-11-28 19:39 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-11-28 19:39 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-11-28 19:39 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-11-28 19:39 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-11-28 19:39 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-11-28 19:39 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-11-28 19:39 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-11-28 19:39 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-11-28 19:39 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-11-28 19:39 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-11-28 19:39 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-11-28 19:39 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-11-28 19:39 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-11-28 19:39 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-11-28 19:39 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-11-28 19:39 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-11-28 19:39 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-11-28 19:39 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-11-28 19:39 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-11-28 19:39 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-11-28 19:39 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-11-28 19:39 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-11-28 19:39 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-11-28 19:39 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-11-28 19:39 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-11-28 19:39 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-11-28 19:39 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-11-28 19:39 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-11-28 19:39 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-11-28 19:39 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-11-28 19:39 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-11-28 19:39 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-11-28 19:39 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-11-28 19:39 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-11-28 19:39 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-11-28 19:39 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-11-28 19:39 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-11-28 19:39 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-11-28 19:39 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-11-28 19:39 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-11-28 19:39 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-11-28 19:32 - 2016-11-24 21:54 - 01951680 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437609.dll
2016-11-28 19:32 - 2016-11-24 21:54 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437609.dll
2016-11-28 16:50 - 2016-11-28 16:50 - 00000017 _____ C:\Users\User\AppData\Local\resmon.resmoncfg
2016-11-27 14:53 - 2016-12-02 01:34 - 00001398 _____ C:\Users\Public\Desktop\Die Sims 3.lnk
2016-11-27 13:25 - 2016-11-29 12:18 - 00000000 ____D C:\Users\User\Documents\Aerosoft
2016-11-27 13:24 - 2016-12-02 01:34 - 00000870 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Global ATC Simulator.lnk
2016-11-27 13:24 - 2016-12-02 01:34 - 00000858 _____ C:\Users\Public\Desktop\Global ATC Simulator.lnk
2016-11-27 13:24 - 2016-11-27 13:26 - 00000000 ____D C:\Program Files (x86)\Global ATC Simulator
2016-11-27 13:24 - 2016-11-27 13:24 - 00000000 ____D C:\Users\User\Desktop\Global.ATC.Simulator-HI2U
2016-11-27 13:22 - 2016-11-27 13:23 - 512361856 _____ C:\Users\User\Downloads\2789cf0718883772293db622b5d669dd.rar
2016-11-27 00:59 - 2016-11-27 00:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SquawkBox
2016-11-27 00:59 - 2016-11-27 00:59 - 00000000 ____D C:\Program Files (x86)\SquawkBox
2016-11-27 00:59 - 2008-07-29 23:07 - 28487680 _____ C:\Users\User\Desktop\sb4setup.exe
2016-11-27 00:58 - 2016-11-27 00:58 - 27766733 _____ C:\Users\User\Downloads\squawkbox.zip
2016-11-26 19:45 - 2016-11-26 19:45 - 02599189 _____ C:\Users\User\Downloads\CRJ2_POSKY_FS9FSX_LHA3_DADME.zip
2016-11-26 19:23 - 2016-11-26 19:43 - 60493791 _____ C:\Users\User\Downloads\pos200fx.zip
2016-11-26 16:57 - 2016-11-26 16:57 - 17248991 _____ C:\Users\User\Downloads\AFAS6.zip
2016-11-26 16:57 - 2016-11-26 16:57 - 00046887 _____ C:\Users\User\Downloads\Bedienungsanleitung_AFAS_2.2-01.odt
2016-11-26 16:45 - 2016-11-26 16:45 - 14595297 _____ C:\Users\User\Downloads\pa320_basepack_fs9_2014-09-08.zip
2016-11-26 16:43 - 2016-11-26 16:43 - 06961600 _____ C:\Users\User\Downloads\A320_PA_FS9FSX_LHA3_DAABF.zip
2016-11-26 16:27 - 2016-11-26 16:27 - 03162141 _____ C:\Users\User\Downloads\DH8D_Majestic_FSX_LHA3_DABUD.zip
2016-11-26 16:19 - 2016-11-26 16:19 - 00000527 _____ C:\Users\User\Documents\pirep
2016-11-26 15:13 - 2016-11-26 15:13 - 00000061 ___SH C:\Windows\cnerolf.bin
2016-11-26 15:11 - 2016-11-26 15:11 - 00003126 _____ C:\Windows\System32\Tasks\{4732A461-F2FA-4F65-B3E6-C5F6F1AF4FDE}
2016-11-26 15:09 - 2016-11-26 15:09 - 03993096 _____ C:\Users\User\Downloads\FSUIPC4.zip
2016-11-26 15:09 - 2016-11-08 11:10 - 03810816 _____ (Peter L. Dowson) C:\Users\User\Desktop\Install FSUIPC4.exe
2016-11-26 15:05 - 2016-11-26 15:05 - 00000860 _____ C:\Users\User\Downloads\EDDF-ELLX.pln
2016-11-26 14:59 - 2016-11-26 18:19 - 00000000 ____D C:\Users\User\Desktop\XACARS for MSFS
2016-11-26 14:59 - 2016-11-26 14:59 - 00979161 _____ C:\Users\User\Downloads\XACARS_MSFS-de_DE-2.5.6.zip
2016-11-26 14:57 - 2016-11-26 14:57 - 01664059 _____ C:\Users\User\Downloads\fsacars4.zip
2016-11-26 14:57 - 2016-11-26 14:57 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FSacars
2016-11-26 14:57 - 2016-11-26 14:57 - 00000000 ____D C:\Program Files (x86)\FSacars
2016-11-26 14:57 - 2004-08-30 19:00 - 01778176 _____ C:\Users\User\Desktop\fsacars.msi
2016-11-26 14:51 - 2016-11-26 14:51 - 02455301 _____ C:\Users\User\Downloads\LHA Piloten-Handbuch 5. Ausgabe-pdf.zip
2016-11-26 14:51 - 2006-10-30 18:06 - 02793219 _____ C:\Users\User\Desktop\Piloten-Handbuch.pdf
2016-11-26 14:38 - 2016-12-02 01:34 - 00001904 _____ C:\Users\User\Desktop\vPilot.lnk
2016-11-26 14:38 - 2016-11-27 00:51 - 00000000 ____D C:\Users\User\Documents\vPilot Files
2016-11-26 14:38 - 2016-11-26 14:38 - 01912149 _____ C:\Users\User\Downloads\vPilot-Setup-1.1.5901.24775.exe
2016-11-26 14:38 - 2016-11-26 14:38 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vPilot
2016-11-26 14:38 - 2016-11-26 14:38 - 00000000 ____D C:\Users\User\AppData\Local\vPilot
2016-11-26 14:23 - 2016-11-26 14:23 - 00000000 ____D C:\Users\User\AppData\Local\Microsoft Game Studios
2016-11-26 14:23 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-11-26 14:23 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-11-26 14:23 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-11-26 14:23 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-11-26 14:23 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-11-26 14:23 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-11-26 14:23 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-11-26 14:23 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-11-26 14:23 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-11-26 14:23 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-11-26 14:23 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-11-26 14:23 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-11-26 14:23 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-11-26 14:23 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-11-26 14:23 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-11-26 14:23 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-11-26 14:23 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-11-26 14:23 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-11-26 14:23 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-11-26 14:23 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-11-26 14:23 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-11-26 14:23 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-11-26 14:23 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-11-26 14:23 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-11-26 14:23 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-11-26 14:23 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-11-26 14:23 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-11-26 14:23 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-11-26 14:23 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-11-26 14:23 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-11-26 14:23 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-11-26 14:23 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-11-26 14:23 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-11-26 14:23 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-11-26 14:23 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-11-26 14:23 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-11-26 14:23 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-11-26 14:23 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-11-26 14:23 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-11-26 14:23 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-11-26 14:23 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-11-26 14:23 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-11-26 14:23 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-11-26 14:23 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-11-26 14:23 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-11-26 14:23 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-11-26 14:23 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-11-26 14:23 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-11-26 14:23 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-11-26 14:23 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-11-26 14:23 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-11-26 14:23 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-11-26 14:23 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-11-26 14:23 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-11-26 14:23 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-11-26 14:23 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-11-26 14:23 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-11-26 14:23 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-11-26 14:23 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2016-11-26 14:19 - 2016-11-26 14:20 - 00000000 ____D C:\Users\User\Downloads\Microsoft.Flight.Simulator.X.Acceleration.Expansion.GERMAN-ENiGMA
2016-11-26 13:41 - 2016-11-26 13:45 - 482933672 _____ C:\Users\User\Downloads\e8c906f4d52e08c22244d63ecc2e7cba.part6.rar
2016-11-26 13:41 - 2016-11-26 13:44 - 524288000 _____ C:\Users\User\Downloads\e8c906f4d52e08c22244d63ecc2e7cba.part5.rar
2016-11-26 13:41 - 2016-11-26 13:44 - 524288000 _____ C:\Users\User\Downloads\e8c906f4d52e08c22244d63ecc2e7cba.part4.rar
2016-11-26 13:41 - 2016-11-26 13:44 - 524288000 _____ C:\Users\User\Downloads\e8c906f4d52e08c22244d63ecc2e7cba.part3.rar
2016-11-26 13:41 - 2016-11-26 13:44 - 524288000 _____ C:\Users\User\Downloads\e8c906f4d52e08c22244d63ecc2e7cba.part2.rar
2016-11-26 13:34 - 2016-11-26 13:42 - 524288000 _____ C:\Users\User\Downloads\e8c906f4d52e08c22244d63ecc2e7cba.part1.rar
2016-11-26 13:31 - 2016-11-26 15:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FsPassengersX
2016-11-26 13:30 - 2016-11-26 13:30 - 90220751 _____ C:\Users\User\Downloads\FSPassenger_X.zip
2016-11-26 13:30 - 2016-11-26 13:30 - 00000000 ____D C:\Users\User\Desktop\PSPX crack
2016-11-26 13:30 - 2015-11-10 14:37 - 88536024 _____ (SecondReality Software sarl) C:\Users\User\Desktop\FsPassengersX_setup.exe
2016-11-26 11:49 - 2016-11-26 15:32 - 00000000 ____D C:\Users\User\Documents\Flight Simulator X-Dateien
2016-11-26 11:43 - 2016-07-02 18:32 - 1442741564 _____ () C:\Users\User\Desktop\FSX_DE_Setup.exe
2016-11-26 10:50 - 2016-11-26 10:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Just Flight
2016-11-26 10:48 - 2016-11-26 11:43 - 00000000 ____D C:\Users\User\Downloads\Microsoft.Flight.Simulator.FSX.My.Traffic.X-SKIDROW
2016-11-26 10:40 - 2016-11-26 10:40 - 00000042 _____ C:\Users\User\Desktop\Neues Textdokument (2).txt
2016-11-26 09:23 - 2016-11-26 09:23 - 00000000 ___RD C:\Users\User\Desktop\CamSim Airbus 350-1000 V4 Lufthansa
2016-11-26 09:15 - 2016-11-26 09:15 - 00000000 ____D C:\Users\User\AppData\Local\World_of_AI
2016-11-26 09:14 - 2016-11-26 09:19 - 00000000 ____D C:\Users\User\Desktop\ai
2016-11-26 09:05 - 2016-11-26 09:05 - 00000000 _____ C:\Windows\system32\__00000001402FF151__C0000005.dmp
2016-11-26 08:57 - 2016-11-17 03:04 - 01953336 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437595.dll
2016-11-26 08:57 - 2016-11-17 03:04 - 01585088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437595.dll
2016-11-26 08:56 - 2016-11-26 09:05 - 00000000 ____D C:\Windows\system32\SSL
2016-11-26 08:55 - 2016-12-02 01:34 - 00001416 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-11-26 08:54 - 2016-11-17 14:45 - 00101824 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-11-26 08:54 - 2016-11-17 14:45 - 00091584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-11-26 08:54 - 2016-11-17 14:45 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-11-26 08:52 - 2016-12-06 18:31 - 00002292 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2016-11-24 21:24 - 2016-11-24 21:24 - 01897142 _____ C:\Windows\53721adc3be20fefca9ac4a452af8226.exe
2016-11-23 18:29 - 2016-12-02 01:34 - 00001392 _____ C:\Users\User\Desktop\FS2004.lnk
2016-11-23 18:29 - 2016-11-23 18:29 - 00002992 _____ C:\Windows\System32\Tasks\{2EFA6E8F-7BD5-4E75-BB02-B7202C56991C}
2016-11-23 15:33 - 2016-11-23 15:33 - 00001109 _____ C:\Users\Public\Desktop\Die Sims™ 3 Traumkarrieren.lnk
2016-11-22 12:13 - 2016-12-06 22:29 - 00013859 _____ C:\Users\User\Desktop\Berichte.txt
2016-11-21 20:05 - 2016-11-21 20:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2016-11-20 20:44 - 2016-06-06 16:43 - 06873864 ____N (Softpointer Inc ) C:\Users\User\Desktop\TagRename397.exe
2016-11-20 20:44 - 2016-01-03 15:02 - 00280617 ____N C:\Users\User\Desktop\1080735366.bin
2016-11-20 20:21 - 2016-12-02 01:34 - 00002161 _____ C:\Users\Public\Desktop\Xperia Companion.lnk
2016-11-20 20:21 - 2016-11-20 20:21 - 00000000 ____D C:\Users\User\Documents\Sony
2016-11-20 20:21 - 2016-11-20 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-11-20 20:21 - 2016-11-20 20:21 - 00000000 ____D C:\Program Files\Sony
2016-11-20 20:21 - 2016-11-20 20:21 - 00000000 ____D C:\Program Files (x86)\Sony
2016-11-20 14:10 - 2016-12-02 01:34 - 00000987 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-11-20 14:10 - 2016-12-02 01:34 - 00000975 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-11-20 14:10 - 2016-12-01 12:29 - 00000000 ____D C:\Users\User\Desktop\Alte Firefox-Daten
2016-11-20 14:10 - 2016-12-01 10:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-20 14:10 - 2016-12-01 10:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-20 02:59 - 2016-12-04 16:10 - 00002460 _____ C:\Users\User\Desktop\Rkill.txt
2016-11-20 02:59 - 2016-11-20 02:59 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\User\Desktop\rkill.exe
2016-11-20 02:54 - 2016-11-20 02:54 - 00000000 ____D C:\ProgramData\Avira
2016-11-20 02:54 - 2016-11-20 02:54 - 00000000 ____D C:\ProgramData\Avg
2016-11-20 02:53 - 2016-11-27 12:56 - 00000000 ____D C:\Users\User\AppData\Roaming\Caduph
2016-11-20 02:53 - 2016-11-20 02:53 - 00000000 ____D C:\Users\User\AppData\Local\Clekilygrerde
2016-11-19 13:48 - 2016-12-02 01:34 - 00002198 _____ C:\Users\User\Desktop\MegaTrainer eXperience.lnk
2016-11-19 13:48 - 2016-12-02 01:34 - 00002185 _____ C:\Users\User\Desktop\MT-X - Anleitung.lnk
2016-11-19 13:48 - 2016-11-19 13:48 - 00000047 _____ C:\Users\User\Documents\mt-x_hook.txt
2016-11-19 13:48 - 2013-01-25 06:21 - 19965984 _____ ( ) C:\Users\User\Desktop\mt-x_1158_setup.exe
2016-11-19 13:45 - 2016-12-02 01:34 - 00001367 _____ C:\Users\Public\Desktop\MegaTrainer.lnk
2016-11-19 13:45 - 2016-11-19 13:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaTrainerUltimate
2016-11-19 13:45 - 2016-11-19 13:45 - 00000000 ____D C:\ProgramData\MegaTrainerUltimate
2016-11-19 13:00 - 2016-12-02 01:34 - 00000959 _____ C:\Users\Public\Desktop\Patrician IV - Rise of a Dynasty.lnk
2016-11-19 13:00 - 2016-12-02 01:34 - 00000941 _____ C:\Users\Public\Desktop\Patrician IV.lnk
2016-11-19 13:00 - 2016-11-19 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kalypso Media
2016-11-18 16:25 - 2016-12-06 22:29 - 00000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2016-11-16 23:47 - 2016-11-16 23:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1
2016-11-16 23:47 - 2016-11-16 23:47 - 00000000 ____D C:\Program Files\Steinberg
2016-11-16 23:45 - 2016-11-16 23:45 - 00000512 _____ C:\Users\User\Desktop\License.dat
2016-11-16 23:43 - 2016-12-06 17:27 - 00001648 _____ C:\Windows\Sandboxie.ini
2016-11-16 23:43 - 2016-12-02 01:34 - 00001020 _____ C:\Users\User\Desktop\Sandboxed Web Browser.lnk
2016-11-16 23:43 - 2016-11-16 23:43 - 00000000 ___RD C:\Sandbox
2016-11-16 23:43 - 2016-11-16 23:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2016-11-16 23:43 - 2016-11-16 23:43 - 00000000 ____D C:\Program Files\Sandboxie
2016-11-16 23:34 - 2016-11-16 23:35 - 00000000 ____D C:\Users\User\Desktop\HEADS WILL ROLL
2016-11-16 12:53 - 2016-11-16 12:53 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Axolot Games
2016-11-16 12:51 - 2016-11-16 12:51 - 00000000 ____D C:\Users\Gast\AppData\Roaming\tropico 5
2016-11-16 12:50 - 2016-11-16 12:50 - 00000000 ____D C:\Users\Gast\AppData\Roaming\tropico 4
2016-11-15 19:40 - 2016-12-02 01:34 - 00001245 _____ C:\Users\User\Desktop\taskmgr.lnk
2016-11-15 18:52 - 2016-11-15 18:52 - 00001785 _____ C:\Users\Nadine\Desktop\Word .lnk
2016-11-15 18:52 - 2016-11-15 18:52 - 00000000 ____D C:\Users\Nadine\AppData\Local\CEF
2016-11-15 18:51 - 2016-11-15 18:51 - 00000000 ____D C:\Users\Nadine\AppData\Roaming\Mozilla
2016-11-15 18:51 - 2016-11-15 18:51 - 00000000 ____D C:\Users\Nadine\AppData\Roaming\Intel Corporation
2016-11-15 18:51 - 2016-11-15 18:51 - 00000000 ____D C:\Users\Nadine\AppData\Local\Mozilla
2016-11-15 18:50 - 2016-11-29 20:46 - 00114944 _____ C:\Users\Nadine\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-15 18:50 - 2016-11-15 18:52 - 00000000 ____D C:\Users\Nadine\AppData\Local\NVIDIA Corporation
2016-11-15 18:50 - 2016-11-15 18:50 - 00001425 _____ C:\Users\Nadine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-11-15 18:50 - 2016-11-15 18:50 - 00000020 ___SH C:\Users\Nadine\ntuser.ini
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Vorlagen
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Startmenü
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Netzwerkumgebung
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Lokale Einstellungen
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Eigene Dateien
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Druckumgebung
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Documents\Eigene Videos
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Documents\Eigene Musik
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Documents\Eigene Bilder
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\AppData\Local\Verlauf
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\AppData\Local\Anwendungsdaten
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Anwendungsdaten
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 ____D C:\Users\Nadine\AppData\Roaming\AVAST Software
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 ____D C:\Users\Nadine\AppData\Roaming\Adobe
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 ____D C:\Users\Nadine\AppData\Local\VirtualStore
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 ____D C:\Users\Nadine\AppData\Local\Razer
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 ____D C:\Users\Nadine\AppData\Local\NVIDIA
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 ____D C:\Users\Nadine\AppData\Local\Google
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 ____D C:\Users\Nadine
2016-11-15 18:50 - 2016-07-04 18:48 - 00002124 _____ C:\Users\Nadine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-11-15 18:50 - 2011-04-12 09:28 - 00000000 ____D C:\Users\Nadine\AppData\Roaming\Media Center Programs
2016-11-15 17:44 - 2016-11-15 17:44 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Macromedia
2016-11-15 17:44 - 2016-11-15 17:44 - 00000000 ____D C:\Users\Gast\AppData\Local\Macromedia
2016-11-15 17:40 - 2016-11-15 17:40 - 00001781 _____ C:\Users\Gast\Desktop\Word.lnk
2016-11-15 13:53 - 2016-11-15 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2016-11-15 13:52 - 2016-11-15 17:40 - 00000000 ____D C:\xampp
2016-11-14 14:13 - 2016-11-14 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANNO 1503
2016-11-14 11:20 - 2016-11-14 11:20 - 00003150 _____ C:\Windows\System32\Tasks\{3F138AF1-2993-4400-8D86-ECA499A76DD4}
2016-11-14 11:16 - 2016-09-17 02:12 - 00044144 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2016-11-13 21:45 - 2016-11-13 21:46 - 00036892 _____ C:\Windows\SysWOW64\bassmod.dll
2016-11-13 21:35 - 2016-11-13 21:35 - 00000000 ____D C:\Users\User\Documents\ANNO 2070
2016-11-13 19:04 - 2016-11-19 00:24 - 00000000 ____D C:\Users\User\Documents\The Witcher 3
2016-11-13 19:02 - 2016-11-13 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-11-13 15:31 - 2016-11-13 15:31 - 00000000 ____D C:\Users\User\Documents\Anno 2205
2016-11-13 15:31 - 2016-11-13 15:31 - 00000000 ____D C:\Users\User\AppData\Roaming\uplay
2016-11-13 15:30 - 2016-12-02 01:34 - 00000893 _____ C:\Users\User\Desktop\Anno 2205.lnk
2016-11-13 15:30 - 2016-11-13 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anno 2205
2016-11-13 14:01 - 2016-11-13 14:01 - 00303616 _____ C:\Windows\system32\Drivers\atksgt.sys
2016-11-13 14:01 - 2016-11-13 14:01 - 00035328 _____ C:\Windows\system32\Drivers\lirsgt.sys
2016-11-13 14:01 - 2016-11-13 14:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anno 1701
2016-11-11 23:20 - 2016-11-11 23:20 - 00002247 _____ C:\Users\Gast\Desktop\Google Chrome.lnk
2016-11-11 17:44 - 2016-11-11 17:44 - 00000000 ____D C:\Users\User\AppData\Local\2K Games
2016-11-11 17:04 - 2016-12-02 01:34 - 00000509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia III.lnk
2016-11-10 12:07 - 2016-11-10 12:07 - 00000201 _____ C:\Users\User\Desktop\Anno 1404 Venice.url
2016-11-09 21:19 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-09 21:19 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-11-09 21:19 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-09 21:19 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-11-09 21:19 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-11-09 21:19 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-09 21:19 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-11-09 21:19 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-11-09 21:19 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-11-09 21:19 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-09 21:19 - 2016-10-28 04:59 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-09 21:19 - 2016-10-28 04:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-09 21:19 - 2016-10-27 20:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-09 21:19 - 2016-10-27 20:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-09 21:19 - 2016-10-27 19:55 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-09 21:19 - 2016-10-27 19:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-09 21:19 - 2016-10-27 19:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-09 21:19 - 2016-10-27 19:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-09 21:19 - 2016-10-27 19:53 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-09 21:19 - 2016-10-27 19:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-09 21:19 - 2016-10-27 19:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-09 21:19 - 2016-10-27 19:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-09 21:19 - 2016-10-27 19:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-09 21:19 - 2016-10-27 19:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-09 21:19 - 2016-10-27 19:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-09 21:19 - 2016-10-27 19:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-09 21:19 - 2016-10-27 19:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-09 21:19 - 2016-10-27 19:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-09 21:19 - 2016-10-27 19:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-09 21:19 - 2016-10-27 19:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-09 21:19 - 2016-10-27 19:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-09 21:19 - 2016-10-27 19:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-09 21:19 - 2016-10-27 19:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-09 21:19 - 2016-10-27 19:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-09 21:19 - 2016-10-27 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-09 21:19 - 2016-10-27 19:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-09 21:19 - 2016-10-27 19:02 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-09 21:19 - 2016-10-27 18:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-09 21:19 - 2016-10-27 18:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-09 21:19 - 2016-10-27 18:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-09 21:19 - 2016-10-27 18:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-09 21:19 - 2016-10-27 18:44 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-09 21:19 - 2016-10-27 18:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-09 21:19 - 2016-10-27 18:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-09 21:19 - 2016-10-27 18:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-09 21:19 - 2016-10-27 17:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-09 21:19 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-09 21:19 - 2016-10-25 16:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-09 21:19 - 2016-10-22 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-09 21:19 - 2016-10-22 18:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-09 21:19 - 2016-10-22 18:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-09 21:19 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-09 21:19 - 2016-10-22 18:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-09 21:19 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-09 21:19 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-09 21:19 - 2016-10-22 18:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-09 21:19 - 2016-10-22 18:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-09 21:19 - 2016-10-22 18:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-09 21:19 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-09 21:19 - 2016-10-22 18:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-09 21:19 - 2016-10-22 18:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-09 21:19 - 2016-10-22 18:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-09 21:19 - 2016-10-22 18:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-09 21:19 - 2016-10-22 18:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-09 21:19 - 2016-10-22 17:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-09 21:19 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-09 21:19 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-09 21:19 - 2016-10-22 17:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-09 21:19 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-09 21:19 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-09 21:19 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-09 21:19 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-09 21:19 - 2016-10-22 17:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-09 21:19 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-09 21:19 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-09 21:19 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-09 21:19 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-09 21:19 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-09 21:19 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-09 21:19 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-09 21:19 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-09 21:19 - 2016-10-11 16:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-09 21:19 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-11-09 21:19 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-09 21:19 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-11-09 21:19 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-11-09 21:19 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-09 21:19 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-11-09 21:19 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-11-09 21:19 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-11-09 21:19 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-11-09 21:19 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-11-09 21:19 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-11-09 21:19 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-11-09 21:19 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-09 21:19 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-11-09 21:19 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-09 21:19 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-11-09 21:19 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-09 21:19 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-09 21:19 - 2016-10-10 16:38 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-09 21:19 - 2016-10-10 16:38 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-09 21:19 - 2016-10-10 16:34 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-09 21:19 - 2016-10-10 16:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-09 21:19 - 2016-10-10 16:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-09 21:19 - 2016-10-10 16:34 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-09 21:19 - 2016-10-10 16:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-09 21:19 - 2016-10-10 15:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-09 21:19 - 2016-10-10 15:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-09 21:19 - 2016-10-10 15:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-09 21:19 - 2016-10-10 15:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-09 21:19 - 2016-10-10 15:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-09 21:19 - 2016-10-10 15:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-09 21:19 - 2016-10-07 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-09 21:19 - 2016-10-07 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-09 21:19 - 2016-10-07 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-09 21:19 - 2016-10-07 16:35 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:18 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-09 21:19 - 2016-10-07 16:18 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-09 21:19 - 2016-10-07 16:15 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:04 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-09 21:19 - 2016-10-07 16:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-09 21:19 - 2016-10-07 16:04 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-09 21:19 - 2016-10-07 16:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-09 21:19 - 2016-10-07 16:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-09 21:19 - 2016-10-07 15:56 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-09 21:19 - 2016-10-07 15:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-09 21:19 - 2016-10-07 15:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-09 21:19 - 2016-10-07 15:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-09 21:19 - 2016-10-07 15:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-09 21:19 - 2016-10-07 15:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 15:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 15:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 15:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-09 21:19 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-09 21:19 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-11-09 21:19 - 2016-09-13 16:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-11-09 21:19 - 2016-09-13 16:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-11-09 21:19 - 2016-09-09 19:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-09 21:19 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-11-09 21:19 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll

Botto97 · 07.12.2016, 11:12

Code:

ATTFilter

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-06 22:28 - 2016-07-19 10:46 - 00000000 ____D C:\ProgramData\IObit
2016-12-06 22:28 - 2016-07-19 10:46 - 00000000 ____D C:\Program Files (x86)\IObit
2016-12-06 22:28 - 2016-07-19 10:45 - 00000000 ____D C:\Users\User\AppData\Roaming\IObit
2016-12-06 22:28 - 2009-01-01 00:24 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-06 22:26 - 2016-10-22 16:21 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-06 22:25 - 2016-10-22 16:21 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-06 22:25 - 2016-07-19 17:45 - 00000000 ____D C:\Users\User\AppData\Local\Overwolf
2016-12-06 22:25 - 2016-05-17 08:33 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-12-06 22:23 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-06 22:23 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-06 22:20 - 2013-01-28 08:58 - 00736146 _____ C:\Windows\system32\perfh013.dat
2016-12-06 22:20 - 2013-01-28 08:58 - 00153312 _____ C:\Windows\system32\perfc013.dat
2016-12-06 22:20 - 2013-01-28 08:55 - 00732694 _____ C:\Windows\system32\perfh010.dat
2016-12-06 22:20 - 2013-01-28 08:55 - 00147056 _____ C:\Windows\system32\perfc010.dat
2016-12-06 22:20 - 2013-01-28 08:53 - 00738364 _____ C:\Windows\system32\perfh00C.dat
2016-12-06 22:20 - 2013-01-28 08:53 - 00149790 _____ C:\Windows\system32\perfc00C.dat
2016-12-06 22:20 - 2013-01-28 08:50 - 00738104 _____ C:\Windows\system32\perfh00A.dat
2016-12-06 22:20 - 2013-01-28 08:50 - 00158684 _____ C:\Windows\system32\perfc00A.dat
2016-12-06 22:20 - 2013-01-28 08:48 - 00700146 _____ C:\Windows\system32\perfh007.dat
2016-12-06 22:20 - 2013-01-28 08:48 - 00149784 _____ C:\Windows\system32\perfc007.dat
2016-12-06 22:20 - 2009-07-14 06:13 - 05176728 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-06 22:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-06 22:15 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-06 22:13 - 2016-11-04 15:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-06 21:59 - 2016-05-20 20:19 - 00000000 ____D C:\Users\User\AppData\Roaming\Origin
2016-12-06 17:27 - 2016-05-20 20:18 - 00000000 ____D C:\ProgramData\Origin
2016-12-06 17:27 - 2009-01-01 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-12-06 17:27 - 2009-01-01 00:23 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-06 17:25 - 2016-06-07 02:13 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps
2016-12-06 11:19 - 2016-05-20 20:17 - 00000000 ____D C:\Program Files (x86)\Origin
2016-12-02 01:34 - 2016-10-22 16:21 - 00001164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-02 01:34 - 2016-10-18 19:35 - 00000681 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crazy Machines 3.lnk
2016-12-02 01:34 - 2016-10-17 13:34 - 00000881 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Suite.lnk
2016-12-02 01:34 - 2016-10-07 20:58 - 00000857 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Big Pharma Marketing and Malpractice.lnk
2016-12-02 01:34 - 2016-09-21 12:11 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-12-02 01:34 - 2016-08-25 13:38 - 00001272 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\OpenIV.lnk
2016-12-02 01:34 - 2016-08-11 13:12 - 00000737 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bus Simulator 16.lnk
2016-12-02 01:34 - 2016-07-18 11:16 - 00001058 _____ C:\Users\User\Desktop\Freenet.lnk
2016-12-02 01:34 - 2016-07-05 00:27 - 00002591 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-12-02 01:34 - 2016-07-04 18:48 - 00002176 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002372 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-12-02 01:34 - 2016-07-01 16:07 - 00001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-12-02 01:34 - 2016-06-16 22:26 - 00001084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk
2016-12-02 01:34 - 2016-06-16 22:21 - 00001534 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-12-02 01:34 - 2016-06-13 20:24 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-12-02 01:34 - 2016-06-12 17:06 - 00000673 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project CARS.lnk
2016-12-02 01:34 - 2016-06-09 14:33 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-12-02 01:34 - 2016-05-30 20:45 - 00001785 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-12-02 01:34 - 2016-05-21 10:05 - 00000973 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2016-12-02 01:34 - 2016-05-17 07:33 - 00000879 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-12-02 01:34 - 2014-06-17 20:35 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-12-02 01:34 - 2014-06-17 20:35 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-12-02 01:34 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-02 01:34 - 2009-07-14 06:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-12-02 01:34 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-12-02 01:34 - 2009-07-14 05:57 - 00001352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-12-02 01:34 - 2009-07-14 05:57 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-12-02 01:34 - 2009-07-14 05:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-12-02 01:34 - 2009-07-14 05:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-12-02 01:34 - 2009-07-14 05:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-12-02 01:15 - 2016-06-09 17:39 - 00000000 ____D C:\Users\User\AppData\Roaming\UseNeXT
2016-12-01 20:52 - 2016-11-04 15:16 - 00491536 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-12-01 20:52 - 2014-10-16 17:54 - 17373312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-12-01 20:52 - 2014-10-16 17:54 - 14410120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-12-01 20:52 - 2014-10-16 17:54 - 03941536 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-12-01 20:52 - 2014-10-16 17:54 - 03479560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-12-01 20:52 - 2009-01-01 00:23 - 00041344 _____ C:\Windows\system32\nvinfo.pb
2016-12-01 19:34 - 2016-05-20 20:20 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-12-01 18:33 - 2016-08-24 08:47 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2016-12-01 18:32 - 2016-05-28 11:44 - 00546752 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-12-01 18:32 - 2016-05-28 11:44 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-12-01 18:32 - 2009-01-01 00:24 - 06384576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-12-01 18:32 - 2009-01-01 00:24 - 02475968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-12-01 18:32 - 2009-01-01 00:24 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-12-01 18:32 - 2009-01-01 00:24 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-12-01 18:32 - 2009-01-01 00:24 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-12-01 10:49 - 2016-08-31 11:08 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller
2016-12-01 10:48 - 2016-05-17 16:15 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-30 13:28 - 2016-07-05 00:26 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2016-11-30 10:34 - 2009-01-01 00:24 - 07607057 _____ C:\Windows\system32\nvcoproc.bin
2016-11-30 09:57 - 2009-07-14 05:45 - 00417608 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-29 12:56 - 2016-06-07 02:20 - 00000000 ____D C:\Users\User\Documents\Flight Simulator X Files
2016-11-29 12:23 - 2016-05-17 07:34 - 00114944 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-28 23:46 - 2016-07-19 17:46 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-11-28 20:21 - 2016-06-06 21:24 - 00000000 ____D C:\Users\User\AppData\Local\Ubisoft Game Launcher
2016-11-28 19:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-11-28 14:52 - 2016-06-13 20:24 - 00000000 ____D C:\Users\User\Documents\Flight Simulator-Dateien
2016-11-28 10:41 - 2016-06-12 16:51 - 00000000 ____D C:\Users\User\AppData\Roaming\DAEMON Tools Lite
2016-11-28 10:02 - 2016-07-01 16:06 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-11-27 14:24 - 2016-08-11 12:53 - 00000000 ____D C:\Users\User\AppData\Roaming\tropico 5
2016-11-26 10:50 - 2016-05-17 16:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-11-26 09:08 - 2016-07-04 18:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-11-26 09:07 - 2016-07-04 18:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-11-26 08:55 - 2016-09-21 08:29 - 00003590 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-26 08:55 - 2016-08-01 15:08 - 00003828 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-26 08:55 - 2016-08-01 15:08 - 00003828 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-26 08:55 - 2016-08-01 15:08 - 00003778 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-26 08:55 - 2016-08-01 15:08 - 00003766 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-26 08:55 - 2016-08-01 15:08 - 00003530 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-26 08:55 - 2009-01-01 00:23 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-11-26 08:55 - 2009-01-01 00:23 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-11-26 08:54 - 2016-11-04 15:21 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-26 08:54 - 2016-05-20 20:24 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-26 08:54 - 2016-05-20 20:24 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-26 08:54 - 2016-05-20 20:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-26 08:54 - 2016-05-20 20:24 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-26 08:52 - 2016-11-04 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2016-11-26 08:49 - 2009-07-14 06:08 - 00032628 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-11-24 00:18 - 2016-08-16 16:11 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
2016-11-23 17:43 - 2016-07-19 15:05 - 00000015 _____ C:\Users\User\AppData\Local\X-Plane_drm.prf
2016-11-23 11:53 - 2016-05-21 20:40 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2016-11-23 11:52 - 2016-05-21 20:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-23 11:52 - 2016-05-21 20:39 - 00000000 ____D C:\ProgramData\Skype
2016-11-21 19:45 - 2016-07-19 17:46 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2016-11-20 20:18 - 2016-03-29 10:12 - 00000000 ____D C:\Users\User\Desktop\Xperia_Z3_Compact
2016-11-20 16:52 - 2016-10-17 11:57 - 00000000 ____D C:\Users\User\Documents\Bewerbung
2016-11-20 02:54 - 2016-07-01 22:29 - 00000000 ____D C:\Program Files (x86)\OpenAL
2016-11-20 02:54 - 2016-06-20 23:23 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2016-11-20 02:54 - 2016-06-09 17:39 - 00000000 ____D C:\Program Files (x86)\UseNeXT
2016-11-20 02:53 - 2016-10-29 15:52 - 00000000 ___HD C:\Program Files (x86)\Zero G Registry
2016-11-20 02:53 - 2016-10-23 09:51 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-11-20 02:53 - 2016-10-23 09:50 - 00000000 ____D C:\Program Files (x86)\WinISO Computing
2016-11-20 02:53 - 2016-10-18 15:10 - 00000000 ____D C:\Program Files (x86)\Novation
2016-11-20 02:53 - 2016-10-17 11:36 - 00000000 ____D C:\Program Files (x86)\VirtualDJ
2016-11-20 02:53 - 2016-10-05 10:40 - 00000000 ____D C:\Program Files (x86)\Software2000
2016-11-20 02:53 - 2016-09-22 15:29 - 00000000 ____D C:\Program Files (x86)\GameDog
2016-11-20 02:53 - 2016-09-22 15:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2016-11-20 02:53 - 2016-09-21 12:11 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-11-20 02:53 - 2016-09-15 22:55 - 00000000 ____D C:\Program Files (x86)\Pidgin
2016-11-20 02:53 - 2016-09-14 11:42 - 00000000 ____D C:\Program Files (x86)\GNU
2016-11-20 02:53 - 2016-09-09 15:40 - 00000000 ____D C:\Program Files (x86)\The Mighty Quest For Epic Loot
2016-11-20 02:53 - 2016-09-06 20:38 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2016-11-20 02:53 - 2016-09-06 20:38 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2016-11-20 02:53 - 2016-09-06 20:36 - 00000000 ____D C:\Program Files (x86)\Image-Line
2016-11-20 02:53 - 2016-08-22 13:19 - 00000000 ____D C:\Program Files (x86)\Windows Media Components
2016-11-20 02:53 - 2016-08-21 20:10 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-11-20 02:53 - 2016-08-16 16:10 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-11-20 02:53 - 2016-07-05 00:21 - 00000000 ____D C:\Program Files (x86)\BitTyrant
2016-11-20 02:53 - 2016-07-05 00:20 - 00000000 ____D C:\Program Files (x86)\Azureus
2016-11-20 02:53 - 2016-07-04 20:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2016-11-20 02:53 - 2016-07-04 20:38 - 00000000 ____D C:\Program Files (x86)\NuGet
2016-11-20 02:53 - 2016-07-04 20:36 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2016-11-20 02:53 - 2016-07-04 20:35 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-11-20 02:53 - 2016-07-04 20:35 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-11-20 02:53 - 2016-07-04 20:35 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-11-20 02:53 - 2016-07-04 20:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2016-11-20 02:53 - 2016-07-04 20:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2016-11-20 02:53 - 2016-07-04 18:48 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-11-20 02:53 - 2016-07-02 09:11 - 00000000 ____D C:\Program Files (x86)\MegaDev
2016-11-20 02:53 - 2016-07-01 22:30 - 00000000 ____D C:\Program Files (x86)\Xvid
2016-11-20 02:53 - 2016-06-27 18:40 - 00000000 ____D C:\Program Files (x86)\Minecraft
2016-11-20 02:53 - 2016-06-17 00:02 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2016-11-20 02:53 - 2016-06-16 22:56 - 00000000 ____D C:\Program Files (x86)\SQL Anywhere 16
2016-11-20 02:53 - 2016-06-09 21:19 - 00000000 ____D C:\Program Files (x86)\Java
2016-11-20 02:53 - 2016-06-09 14:33 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-11-20 02:53 - 2016-06-09 14:33 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-11-20 02:53 - 2016-06-07 02:16 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2016-11-20 02:53 - 2016-06-02 21:56 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.5.1
2016-11-20 02:53 - 2016-05-21 10:08 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-11-20 02:53 - 2016-05-21 09:49 - 00000000 ____D C:\Program Files (x86)\Google
2016-11-20 02:53 - 2016-05-21 09:33 - 00000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2016-11-20 02:53 - 2016-05-21 09:32 - 00000000 ____D C:\Program Files (x86)\Razer
2016-11-20 02:53 - 2016-05-20 20:40 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2016-11-20 02:53 - 2016-05-17 16:19 - 00000000 ____D C:\Program Files (x86)\Intel
2016-11-20 02:53 - 2016-05-17 16:16 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-11-20 02:53 - 2016-05-17 16:16 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-11-20 02:53 - 2016-05-17 16:15 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-11-20 02:53 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-11-20 02:53 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-11-20 02:53 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-11-20 02:53 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-11-20 02:53 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-11-20 02:53 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-11-20 02:53 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-11-19 18:19 - 2016-08-11 14:06 - 00000000 ____D C:\Users\User\AppData\Roaming\Kalypso Media
2016-11-19 13:50 - 2016-07-02 09:13 - 00000007 _____ C:\Users\User\Documents\mt-e_hook.txt
2016-11-17 14:45 - 2016-05-28 11:40 - 01854400 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-11-17 14:45 - 2016-05-28 11:40 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-11-17 14:45 - 2016-05-28 11:40 - 01452480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-11-17 14:45 - 2016-05-28 11:40 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-11-17 14:45 - 2016-05-28 11:40 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-11-16 12:53 - 2016-07-27 20:30 - 00000000 ____D C:\Users\Gast\Documents\My Games
2016-11-16 12:28 - 2016-06-02 22:04 - 00000000 ____D C:\Users\User\AppData\Local\Arma 3 Launcher
2016-11-16 12:16 - 2016-06-02 22:04 - 00000000 ____D C:\Users\User\AppData\Local\Arma 3
2016-11-15 13:34 - 2016-07-01 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
2016-11-15 13:33 - 2016-09-15 21:40 - 00000000 ____D C:\Users\User\AppData\Roaming\Nox
2016-11-15 13:33 - 2016-09-15 21:40 - 00000000 ____D C:\Users\User\AppData\Local\Nox
2016-11-15 13:32 - 2016-07-04 18:49 - 00000000 ____D C:\Program Files\KMSpico
2016-11-15 13:31 - 2016-10-10 21:26 - 00000000 ____D C:\Users\User\AppData\Local\Apple Inc
2016-11-15 13:31 - 2016-06-09 14:33 - 00000000 ____D C:\Users\User\AppData\Roaming\Apple Computer
2016-11-15 13:31 - 2016-06-09 14:32 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-11-13 23:56 - 2016-10-28 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-11-13 23:56 - 2016-10-28 21:09 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2016-11-13 19:01 - 2016-08-24 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-11-13 18:57 - 2016-06-28 21:57 - 00000000 ____D C:\Users\User\AppData\Roaming\Ubisoft
2016-11-13 15:09 - 2016-05-21 10:05 - 00000000 ____D C:\Users\User\AppData\Roaming\TS3Client
2016-11-12 20:08 - 2016-07-01 21:21 - 00000000 ____D C:\Users\User\Documents\Anno 1404
2016-11-12 20:08 - 2016-06-28 22:34 - 00000000 ____D C:\Users\User\Documents\ANNO 1404 Venedig
2016-11-11 23:21 - 2016-06-19 16:04 - 00000000 ____D C:\Users\Gast\AppData\Local\NVIDIA Corporation
2016-11-11 23:20 - 2016-06-19 16:04 - 00111400 _____ C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-09 23:15 - 2014-06-17 22:46 - 00000000 ____D C:\Windows\system32\MRT
2016-11-09 23:12 - 2014-06-17 22:46 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-09 13:43 - 2016-10-28 20:33 - 00000000 ____D C:\Users\User\AppData\Local\Skyrim Special Edition

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-06-27 14:55 - 2016-08-23 13:16 - 0000099 _____ () C:\Users\User\AppData\Roaming\LauncherSettings_live.cfg
2016-06-27 14:27 - 2016-06-27 14:27 - 0000040 _____ () C:\Users\User\AppData\Roaming\TheHunterSettings_steam_live.cfg
2016-11-28 16:50 - 2016-11-28 16:50 - 0000017 _____ () C:\Users\User\AppData\Local\resmon.resmoncfg
2016-07-19 15:05 - 2016-11-23 17:43 - 0000015 _____ () C:\Users\User\AppData\Local\X-Plane_drm.prf
2016-07-19 15:05 - 2016-07-22 09:13 - 0000061 _____ () C:\Users\User\AppData\Local\x-plane_install_10.txt
2016-05-17 16:17 - 2016-05-17 16:17 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-07-07 18:05 - 2016-07-07 18:05 - 0000111 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc

Einige Dateien in TEMP:
====================
C:\Users\User\AppData\Local\Temp\libeay32.dll
C:\Users\User\AppData\Local\Temp\msvcr120.dll
C:\Users\User\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\User\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\User\AppData\Local\Temp\nvStInst.exe
C:\Users\User\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-12-04 15:48

==================== Ende von FRST.txt ============================

Hab Rkill mal drüberlaufen lassen und der erkennt Asus GPU Tweak scheinbar als Schadware

Code:

ATTFilter

Rkill 2.8.4 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2016 BleepingComputer.com
More Information about Rkill can be found at this link:
 hxxp://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/07/2016 11:10:28 AM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Windows\SysWOW64\ASGT.exe (PID: 2344) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Policies\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity: 

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * No issues found.

Program finished at: 12/07/2016 11:10:45 AM
Execution time: 0 hours(s), 0 minute(s), and 17 seconds(s)

M-K-D-B · 07.12.2016, 16:35

Servus,

sehr gut gemacht. Da wurde ja nochmal einiges gelöscht. Leider sind wir noch nicht fertig.

Das ist eine Falschmeldung von RKill, ist aber auch irrelevant.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
C:\Users\User\AppData\Roaming\Profiles\Gagckgrelecult.default
c:\program files (x86)\1aa89a20-1480147065-11dd-9995-2c56dc94012f
C:\Program Files (x86)\u0cr1spw
C:\Windows\53721adc3be20fefca9ac4a452af8226.exe
C:\ProgramData\Avira
C:\ProgramData\Avg
C:\Users\User\AppData\Roaming\Caduph
C:\Users\User\AppData\Local\Clekilygrerde
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\001d46a7
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\Software\Classes\regfile: regedit.exe "%1" <===== ACHTUNG
Task: {F822A841-C14E-4013-8ACC-FE0128A1FD86} - System32\Tasks\{81E21091-ECC2-4598-9770-E678EE83EFFA} => pcalua.exe -a C:\Users\User\Desktop\A380v2Demo09\A380demo.exe -d C:\Users\User\Desktop\A380v2Demo09
Task: {A20C4AD7-C5F7-4503-A905-F3D227B20DAF} - System32\Tasks\{3F138AF1-2993-4400-8D86-ECA499A76DD4} => pcalua.exe -a C:\Users\User\Downloads\TWEE_German_language_pack.exe -d C:\Users\User\Downloads
Task: {893DFF73-789D-4AC0-BDE5-B9A061D7B5B4} - System32\Tasks\{4732A461-F2FA-4F65-B3E6-C5F6F1AF4FDE} => pcalua.exe -a "C:\Users\User\Desktop\Install FSUIPC4.exe" -d C:\Users\User\Desktop
Unlock: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Themes
CMD: reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Themes" /s
S2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation) [DependOnService: iThemes5]<==== ACHTUNG
CMD: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iThemes5" /f
Folder: C:\Users\User\AppData\Roaming\Profiles
CMD: type "C:\Users\User\AppData\Roaming\Mozilla\Firefox\profiles.ini"
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)

Doppelklicke auf die SystemLook.exe, um das Tool zu starten.

Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

Code:

ATTFilter

:regfind
SoundProvider
WinSAPSvc
WinArcher
UvConverter
amisites.com
vqerckleent
reimage
hadga
chelfnotify
ytb music box
ytbmusicbox

Klicke nun auf den Button Look, um den Scan zu starten.
Der Suchlauf kann einige Zeit dauern.
Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.

Schritt 3

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von SystemLook,
die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

Botto97 · 07.12.2016, 17:34

Designs geht wieder

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 07-12-2016
durchgeführt von User (07-12-2016 17:27:18) Run:1
Gestartet von C:\Users\User\Desktop
Geladene Profile: User (Verfügbare Profile: User & Nadine & Gast)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
C:\Users\User\AppData\Roaming\Profiles\Gagckgrelecult.default
c:\program files (x86)\1aa89a20-1480147065-11dd-9995-2c56dc94012f
C:\Program Files (x86)\u0cr1spw
C:\Windows\53721adc3be20fefca9ac4a452af8226.exe
C:\ProgramData\Avira
C:\ProgramData\Avg
C:\Users\User\AppData\Roaming\Caduph
C:\Users\User\AppData\Local\Clekilygrerde
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\001d46a7
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\Software\Classes\regfile: regedit.exe "%1" <===== ACHTUNG
Task: {F822A841-C14E-4013-8ACC-FE0128A1FD86} - System32\Tasks\{81E21091-ECC2-4598-9770-E678EE83EFFA} => pcalua.exe -a C:\Users\User\Desktop\A380v2Demo09\A380demo.exe -d C:\Users\User\Desktop\A380v2Demo09
Task: {A20C4AD7-C5F7-4503-A905-F3D227B20DAF} - System32\Tasks\{3F138AF1-2993-4400-8D86-ECA499A76DD4} => pcalua.exe -a C:\Users\User\Downloads\TWEE_German_language_pack.exe -d C:\Users\User\Downloads
Task: {893DFF73-789D-4AC0-BDE5-B9A061D7B5B4} - System32\Tasks\{4732A461-F2FA-4F65-B3E6-C5F6F1AF4FDE} => pcalua.exe -a "C:\Users\User\Desktop\Install FSUIPC4.exe" -d C:\Users\User\Desktop
Unlock: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Themes
CMD: reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Themes" /s
S2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation) [DependOnService: iThemes5]<==== ACHTUNG
CMD: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iThemes5" /f
Folder: C:\Users\User\AppData\Roaming\Profiles
CMD: type "C:\Users\User\AppData\Roaming\Mozilla\Firefox\profiles.ini"
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************

Prozess erfolgreich geschlossen.
C:\Users\User\AppData\Roaming\Profiles\Gagckgrelecult.default => erfolgreich verschoben
"c:\program files (x86)\1aa89a20-1480147065-11dd-9995-2c56dc94012f" => nicht gefunden.
C:\Program Files (x86)\u0cr1spw => erfolgreich verschoben
C:\Windows\53721adc3be20fefca9ac4a452af8226.exe => erfolgreich verschoben
C:\ProgramData\Avira => erfolgreich verschoben
C:\ProgramData\Avg => erfolgreich verschoben
C:\Users\User\AppData\Roaming\Caduph => erfolgreich verschoben
C:\Users\User\AppData\Local\Clekilygrerde => erfolgreich verschoben
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\001d46a7 => Schlüssel erfolgreich entfernt
"HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\Software\Classes\regfile" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F822A841-C14E-4013-8ACC-FE0128A1FD86}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F822A841-C14E-4013-8ACC-FE0128A1FD86}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{81E21091-ECC2-4598-9770-E678EE83EFFA} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{81E21091-ECC2-4598-9770-E678EE83EFFA}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A20C4AD7-C5F7-4503-A905-F3D227B20DAF}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A20C4AD7-C5F7-4503-A905-F3D227B20DAF}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{3F138AF1-2993-4400-8D86-ECA499A76DD4} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3F138AF1-2993-4400-8D86-ECA499A76DD4}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{893DFF73-789D-4AC0-BDE5-B9A061D7B5B4}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{893DFF73-789D-4AC0-BDE5-B9A061D7B5B4}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{4732A461-F2FA-4F65-B3E6-C5F6F1AF4FDE} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4732A461-F2FA-4F65-B3E6-C5F6F1AF4FDE}" => Schlüssel erfolgreich entfernt
"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Themes" => Schlüssel wurde entsperrt

========= reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Themes" /s =========


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Themes
    Start    REG_DWORD    0x2
    DisplayName    REG_SZ    @%SystemRoot%\System32\themeservice.dll,-8192
    ErrorControl    REG_DWORD    0x1
    Group    REG_SZ    ProfSvc_Group
    ImagePath    REG_EXPAND_SZ    %SystemRoot%\System32\svchost.exe -k netsvcs
    Type    REG_DWORD    0x20
    Description    REG_SZ    @%SystemRoot%\System32\themeservice.dll,-8193
    ObjectName    REG_SZ    LocalSystem
    RequiredPrivileges    REG_MULTI_SZ    SeAssignPrimaryTokenPrivilege\0SeDebugPrivilege\0SeImpersonatePrivilege
    FailureActions    REG_BINARY    80510100000000000000000003000000140000000100000060EA00000100000060EA00000000000000000000
    DependOnService    REG_MULTI_SZ    iThemes5

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Themes\Parameters
    ServiceDllUnloadOnStop    REG_DWORD    0x1
    ServiceMain    REG_SZ    ThemeServiceMain
    ServiceDll    REG_EXPAND_SZ    %SystemRoot%\system32\themeservice.dll


========= Ende von CMD: =========

hklm\System\CurrentControlSet\Services\Themes\\DependOnService => Wert erfolgreich entfernt

========= reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\iThemes5" /f =========

FEHLER: Der angegebene Registrierungsschlssel bzw. Wert wurde nicht gefunden.

========= Ende von CMD: =========


========================= Folder: C:\Users\User\AppData\Roaming\Profiles ========================


====== Ende von Folder: ======


========= type "C:\Users\User\AppData\Roaming\Mozilla\Firefox\profiles.ini" =========

[General]
StartWithLastProfile=1

[Profile0]
Name=default-1480591788312
IsRelative=1
Path=Profiles/qfgrr71f.default-1480591788312


========= Ende von CMD: =========


========= dir "%ProgramFiles%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: C844-A9DD

 Verzeichnis von C:\Program Files

02.12.2016  01:23    <DIR>          .
02.12.2016  01:23    <DIR>          ..
16.06.2016  22:26    <DIR>          Adobe
17.05.2016  16:15    <DIR>          ASUS
01.07.2016  16:07    <DIR>          AVAST Software
07.10.2016  20:58    <DIR>          Big Pharma Marketing and Malpractice
09.06.2016  14:33    <DIR>          Bonjour
11.08.2016  14:05    <DIR>          Bus Simulator 16
01.07.2016  22:36    <DIR>          CCleaner
06.09.2016  20:38    <DIR>          Common Files
22.05.2016  18:31    <DIR>          Core Temp
18.10.2016  19:36    <DIR>          Crazy Machines 3
12.06.2016  16:53    <DIR>          DAEMON Tools Lite
15.09.2016  21:40    <DIR>          DIFX
28.01.2013  08:58    <DIR>          DVD Maker
10.09.2016  23:59    <DIR>          FileZilla FTP Client
06.09.2016  20:38    <DIR>          Image-Line
17.05.2016  08:33    <DIR>          Intel
10.11.2016  10:40    <DIR>          Internet Explorer
27.09.2016  22:44    <DIR>          iPod
27.09.2016  22:44    <DIR>          iTunes
15.11.2016  13:32    <DIR>          KMSpico
04.07.2016  18:45    <DIR>          Microsoft Office 15
04.07.2016  20:40    <DIR>          Microsoft SQL Server
22.09.2016  15:13    <DIR>          Microsoft SQL Server Compact Edition
22.09.2016  15:13    <DIR>          Microsoft Synchronization Services
14.07.2009  06:32    <DIR>          MSBuild
13.11.2016  23:56    <DIR>          Nexus Mod Manager
18.10.2016  15:05    <DIR>          Novation
26.11.2016  08:55    <DIR>          NVIDIA Corporation
22.10.2016  16:20    <DIR>          Pioneer
12.06.2016  17:10    <DIR>          Project CARS
21.05.2016  09:33    <DIR>          Razer Chroma SDK
17.05.2016  16:17    <DIR>          Realtek
14.07.2009  06:32    <DIR>          Reference Assemblies
28.10.2016  19:44    <DIR>          Rockstar Games
16.11.2016  23:43    <DIR>          Sandboxie
20.11.2016  20:21    <DIR>          Sony
16.11.2016  23:47    <DIR>          Steinberg
25.07.2016  10:59    <DIR>          TeamSpeak 3 Client
17.06.2014  23:03    <DIR>          Windows Defender
17.05.2016  10:20    <DIR>          Windows Journal
28.01.2013  08:58    <DIR>          Windows Mail
13.10.2016  10:29    <DIR>          Windows Media Player
14.07.2009  06:32    <DIR>          Windows NT
28.01.2013  08:58    <DIR>          Windows Photo Viewer
21.11.2010  04:31    <DIR>          Windows Portable Devices
28.01.2013  08:58    <DIR>          Windows Sidebar
04.06.2016  19:47    <DIR>          WinRAR
               0 Datei(en),              0 Bytes
              49 Verzeichnis(se),  4.129.595.392 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramFiles(x86)%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: C844-A9DD

 Verzeichnis von C:\Program Files (x86)

07.12.2016  17:27    <DIR>          .
07.12.2016  17:27    <DIR>          ..
20.11.2016  02:53    <DIR>          AGEIA Technologies
20.11.2016  02:53    <DIR>          Apple Software Update
20.11.2016  02:53    <DIR>          ASIO4ALL v2
20.11.2016  02:53    <DIR>          ASUS
20.11.2016  02:53    <DIR>          Azureus
20.11.2016  02:53    <DIR>          Battlelog Web Plugins
20.11.2016  02:53    <DIR>          BitTyrant
20.11.2016  02:53    <DIR>          Bonjour
20.11.2016  02:53    <DIR>          Cheat Engine 6.5.1
26.11.2016  09:08    <DIR>          Common Files
20.11.2016  02:54    <DIR>          Electronic Arts
20.11.2016  02:53    <DIR>          Foxit Software
26.11.2016  14:57    <DIR>          FSacars
20.11.2016  02:53    <DIR>          GameDog
27.11.2016  13:26    <DIR>          Global ATC Simulator
20.11.2016  02:53    <DIR>          GNU
20.11.2016  02:53    <DIR>          Google
20.11.2016  02:53    <DIR>          Image-Line
20.11.2016  02:53    <DIR>          Intel
20.11.2016  02:53    <DIR>          Internet Explorer
06.12.2016  22:28    <DIR>          IObit
20.11.2016  02:53    <DIR>          Java
06.12.2016  22:07    <DIR>           Malwarebytes Anti-Malware 
20.11.2016  02:53    <DIR>          MegaDev
20.11.2016  02:53    <DIR>          Microsoft Help Viewer
26.11.2016  09:07    <DIR>          Microsoft Office
20.11.2016  02:53    <DIR>          Microsoft OneDrive
20.11.2016  02:53    <DIR>          Microsoft SDKs
20.11.2016  02:53    <DIR>          Microsoft SQL Server
20.11.2016  02:53    <DIR>          Microsoft SQL Server Compact Edition
20.11.2016  02:53    <DIR>          Microsoft Synchronization Services
20.11.2016  02:53    <DIR>          Microsoft Visual Studio 11.0
20.11.2016  02:53    <DIR>          Microsoft Visual Studio 12.0
20.11.2016  02:53    <DIR>          Microsoft.NET
20.11.2016  02:53    <DIR>          Minecraft
01.12.2016  10:26    <DIR>          Mozilla Firefox
01.12.2016  10:26    <DIR>          Mozilla Maintenance Service
20.11.2016  02:53    <DIR>          MSBuild
20.11.2016  02:53    <DIR>          MSXML 4.0
20.11.2016  02:53    <DIR>          Notepad++
20.11.2016  02:53    <DIR>          Novation
20.11.2016  02:53    <DIR>          NuGet
26.11.2016  08:55    <DIR>          NVIDIA Corporation
20.11.2016  02:54    <DIR>          OpenAL
06.12.2016  11:19    <DIR>          Origin
01.12.2016  19:34    <DIR>          Origin Games
28.11.2016  23:46    <DIR>          Overwolf
20.11.2016  02:53    <DIR>          Pidgin
20.11.2016  02:53    <DIR>          Razer
20.11.2016  02:53    <DIR>          Razer Chroma SDK
20.11.2016  02:53    <DIR>          Realtek
20.11.2016  02:53    <DIR>          Reference Assemblies
20.11.2016  02:53    <DIR>          Rockstar Games
23.11.2016  11:52    <DIR>          Skype
20.11.2016  02:53    <DIR>          Software2000
20.11.2016  20:21    <DIR>          Sony
20.11.2016  02:53    <DIR>          SQL Anywhere 16
27.11.2016  00:59    <DIR>          SquawkBox
20.11.2016  02:53    <DIR>          TeamViewer
20.11.2016  02:53    <DIR>          The Mighty Quest For Epic Loot
20.11.2016  02:54    <DIR>          UseNeXT
20.11.2016  02:53    <DIR>          VideoLAN
20.11.2016  02:53    <DIR>          VirtualDJ
20.11.2016  02:53    <DIR>          VstPlugins
06.12.2016  17:27    <DIR>          VulkanRT
20.11.2016  02:53    <DIR>          Windows Defender
20.11.2016  02:53    <DIR>          Windows Kits
20.11.2016  02:53    <DIR>          Windows Mail
20.11.2016  02:53    <DIR>          Windows Media Components
20.11.2016  02:53    <DIR>          Windows Media Player
20.11.2016  02:53    <DIR>          Windows NT
20.11.2016  02:53    <DIR>          Windows Photo Viewer
20.11.2016  02:53    <DIR>          Windows Portable Devices
20.11.2016  02:53    <DIR>          Windows Sidebar
20.11.2016  02:53    <DIR>          WinISO Computing
20.11.2016  02:53    <DIR>          Xvid
               0 Datei(en),              0 Bytes
              78 Verzeichnis(se),  4.129.583.104 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramData%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: C844-A9DD

 Verzeichnis von C:\ProgramData

18.10.2016  15:45    <DIR>          Ableton
16.06.2016  22:27    <DIR>          Adobe
09.06.2016  14:33    <DIR>          Apple
09.06.2016  14:33    <DIR>          Apple Computer
01.07.2016  16:07    <DIR>          AVAST Software
02.06.2016  22:04    <DIR>          Bohemia Interactive
16.09.2016  12:03    <DIR>          Caphyon
12.06.2016  16:51    <DIR>          DAEMON Tools Lite
01.07.2016  23:04    <DIR>          dbdata
28.06.2016  13:29    <DIR>          EA Core
18.07.2016  16:03    <DIR>          EA Logs
29.10.2016  18:08    <DIR>          Elder Scrolls Online
21.05.2016  09:42    <DIR>          Electronic Arts
17.06.2016  00:02    <DIR>          Foxit ContentPlatform
16.06.2016  12:49    <DIR>          Gaijin
14.09.2016  11:43    <DIR>          GNU
27.06.2016  12:31    <DIR>          Hunter
16.07.2016  11:00    <DIR>          InstallMate
22.09.2016  15:14    <DIR>          Intel
22.09.2016  15:15    <DIR>          Intel Telemetry
06.12.2016  22:28    <DIR>          IObit
17.06.2016  11:04    <DIR>          Lexware
02.12.2016  01:26    <DIR>          Malwarebytes
19.11.2016  13:45    <DIR>          MegaTrainerUltimate
04.07.2016  18:48    <DIR>          Microsoft OneDrive
07.07.2016  18:05               111 Microsoft.SqlServer.Compact.400.64.bc
22.09.2016  09:02    <DIR>          Nero
04.07.2016  20:38    <DIR>          NuGet
07.12.2016  17:27    <DIR>          NVIDIA
06.12.2016  17:27    <DIR>          NVIDIA Corporation
09.06.2016  21:20    <DIR>          Oracle
07.12.2016  12:14    <DIR>          Origin
19.07.2016  17:47    <DIR>          Overwolf
01.12.2016  10:48    <DIR>          Package Cache
05.06.2016  12:12    <DIR>          PopCap Games
18.10.2016  15:10    <DIR>          Propellerhead Software
22.09.2016  17:17    <DIR>          Razer
16.06.2016  22:27    <DIR>          regid.1986-12.com.adobe
26.11.2016  09:08    <DIR>          regid.1991-06.com.microsoft
05.07.2016  10:27    <DIR>          Riot Games
03.06.2016  09:32    <DIR>          RzSurroundVAD_1.1.61.0
22.10.2016  18:28    <DIR>          SafeNet Sentinel
21.09.2016  09:13    <DIR>          simplitec
23.11.2016  11:52    <DIR>          Skype
15.07.2016  14:21    <DIR>          Slightly Mad Studios
15.07.2016  14:15    <DIR>          Solid State Networks
16.06.2016  22:56    <DIR>          SQL Anywhere 16
12.06.2016  17:11    <DIR>          Steam
22.07.2016  13:30    <DIR>          WarThunder
16.09.2016  12:03    <DIR>          xUnion.net
               1 Datei(en),            111 Bytes
              49 Verzeichnis(se),  4.129.517.568 Bytes frei

========= Ende von CMD: =========


========= dir "%Appdata%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: C844-A9DD

 Verzeichnis von C:\Users\User\AppData\Roaming

07.12.2016  17:27    <DIR>          .
07.12.2016  17:27    <DIR>          ..
14.09.2016  11:43    <DIR>          .kde
02.09.2016  09:23    <DIR>          .minecraft
22.09.2016  17:28    <DIR>          .purple
18.10.2016  15:43    <DIR>          Ableton
16.06.2016  22:28    <DIR>          Adobe
15.11.2016  13:31    <DIR>          Apple Computer
16.09.2016  12:10    <DIR>          ArkRemoteAdmin
01.07.2016  16:06    <DIR>          AVAST Software
13.06.2016  01:02    <DIR>          Axolot Games
05.07.2016  00:30    <DIR>          BitTyrant
25.07.2016  11:02    <DIR>          com.bluemanchu.CardHunter
28.11.2016  10:41    <DIR>          DAEMON Tools Lite
14.10.2016  19:02    <DIR>          dvdcss
25.09.2016  19:34    <DIR>          FileZilla
17.06.2016  00:02    <DIR>          Foxit AgentInformation
17.06.2016  00:41    <DIR>          Foxit Software
22.09.2016  15:29    <DIR>          GameDog
04.10.2016  20:09    <DIR>          gnupg
02.12.2016  01:23    <DIR>          hadga
21.08.2016  12:42    <DIR>          HelloGames
25.08.2016  07:10    <DIR>          HeroesAndGeneralsDesktop
17.05.2016  07:32    <DIR>          Identities
22.10.2016  16:31    <DIR>          iFunbox_UserCache
06.09.2016  20:38    <DIR>          Image-Line
22.10.2016  16:37    <DIR>          iMobie
26.11.2016  10:50    <DIR>          InstallShield
17.05.2016  07:34    <DIR>          Intel Corporation
06.12.2016  22:28    <DIR>          IObit
05.07.2016  00:35    <DIR>          JAM Software
27.06.2016  18:40    <DIR>          java
19.11.2016  18:19    <DIR>          Kalypso Media
23.08.2016  13:16                99 LauncherSettings_live.cfg
16.06.2016  23:58    <DIR>          Lexware
05.07.2016  10:42    <DIR>          LolClient
20.05.2016  20:24    <DIR>          Macromedia
12.04.2011  09:28    <DIR>          Media Center Programs
16.08.2016  13:24    <DIR>          Mount&Blade Warband
01.01.2009  22:23    <DIR>          Mozilla
21.09.2016  09:15    <DIR>          Nero
25.08.2016  13:38    <DIR>          New Technology Studio
21.08.2016  20:16    <DIR>          Notepad++
15.11.2016  13:33    <DIR>          Nox
10.07.2016  20:28    <DIR>          NuGet
12.06.2016  17:13    <DIR>          NVIDIA
06.06.2016  22:06    <DIR>          OBS
07.12.2016  16:29    <DIR>          Origin
22.10.2016  18:27    <DIR>          Pioneer
05.11.2016  09:04    <DIR>          PioneerLog
07.12.2016  17:27    <DIR>          Profiles
05.07.2016  10:27    <DIR>          Riot Games
24.08.2016  18:19    <DIR>          Sierra
23.11.2016  11:53    <DIR>          Skype
05.09.2016  11:38    <DIR>          Spotify
16.06.2016  22:58    <DIR>          SQL Anywhere 16
21.08.2016  12:42    <DIR>          Steam
09.06.2016  21:20    <DIR>          Sun
17.10.2016  13:33    <DIR>          TeamViewer
16.06.2016  15:21    <DIR>          The Creative Assembly
27.06.2016  14:27    <DIR>          theHunter
27.06.2016  14:27                40 TheHunterSettings_steam_live.cfg
27.06.2016  12:31    <DIR>          theHunterSteam
14.08.2016  17:37    <DIR>          Tropico 3
15.08.2016  22:40    <DIR>          tropico 4
27.11.2016  14:24    <DIR>          tropico 5
13.11.2016  15:09    <DIR>          TS3Client
13.11.2016  18:57    <DIR>          Ubisoft
13.11.2016  15:31    <DIR>          uplay
02.12.2016  01:15    <DIR>          UseNeXT
30.11.2016  13:28    <DIR>          uTorrent
24.11.2016  00:18    <DIR>          vlc
23.10.2016  09:50    <DIR>          WinISO Computing
04.06.2016  19:47    <DIR>          WinRAR
16.09.2016  12:02    <DIR>          xUnion.net
               2 Datei(en),            139 Bytes
              73 Verzeichnis(se),  4.129.513.472 Bytes frei

========= Ende von CMD: =========


========= dir "%LocalAppdata%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: C844-A9DD

 Verzeichnis von C:\Users\User\AppData\Local

07.12.2016  17:27    <DIR>          .
07.12.2016  17:27    <DIR>          ..
11.11.2016  17:44    <DIR>          2K Games
22.10.2016  17:52    <DIR>          Adobe
21.05.2016  09:39    <DIR>          AdvancedChromaConfigurato
09.06.2016  14:33    <DIR>          Apple
27.09.2016  22:45    <DIR>          Apple Computer
15.11.2016  13:31    <DIR>          Apple Inc
16.11.2016  12:16    <DIR>          Arma 3
16.11.2016  12:28    <DIR>          Arma 3 Launcher
10.09.2016  12:44    <DIR>          AVAST Software
01.08.2016  15:04    <DIR>          BattlEye
28.10.2016  21:09    <DIR>          Black_Tree_Gaming
02.06.2016  22:04    <DIR>          Bohemia_Interactive
20.05.2016  19:59    <DIR>          CEF
06.12.2016  17:25    <DIR>          CrashDumps
18.10.2016  19:37    <DIR>          Daedalic Entertainment GmbH
07.07.2016  18:05    <DIR>          Daring Development
19.07.2016  13:07    <DIR>          DayZ
20.06.2016  09:30    <DIR>          DeadByDaylight
26.11.2016  08:52    <DIR>          Diagnostics
12.06.2016  17:10    <DIR>          Disc_Soft_Ltd
06.12.2016  17:28    <DIR>          ElevatedDiagnostics
21.05.2016  09:42    <DIR>          ESN
02.11.2016  11:35    <DIR>          Freenet
22.05.2016  18:39    <DIR>          Futuremark
04.12.2016  21:56    <DIR>          Gaijin
05.10.2016  10:53    <DIR>          Game Dev Tycoon - Steam
29.11.2016  12:23           114.944 GDIPFONTCACHEV1.DAT
30.07.2016  12:13    <DIR>          GMap.NET
14.09.2016  11:43    <DIR>          GNU
13.06.2016  10:29    <DIR>          Google
15.09.2016  23:01    <DIR>          gtk-2.0
04.07.2016  23:05    <DIR>          GWX
22.09.2016  15:15    <DIR>          Intel Telemetry
02.08.2016  19:52    <DIR>          Introversion
22.05.2016  18:39    <DIR>          IsolatedStorage
27.09.2016  16:25    <DIR>          JKZ_Mod
16.06.2016  23:58    <DIR>          Lexware
20.05.2016  20:24    <DIR>          Macromedia
10.10.2016  21:26    <DIR>          Microsoft
26.11.2016  14:23    <DIR>          Microsoft Game Studios
20.05.2016  20:08    <DIR>          Mozilla
25.08.2016  13:38    <DIR>          New Technology Studio
15.11.2016  13:33    <DIR>          Nox
01.08.2016  15:08    <DIR>          NVIDIA
05.11.2016  11:17    <DIR>          NVIDIA Corporation
30.06.2016  08:49    <DIR>          Oblivion
10.10.2016  21:24    <DIR>          Origin
07.12.2016  17:25    <DIR>          Overwolf
10.08.2016  13:37    <DIR>          PAYDAY 2
15.08.2016  23:50    <DIR>          Pokefarmer
04.07.2016  20:45    <DIR>          PolyLoader
22.05.2016  18:31    <DIR>          Programs
28.06.2016  13:30    <DIR>          PunkBuster
22.05.2016  17:05    <DIR>          Razer
15.07.2016  14:21    <DIR>          Red Bull Air Race The Game
28.11.2016  16:50                17 resmon.resmoncfg
01.07.2016  16:12    <DIR>          Risen
22.09.2016  16:48    <DIR>          Rockstar Games
22.05.2016  17:05    <DIR>          RzStats
22.08.2016  19:51    <DIR>          SkinSoft
01.11.2016  19:28    <DIR>          Skyrim
09.11.2016  13:43    <DIR>          Skyrim Special Edition
01.11.2016  19:28    <DIR>          SkyrimSE
05.09.2016  11:38    <DIR>          Spotify
20.05.2016  19:59    <DIR>          Steam
07.12.2016  17:26    <DIR>          Temp
27.06.2016  14:27    <DIR>          theHunter
21.09.2016  08:27    <DIR>          Ubisoft
07.12.2016  13:34    <DIR>          Ubisoft Game Launcher
20.06.2016  09:30    <DIR>          UnrealEngine
05.11.2016  09:06    <DIR>          VirtualStore
26.11.2016  14:38    <DIR>          vPilot
23.10.2016  09:50    <DIR>          WinISO Computing
26.11.2016  09:15    <DIR>          World_of_AI
23.11.2016  17:43                15 X-Plane_drm.prf
22.07.2016  09:13                61 x-plane_install_10.txt
16.09.2016  12:03    <DIR>          xUnion.net
02.12.2016  01:21    <DIR>          Zemana
               4 Datei(en),        115.037 Bytes
              76 Verzeichnis(se),  4.129.497.088 Bytes frei

========= Ende von CMD: =========


========= RemoveProxy: =========

HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17726224 B
Java, Flash, Steam htmlcache => 172439745 B
Windows/system/drivers => 853037012 B
Edge => 0 B
Chrome => 319488 B
Firefox => 379737035 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
systemprofile32 => 33490 B
LocalService => 0 B
NetworkService => 0 B
User => 319893152 B
Nadine => 2007060 B
Gast => 89240358 B

RecycleBin => 242543 B
EmptyTemp: => 1.7 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 17:27:29 ====

Code:

ATTFilter

SystemLook 30.07.11 by jpshortstuff
Log created at 17:30 on 07/12/2016 by User
Administrator - Elevation successful

========== regfind ==========

Searching for "SoundProvider"
No data found.

Searching for "WinSAPSvc"
No data found.

Searching for "WinArcher"
No data found.

Searching for "UvConverter"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\UvConverter\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02C076B2283AB74D88D5E4D34BC497FF]
"F39E5917C417B4041A46F88010121C6E"="C:\Program Files (x86)\UvConverter\UvConverter\keymap.txt"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2A47D6F1D42DD81A292C027724D291]
"F39E5917C417B4041A46F88010121C6E"="C:\Program Files (x86)\UvConverter\UvConverter\main"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4EE2F0310EBEC29A0C48C035C43786AA]
"F39E5917C417B4041A46F88010121C6E"="C:\Program Files (x86)\UvConverter\UvConverter\UvConverter.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9C767D9D7BB3F9C4B839FF09B6C80DCF]
"F39E5917C417B4041A46F88010121C6E"="C:\Program Files (x86)\UvConverter\UvConverter\uvConvInst.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B68CE107A2DED706DC47D6BC4BF3C4C1]
"F39E5917C417B4041A46F88010121C6E"="C:\Program Files (x86)\UvConverter\UvConverter\UniKeyNT.exe"

Searching for "amisites.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\SafeZoneStable\shell\open\command]
@=""C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" hxxp://www.amisites.com/?type=sc&ts=1480590508&z=0615f35ba18e1c689007dbeg4z8bae4w9t7e6wae9q&from=che0812&uid=ST3000DM001-1ER166_Z502SFPNXXXXZ502SFPN"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\StartMenuInternet\SafeZoneStable\shell\open\command]
@=""C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" hxxp://www.amisites.com/?type=sc&ts=1480590508&z=0615f35ba18e1c689007dbeg4z8bae4w9t7e6wae9q&from=che0812&uid=ST3000DM001-1ER166_Z502SFPNXXXXZ502SFPN"

Searching for "vqerckleent"
No data found.

Searching for "reimage"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\ZAM_BootCleaner]
"FailedDeleteServices"="Convxxxx ReimageRealTimeProtector"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\ZAM_BootCleaner]
"FailedDeleteServices"="Convxxxx ReimageRealTimeProtector"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ZAM_BootCleaner]
"FailedDeleteServices"="Convxxxx ReimageRealTimeProtector"

Searching for "hadga"
No data found.

Searching for "chelfnotify"
No data found.

Searching for "ytb music box"
No data found.

Searching for "ytbmusicbox"
No data found.

-= EOF =-

Botto97 · 07.12.2016, 17:44

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
durchgeführt von User (Administrator) auf USER-PC (07-12-2016 17:42:58)
Gestartet von C:\Users\User\Desktop
Geladene Profile: User (Verfügbare Profile: User & Nadine & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Sony) C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve Corporation) D:\Steam\Steam.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Valve Corporation) D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.100.9.0\OverwolfBrowser.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\User\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.100.9.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.100.9.0\OverwolfHelper64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Valve Corporation) D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8900104 2016-11-04] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-11-04] (Razer Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [299504 2016-06-20] (Intel Corporation)
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\Run: [Steam] => D:\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation)
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4295360 2016-06-08] (Disc Soft Ltd)
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9108184 2016-11-07] (Piriform Ltd)
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [247344 2016-11-23] ()
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [798352 2016-09-22] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\MountPoints2: {720c4d20-37bc-11e6-a9b2-2c56dc94012f} - cbs.exe
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\MountPoints2: {720c50ad-37bc-11e6-a9b2-2c56dc94012f} - G:\setup.exe
HKU\S-1-5-21-1652729561-1798351166-2891734009-1000\...\MountPoints2: {dbb36d82-30b2-11e6-bc24-2c56dc94012f} - G:\setup.exe
ShellExecuteHooks:  - {E61BD264-A5BC-11E6-BDC9-64006A5CFC23} -  Keine Datei [ ]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-09] (AVAST Software)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{19A85D3D-7A8C-49C6-B71A-6B9F95CD8203}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{9634F382-7D29-46EB-AD92-13B0657457DE}: [NameServer] 77.234.40.79

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-30] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-28] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-10-30] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-30] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-10-30] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\ssv.dll [2016-11-04] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-28] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-10-30] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-30] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\jp2ssv.dll [2016-11-04] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-30] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\qfgrr71f.default-1480591788312 [2016-12-07]
FF NetworkProxy: Mozilla\Firefox\Profiles\qfgrr71f.default-1480591788312 -> http", "185.90.81.137"
FF NetworkProxy: Mozilla\Firefox\Profiles\qfgrr71f.default-1480591788312 -> http_port", 3128
FF Extension: (TrackMeNot) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\qfgrr71f.default-1480591788312\Extensions\trackmenot@mrl.nyu.edu.xpi [2016-12-02]
FF Extension: (Adblock Plus) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\qfgrr71f.default-1480591788312\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-01]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-09]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-26] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-26] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-30] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-30] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.112.2 -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\dtplugin\npDeployJava1.dll [2016-11-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.112.2 -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\plugin2\npjp2.dll [2016-11-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-30] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-30] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-10-22] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: ChromeDefaultData
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-09] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2016-09-09] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1456136 2016-10-12] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3294912 2016-10-30] (Microsoft Corporation)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2016-08-18] () [Datei ist nicht signiert]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1458368 2016-06-08] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [392480 2016-12-02] (EasyAntiCheat Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [354936 2016-03-14] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-30] (Intel Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-01] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-12-06] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2016-12-06] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1316080 2016-11-23] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-05-21] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-06-28] ()
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [69744 2016-10-18] (Razer Inc.)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-09-22] (Sandboxie Holdings, LLC)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2085760 2016-09-16] (Sony)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18232 2016-08-22] (Intel(R) Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-09] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [28312 2016-07-01] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [453192 2016-09-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-09] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2016-07-01] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2016-11-13] () [Datei ist nicht signiert]
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-06-12] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-06-12] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-07-19] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31712 2016-07-19] (Intel Corporation)
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37072 2016-08-03] (Intel Corporation)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2016-11-13] () [Datei ist nicht signiert]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-07-19] (Intel Corporation)
S3 NvnUsbAudio; C:\Windows\System32\DRIVERS\nvnusbaudio.sys [54000 2015-06-10] (Novation DMS Ltd.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [51224 2016-04-07] (Razer Inc)
R3 rzmpos; C:\Windows\System32\DRIVERS\rzmpos.sys [47640 2016-04-07] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
S3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2016-02-15] (Windows (R) Win 7 DDK provider)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-09-22] (Sandboxie Holdings, LLC)
S3 tap0901_openvpn_accl; C:\Windows\System32\DRIVERS\tap0901_openvpn_accl.sys [37912 2016-07-18] (The OpenVPN Project)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2016-05-12] (WinISO.com)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2016-12-02] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2016-12-02] (Zemana Ltd.)
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-07 17:42 - 2016-12-07 17:43 - 00023858 _____ C:\Users\User\Desktop\FRST.txt
2016-12-07 17:30 - 2016-12-07 17:33 - 00005832 _____ C:\Users\User\Downloads\SystemLook.txt
2016-12-07 17:29 - 2016-12-07 17:29 - 00165376 _____ C:\Users\User\Downloads\SystemLook_x64.exe
2016-12-07 17:27 - 2016-12-07 17:27 - 00026681 _____ C:\Users\User\Desktop\Fixlog.txt
2016-12-07 17:26 - 2016-12-07 17:26 - 00000000 ____D C:\Users\User\Desktop\FRST-OlderVersion
2016-12-07 17:25 - 2016-12-07 17:28 - 00000022 _____ C:\Windows\S.dirmngr
2016-12-07 15:14 - 2016-12-07 15:14 - 00091691 _____ C:\Users\User\Downloads\zahlungsbestätigung_T6Y9TF.pdf
2016-12-06 22:10 - 2016-12-06 22:10 - 01631928 _____ (Malwarebytes) C:\Users\User\Downloads\JRT.exe
2016-12-06 22:07 - 2016-12-06 22:25 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-06 22:07 - 2016-12-06 22:07 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-12-06 22:07 - 2016-12-06 22:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-12-06 22:07 - 2016-12-06 22:07 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-12-06 22:07 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-12-06 22:07 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-12-06 22:07 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-12-06 22:00 - 2016-12-06 22:03 - 00000000 ____D C:\AdwCleaner
2016-12-06 22:00 - 2016-12-06 22:00 - 03968464 _____ C:\Users\User\Downloads\AdwCleaner_6.040.exe
2016-12-06 17:35 - 2016-12-06 17:35 - 00000000 ____D C:\Users\User\Downloads\FRST-OlderVersion
2016-12-06 17:28 - 2016-12-06 17:28 - 00000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics
2016-12-06 17:27 - 2016-12-06 17:27 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-06 17:27 - 2016-12-01 18:04 - 00134712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-12-06 17:27 - 2016-09-09 19:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-12-06 17:27 - 2016-09-09 19:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2016-12-06 17:27 - 2016-09-09 19:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-12-06 17:27 - 2016-09-09 19:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2016-12-06 17:25 - 2016-12-01 20:52 - 40125496 _____ C:\Windows\system32\nvcompiler.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 35222976 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 34703416 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 28137920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 19948848 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 17440744 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 14055360 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-12-06 17:25 - 2016-12-01 20:52 - 10912744 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 10795312 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 10346208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 09151400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 08913328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 08754160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 03645496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 03206592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 01951680 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437619.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437619.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 01036736 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00974272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00943552 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00895424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00683824 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00573072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00521096 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00438208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00435904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00407064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00390200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00170872 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00148200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-12-06 17:25 - 2016-12-01 20:52 - 00131536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-12-06 11:05 - 2016-12-02 18:00 - 00392480 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2016-12-04 21:56 - 2016-12-04 21:56 - 00000000 ____D C:\Users\User\AppData\Local\Gaijin
2016-12-04 14:31 - 2016-12-04 14:31 - 00000000 ____D C:\Users\User\AppData\LocalLow\Nvizzio Creations
2016-12-04 00:57 - 2016-12-04 00:57 - 00000202 _____ C:\Users\User\Desktop\RollerCoaster Tycoon World.url
2016-12-04 00:48 - 2016-12-04 00:48 - 00001463 _____ C:\Users\User\Desktop\mysummercar - Verknüpfung.lnk
2016-12-02 22:00 - 2016-12-02 22:00 - 00000000 ____D C:\Users\User\AppData\LocalLow\Bossa Studios
2016-12-02 21:59 - 2016-12-02 21:59 - 00000202 _____ C:\Users\User\Desktop\Surgeon Simulator.url
2016-12-02 19:00 - 2016-12-02 19:00 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\User\Desktop\rkill64.exe
2016-12-02 17:25 - 2016-12-02 17:27 - 00099926 _____ C:\Users\User\Downloads\Addition.txt
2016-12-02 17:24 - 2016-12-07 17:42 - 00000000 ____D C:\FRST
2016-12-02 17:24 - 2016-12-07 17:26 - 02420224 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2016-12-02 17:24 - 2016-12-02 17:27 - 00143116 _____ C:\Users\User\Downloads\FRST.txt
2016-12-02 01:34 - 2016-12-02 01:34 - 00000080 _____ C:\Users\Public\Desktop\Die SimsT 3 Traumkarrieren.lnk
2016-12-02 01:31 - 2016-12-02 01:31 - 07800248 _____ (PC Tools ) C:\Users\User\Downloads\tfinstall.exe
2016-12-02 01:26 - 2016-12-02 01:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-02 01:23 - 2016-12-02 01:23 - 22851472 _____ (Malwarebytes ) C:\Users\User\Downloads\mbam-setup-2.2.1.1043.exe
2016-12-02 01:21 - 2016-12-07 17:43 - 00084999 _____ C:\Windows\ZAM.krnl.trace
2016-12-02 01:21 - 2016-12-07 17:43 - 00055323 _____ C:\Windows\ZAM_Guard.krnl.trace
2016-12-02 01:21 - 2016-12-02 01:21 - 05188032 _____ (Zemana Ltd.) C:\Users\User\Downloads\Zemana.AntiMalware.Portable.exe
2016-12-02 01:21 - 2016-12-02 01:21 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2016-12-02 01:21 - 2016-12-02 01:21 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2016-12-02 01:21 - 2016-12-02 01:21 - 00000000 ____D C:\Users\User\AppData\Local\Zemana
2016-12-02 01:19 - 2016-12-02 01:19 - 00000000 ____D C:\Windows\system32\appmgmt
2016-12-01 23:20 - 2016-12-01 23:20 - 00000000 ____D C:\Users\User\AppData\LocalLow\Amistech
2016-12-01 23:19 - 2016-12-01 23:20 - 00000000 ____D C:\Users\User\Desktop\My.Summer.Car.Early.Access-P2P
2016-12-01 21:38 - 2016-12-01 22:54 - 324777801 _____ C:\Users\User\Downloads\da22a593d6c9bb63e4958970cf8c048c.rar
2016-12-01 12:08 - 2016-12-02 01:23 - 00000000 ____D C:\Users\User\AppData\Roaming\hadga
2016-12-01 11:03 - 2016-12-01 11:03 - 00000000 ____D C:\Users\User\Documents\Battlefield 1
2016-12-01 10:49 - 2016-12-02 01:34 - 00000649 _____ C:\Users\Public\Desktop\Battlefield 1.lnk
2016-12-01 10:49 - 2016-12-01 10:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 1
2016-11-29 12:20 - 2016-11-29 12:20 - 07822784 _____ C:\Users\User\Downloads\A320_AS_FSX_LHA3_DAAST.zip
2016-11-29 12:18 - 2016-11-29 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft
2016-11-29 12:17 - 2016-11-29 12:17 - 07822595 _____ C:\Users\User\Downloads\A320_AXE_FSX_LHA3_DAAST.zip
2016-11-28 19:39 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-11-28 19:39 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2016-11-28 19:39 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-11-28 19:39 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2016-11-28 19:39 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2016-11-28 19:39 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2016-11-28 19:39 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2016-11-28 19:39 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-11-28 19:39 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2016-11-28 19:39 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-11-28 19:39 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-11-28 19:39 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2016-11-28 19:39 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-11-28 19:39 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2016-11-28 19:39 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-11-28 19:39 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-11-28 19:39 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-11-28 19:39 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-11-28 19:39 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-11-28 19:39 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-11-28 19:39 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-11-28 19:39 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-11-28 19:39 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-11-28 19:39 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-11-28 19:39 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2016-11-28 19:39 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-11-28 19:39 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-11-28 19:39 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-11-28 19:39 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-11-28 19:39 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-11-28 19:39 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-11-28 19:39 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-11-28 19:39 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-11-28 19:39 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-11-28 19:39 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-11-28 19:39 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-11-28 19:39 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-11-28 19:39 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-11-28 19:39 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-11-28 19:39 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-11-28 19:39 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-11-28 19:39 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-11-28 19:39 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-11-28 19:39 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-11-28 19:39 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-11-28 19:39 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-11-28 19:39 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-11-28 19:39 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-11-28 19:39 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-11-28 19:39 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-11-28 19:39 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-11-28 19:39 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-11-28 19:39 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-11-28 19:39 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-11-28 19:39 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-11-28 19:39 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-11-28 19:39 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-11-28 19:39 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-11-28 19:39 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-11-28 19:39 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-11-28 19:39 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-11-28 19:39 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-11-28 19:39 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-11-28 19:39 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-11-28 19:39 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-11-28 19:39 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-11-28 19:39 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-11-28 19:39 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-11-28 19:39 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-11-28 19:39 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-11-28 19:39 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-11-28 19:39 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-11-28 19:39 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-11-28 19:39 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-11-28 19:39 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-11-28 19:39 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-11-28 19:39 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-11-28 19:39 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-11-28 19:39 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-11-28 19:39 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-11-28 19:39 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-11-28 19:39 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-11-28 19:39 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-11-28 19:39 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-11-28 19:39 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-11-28 19:39 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-11-28 19:39 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-11-28 19:32 - 2016-11-24 21:54 - 01951680 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437609.dll
2016-11-28 19:32 - 2016-11-24 21:54 - 01586744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437609.dll
2016-11-28 16:50 - 2016-11-28 16:50 - 00000017 _____ C:\Users\User\AppData\Local\resmon.resmoncfg
2016-11-27 14:53 - 2016-12-02 01:34 - 00001398 _____ C:\Users\Public\Desktop\Die Sims 3.lnk
2016-11-27 13:25 - 2016-11-29 12:18 - 00000000 ____D C:\Users\User\Documents\Aerosoft
2016-11-27 13:24 - 2016-12-02 01:34 - 00000870 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Global ATC Simulator.lnk
2016-11-27 13:24 - 2016-12-02 01:34 - 00000858 _____ C:\Users\Public\Desktop\Global ATC Simulator.lnk
2016-11-27 13:24 - 2016-11-27 13:26 - 00000000 ____D C:\Program Files (x86)\Global ATC Simulator
2016-11-27 13:24 - 2016-11-27 13:24 - 00000000 ____D C:\Users\User\Desktop\Global.ATC.Simulator-HI2U
2016-11-27 13:22 - 2016-11-27 13:23 - 512361856 _____ C:\Users\User\Downloads\2789cf0718883772293db622b5d669dd.rar
2016-11-27 00:59 - 2016-11-27 00:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SquawkBox
2016-11-27 00:59 - 2016-11-27 00:59 - 00000000 ____D C:\Program Files (x86)\SquawkBox
2016-11-27 00:59 - 2008-07-29 23:07 - 28487680 _____ C:\Users\User\Desktop\sb4setup.exe
2016-11-27 00:58 - 2016-11-27 00:58 - 27766733 _____ C:\Users\User\Downloads\squawkbox.zip
2016-11-26 19:45 - 2016-11-26 19:45 - 02599189 _____ C:\Users\User\Downloads\CRJ2_POSKY_FS9FSX_LHA3_DADME.zip
2016-11-26 19:23 - 2016-11-26 19:43 - 60493791 _____ C:\Users\User\Downloads\pos200fx.zip
2016-11-26 16:57 - 2016-11-26 16:57 - 17248991 _____ C:\Users\User\Downloads\AFAS6.zip
2016-11-26 16:57 - 2016-11-26 16:57 - 00046887 _____ C:\Users\User\Downloads\Bedienungsanleitung_AFAS_2.2-01.odt
2016-11-26 16:45 - 2016-11-26 16:45 - 14595297 _____ C:\Users\User\Downloads\pa320_basepack_fs9_2014-09-08.zip
2016-11-26 16:43 - 2016-11-26 16:43 - 06961600 _____ C:\Users\User\Downloads\A320_PA_FS9FSX_LHA3_DAABF.zip
2016-11-26 16:27 - 2016-11-26 16:27 - 03162141 _____ C:\Users\User\Downloads\DH8D_Majestic_FSX_LHA3_DABUD.zip
2016-11-26 16:19 - 2016-11-26 16:19 - 00000527 _____ C:\Users\User\Documents\pirep
2016-11-26 15:13 - 2016-11-26 15:13 - 00000061 ___SH C:\Windows\cnerolf.bin
2016-11-26 15:09 - 2016-11-26 15:09 - 03993096 _____ C:\Users\User\Downloads\FSUIPC4.zip
2016-11-26 15:09 - 2016-11-08 11:10 - 03810816 _____ (Peter L. Dowson) C:\Users\User\Desktop\Install FSUIPC4.exe
2016-11-26 15:05 - 2016-11-26 15:05 - 00000860 _____ C:\Users\User\Downloads\EDDF-ELLX.pln
2016-11-26 14:59 - 2016-11-26 18:19 - 00000000 ____D C:\Users\User\Desktop\XACARS for MSFS
2016-11-26 14:59 - 2016-11-26 14:59 - 00979161 _____ C:\Users\User\Downloads\XACARS_MSFS-de_DE-2.5.6.zip
2016-11-26 14:57 - 2016-11-26 14:57 - 01664059 _____ C:\Users\User\Downloads\fsacars4.zip
2016-11-26 14:57 - 2016-11-26 14:57 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FSacars
2016-11-26 14:57 - 2016-11-26 14:57 - 00000000 ____D C:\Program Files (x86)\FSacars
2016-11-26 14:57 - 2004-08-30 19:00 - 01778176 _____ C:\Users\User\Desktop\fsacars.msi
2016-11-26 14:51 - 2016-11-26 14:51 - 02455301 _____ C:\Users\User\Downloads\LHA Piloten-Handbuch 5. Ausgabe-pdf.zip
2016-11-26 14:51 - 2006-10-30 18:06 - 02793219 _____ C:\Users\User\Desktop\Piloten-Handbuch.pdf
2016-11-26 14:38 - 2016-12-02 01:34 - 00001904 _____ C:\Users\User\Desktop\vPilot.lnk
2016-11-26 14:38 - 2016-11-27 00:51 - 00000000 ____D C:\Users\User\Documents\vPilot Files
2016-11-26 14:38 - 2016-11-26 14:38 - 01912149 _____ C:\Users\User\Downloads\vPilot-Setup-1.1.5901.24775.exe
2016-11-26 14:38 - 2016-11-26 14:38 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vPilot
2016-11-26 14:38 - 2016-11-26 14:38 - 00000000 ____D C:\Users\User\AppData\Local\vPilot
2016-11-26 14:23 - 2016-11-26 14:23 - 00000000 ____D C:\Users\User\AppData\Local\Microsoft Game Studios
2016-11-26 14:23 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-11-26 14:23 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-11-26 14:23 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-11-26 14:23 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-11-26 14:23 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-11-26 14:23 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-11-26 14:23 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-11-26 14:23 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-11-26 14:23 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-11-26 14:23 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-11-26 14:23 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-11-26 14:23 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-11-26 14:23 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-11-26 14:23 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-11-26 14:23 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-11-26 14:23 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-11-26 14:23 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-11-26 14:23 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-11-26 14:23 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-11-26 14:23 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-11-26 14:23 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-11-26 14:23 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-11-26 14:23 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-11-26 14:23 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-11-26 14:23 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-11-26 14:23 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-11-26 14:23 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-11-26 14:23 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-11-26 14:23 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-11-26 14:23 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-11-26 14:23 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-11-26 14:23 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-11-26 14:23 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-11-26 14:23 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-11-26 14:23 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-11-26 14:23 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-11-26 14:23 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-11-26 14:23 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-11-26 14:23 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2016-11-26 14:23 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-11-26 14:23 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-11-26 14:23 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-11-26 14:23 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-11-26 14:23 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-11-26 14:23 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-11-26 14:23 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-11-26 14:23 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-11-26 14:23 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-11-26 14:23 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-11-26 14:23 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-11-26 14:23 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-11-26 14:23 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-11-26 14:23 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-11-26 14:23 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-11-26 14:23 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-11-26 14:23 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-11-26 14:23 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-11-26 14:23 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-11-26 14:23 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2016-11-26 14:19 - 2016-11-26 14:20 - 00000000 ____D C:\Users\User\Downloads\Microsoft.Flight.Simulator.X.Acceleration.Expansion.GERMAN-ENiGMA
2016-11-26 13:41 - 2016-11-26 13:45 - 482933672 _____ C:\Users\User\Downloads\e8c906f4d52e08c22244d63ecc2e7cba.part6.rar
2016-11-26 13:41 - 2016-11-26 13:44 - 524288000 _____ C:\Users\User\Downloads\e8c906f4d52e08c22244d63ecc2e7cba.part5.rar
2016-11-26 13:41 - 2016-11-26 13:44 - 524288000 _____ C:\Users\User\Downloads\e8c906f4d52e08c22244d63ecc2e7cba.part4.rar
2016-11-26 13:41 - 2016-11-26 13:44 - 524288000 _____ C:\Users\User\Downloads\e8c906f4d52e08c22244d63ecc2e7cba.part3.rar
2016-11-26 13:41 - 2016-11-26 13:44 - 524288000 _____ C:\Users\User\Downloads\e8c906f4d52e08c22244d63ecc2e7cba.part2.rar
2016-11-26 13:34 - 2016-11-26 13:42 - 524288000 _____ C:\Users\User\Downloads\e8c906f4d52e08c22244d63ecc2e7cba.part1.rar
2016-11-26 13:31 - 2016-11-26 15:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FsPassengersX
2016-11-26 13:30 - 2016-11-26 13:30 - 90220751 _____ C:\Users\User\Downloads\FSPassenger_X.zip
2016-11-26 13:30 - 2016-11-26 13:30 - 00000000 ____D C:\Users\User\Desktop\PSPX crack
2016-11-26 13:30 - 2015-11-10 14:37 - 88536024 _____ (SecondReality Software sarl) C:\Users\User\Desktop\FsPassengersX_setup.exe
2016-11-26 11:49 - 2016-11-26 15:32 - 00000000 ____D C:\Users\User\Documents\Flight Simulator X-Dateien
2016-11-26 11:43 - 2016-07-02 18:32 - 1442741564 _____ () C:\Users\User\Desktop\FSX_DE_Setup.exe
2016-11-26 10:50 - 2016-11-26 10:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Just Flight
2016-11-26 10:48 - 2016-11-26 11:43 - 00000000 ____D C:\Users\User\Downloads\Microsoft.Flight.Simulator.FSX.My.Traffic.X-SKIDROW
2016-11-26 10:40 - 2016-11-26 10:40 - 00000042 _____ C:\Users\User\Desktop\Neues Textdokument (2).txt
2016-11-26 09:23 - 2016-11-26 09:23 - 00000000 ___RD C:\Users\User\Desktop\CamSim Airbus 350-1000 V4 Lufthansa
2016-11-26 09:15 - 2016-11-26 09:15 - 00000000 ____D C:\Users\User\AppData\Local\World_of_AI
2016-11-26 09:14 - 2016-11-26 09:19 - 00000000 ____D C:\Users\User\Desktop\ai
2016-11-26 09:05 - 2016-11-26 09:05 - 00000000 _____ C:\Windows\system32\__00000001402FF151__C0000005.dmp
2016-11-26 08:57 - 2016-11-17 03:04 - 01953336 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437595.dll
2016-11-26 08:57 - 2016-11-17 03:04 - 01585088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437595.dll
2016-11-26 08:56 - 2016-11-26 09:05 - 00000000 ____D C:\Windows\system32\SSL
2016-11-26 08:55 - 2016-12-02 01:34 - 00001416 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-11-26 08:54 - 2016-11-17 14:45 - 00101824 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-11-26 08:54 - 2016-11-17 14:45 - 00091584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-11-26 08:54 - 2016-11-17 14:45 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-11-26 08:52 - 2016-12-06 18:31 - 00002292 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2016-11-23 18:29 - 2016-12-02 01:34 - 00001392 _____ C:\Users\User\Desktop\FS2004.lnk
2016-11-23 18:29 - 2016-11-23 18:29 - 00002992 _____ C:\Windows\System32\Tasks\{2EFA6E8F-7BD5-4E75-BB02-B7202C56991C}
2016-11-23 15:33 - 2016-11-23 15:33 - 00001109 _____ C:\Users\Public\Desktop\Die Sims™ 3 Traumkarrieren.lnk
2016-11-22 12:13 - 2016-12-06 22:29 - 00013859 _____ C:\Users\User\Desktop\Berichte.txt
2016-11-21 20:05 - 2016-11-21 20:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2016-11-20 20:44 - 2016-06-06 16:43 - 06873864 ____N (Softpointer Inc ) C:\Users\User\Desktop\TagRename397.exe
2016-11-20 20:44 - 2016-01-03 15:02 - 00280617 ____N C:\Users\User\Desktop\1080735366.bin
2016-11-20 20:21 - 2016-12-02 01:34 - 00002161 _____ C:\Users\Public\Desktop\Xperia Companion.lnk
2016-11-20 20:21 - 2016-11-20 20:21 - 00000000 ____D C:\Users\User\Documents\Sony
2016-11-20 20:21 - 2016-11-20 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-11-20 20:21 - 2016-11-20 20:21 - 00000000 ____D C:\Program Files\Sony
2016-11-20 20:21 - 2016-11-20 20:21 - 00000000 ____D C:\Program Files (x86)\Sony
2016-11-20 14:10 - 2016-12-02 01:34 - 00000987 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-11-20 14:10 - 2016-12-02 01:34 - 00000975 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-11-20 14:10 - 2016-12-01 12:29 - 00000000 ____D C:\Users\User\Desktop\Alte Firefox-Daten
2016-11-20 14:10 - 2016-12-01 10:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-20 14:10 - 2016-12-01 10:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-20 02:59 - 2016-12-07 11:10 - 00002460 _____ C:\Users\User\Desktop\Rkill.txt
2016-11-20 02:59 - 2016-11-20 02:59 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\User\Desktop\rkill.exe
2016-11-19 13:48 - 2016-12-02 01:34 - 00002198 _____ C:\Users\User\Desktop\MegaTrainer eXperience.lnk
2016-11-19 13:48 - 2016-12-02 01:34 - 00002185 _____ C:\Users\User\Desktop\MT-X - Anleitung.lnk
2016-11-19 13:48 - 2016-11-19 13:48 - 00000047 _____ C:\Users\User\Documents\mt-x_hook.txt
2016-11-19 13:48 - 2013-01-25 06:21 - 19965984 _____ ( ) C:\Users\User\Desktop\mt-x_1158_setup.exe
2016-11-19 13:45 - 2016-12-02 01:34 - 00001367 _____ C:\Users\Public\Desktop\MegaTrainer.lnk
2016-11-19 13:45 - 2016-11-19 13:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaTrainerUltimate
2016-11-19 13:45 - 2016-11-19 13:45 - 00000000 ____D C:\ProgramData\MegaTrainerUltimate
2016-11-19 13:00 - 2016-12-02 01:34 - 00000959 _____ C:\Users\Public\Desktop\Patrician IV - Rise of a Dynasty.lnk
2016-11-19 13:00 - 2016-12-02 01:34 - 00000941 _____ C:\Users\Public\Desktop\Patrician IV.lnk
2016-11-19 13:00 - 2016-11-19 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kalypso Media
2016-11-18 16:25 - 2016-12-07 17:29 - 00000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2016-11-16 23:47 - 2016-11-16 23:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sylenth1
2016-11-16 23:47 - 2016-11-16 23:47 - 00000000 ____D C:\Program Files\Steinberg
2016-11-16 23:45 - 2016-11-16 23:45 - 00000512 _____ C:\Users\User\Desktop\License.dat
2016-11-16 23:43 - 2016-12-06 17:27 - 00001648 _____ C:\Windows\Sandboxie.ini
2016-11-16 23:43 - 2016-12-02 01:34 - 00001020 _____ C:\Users\User\Desktop\Sandboxed Web Browser.lnk
2016-11-16 23:43 - 2016-11-16 23:43 - 00000000 ___RD C:\Sandbox
2016-11-16 23:43 - 2016-11-16 23:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2016-11-16 23:43 - 2016-11-16 23:43 - 00000000 ____D C:\Program Files\Sandboxie
2016-11-16 23:34 - 2016-11-16 23:35 - 00000000 ____D C:\Users\User\Desktop\HEADS WILL ROLL
2016-11-16 12:53 - 2016-11-16 12:53 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Axolot Games
2016-11-16 12:51 - 2016-11-16 12:51 - 00000000 ____D C:\Users\Gast\AppData\Roaming\tropico 5
2016-11-16 12:50 - 2016-11-16 12:50 - 00000000 ____D C:\Users\Gast\AppData\Roaming\tropico 4
2016-11-15 19:40 - 2016-12-02 01:34 - 00001245 _____ C:\Users\User\Desktop\taskmgr.lnk
2016-11-15 18:52 - 2016-11-15 18:52 - 00001785 _____ C:\Users\Nadine\Desktop\Word .lnk
2016-11-15 18:52 - 2016-11-15 18:52 - 00000000 ____D C:\Users\Nadine\AppData\Local\CEF
2016-11-15 18:51 - 2016-11-15 18:51 - 00000000 ____D C:\Users\Nadine\AppData\Roaming\Mozilla
2016-11-15 18:51 - 2016-11-15 18:51 - 00000000 ____D C:\Users\Nadine\AppData\Roaming\Intel Corporation
2016-11-15 18:51 - 2016-11-15 18:51 - 00000000 ____D C:\Users\Nadine\AppData\Local\Mozilla
2016-11-15 18:50 - 2016-11-29 20:46 - 00114944 _____ C:\Users\Nadine\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-15 18:50 - 2016-11-15 18:52 - 00000000 ____D C:\Users\Nadine\AppData\Local\NVIDIA Corporation
2016-11-15 18:50 - 2016-11-15 18:50 - 00001425 _____ C:\Users\Nadine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-11-15 18:50 - 2016-11-15 18:50 - 00000020 ___SH C:\Users\Nadine\ntuser.ini
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Vorlagen
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Startmenü
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Netzwerkumgebung
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Lokale Einstellungen
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Eigene Dateien
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Druckumgebung
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Documents\Eigene Videos
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Documents\Eigene Musik
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Documents\Eigene Bilder
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\AppData\Local\Verlauf
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\AppData\Local\Anwendungsdaten
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 _SHDL C:\Users\Nadine\Anwendungsdaten
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 ____D C:\Users\Nadine\AppData\Roaming\AVAST Software
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 ____D C:\Users\Nadine\AppData\Roaming\Adobe
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 ____D C:\Users\Nadine\AppData\Local\VirtualStore
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 ____D C:\Users\Nadine\AppData\Local\Razer
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 ____D C:\Users\Nadine\AppData\Local\NVIDIA
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 ____D C:\Users\Nadine\AppData\Local\Google
2016-11-15 18:50 - 2016-11-15 18:50 - 00000000 ____D C:\Users\Nadine
2016-11-15 18:50 - 2016-07-04 18:48 - 00002124 _____ C:\Users\Nadine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-11-15 18:50 - 2011-04-12 09:28 - 00000000 ____D C:\Users\Nadine\AppData\Roaming\Media Center Programs
2016-11-15 17:44 - 2016-11-15 17:44 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Macromedia
2016-11-15 17:44 - 2016-11-15 17:44 - 00000000 ____D C:\Users\Gast\AppData\Local\Macromedia
2016-11-15 17:40 - 2016-11-15 17:40 - 00001781 _____ C:\Users\Gast\Desktop\Word.lnk
2016-11-15 13:53 - 2016-11-15 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2016-11-15 13:52 - 2016-11-15 17:40 - 00000000 ____D C:\xampp
2016-11-14 14:13 - 2016-11-14 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ANNO 1503
2016-11-14 11:16 - 2016-09-17 02:12 - 00044144 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2016-11-13 21:45 - 2016-11-13 21:46 - 00036892 _____ C:\Windows\SysWOW64\bassmod.dll
2016-11-13 21:35 - 2016-11-13 21:35 - 00000000 ____D C:\Users\User\Documents\ANNO 2070
2016-11-13 19:04 - 2016-11-19 00:24 - 00000000 ____D C:\Users\User\Documents\The Witcher 3
2016-11-13 19:02 - 2016-11-13 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-11-13 15:31 - 2016-11-13 15:31 - 00000000 ____D C:\Users\User\Documents\Anno 2205
2016-11-13 15:31 - 2016-11-13 15:31 - 00000000 ____D C:\Users\User\AppData\Roaming\uplay
2016-11-13 15:30 - 2016-12-02 01:34 - 00000893 _____ C:\Users\User\Desktop\Anno 2205.lnk
2016-11-13 15:30 - 2016-11-13 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anno 2205
2016-11-13 14:01 - 2016-11-13 14:01 - 00303616 _____ C:\Windows\system32\Drivers\atksgt.sys
2016-11-13 14:01 - 2016-11-13 14:01 - 00035328 _____ C:\Windows\system32\Drivers\lirsgt.sys
2016-11-13 14:01 - 2016-11-13 14:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anno 1701
2016-11-11 23:20 - 2016-11-11 23:20 - 00002247 _____ C:\Users\Gast\Desktop\Google Chrome.lnk
2016-11-11 17:44 - 2016-11-11 17:44 - 00000000 ____D C:\Users\User\AppData\Local\2K Games
2016-11-11 17:04 - 2016-12-02 01:34 - 00000509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia III.lnk
2016-11-10 12:07 - 2016-11-10 12:07 - 00000201 _____ C:\Users\User\Desktop\Anno 1404 Venice.url
2016-11-09 21:19 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-09 21:19 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-11-09 21:19 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-09 21:19 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-11-09 21:19 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-11-09 21:19 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-09 21:19 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-11-09 21:19 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-11-09 21:19 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-11-09 21:19 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-09 21:19 - 2016-10-28 04:59 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-09 21:19 - 2016-10-28 04:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-09 21:19 - 2016-10-27 20:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-09 21:19 - 2016-10-27 20:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-09 21:19 - 2016-10-27 19:55 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-09 21:19 - 2016-10-27 19:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-09 21:19 - 2016-10-27 19:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-09 21:19 - 2016-10-27 19:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-09 21:19 - 2016-10-27 19:53 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-09 21:19 - 2016-10-27 19:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-09 21:19 - 2016-10-27 19:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-09 21:19 - 2016-10-27 19:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-09 21:19 - 2016-10-27 19:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-09 21:19 - 2016-10-27 19:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-09 21:19 - 2016-10-27 19:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-09 21:19 - 2016-10-27 19:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-09 21:19 - 2016-10-27 19:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-09 21:19 - 2016-10-27 19:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-09 21:19 - 2016-10-27 19:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-09 21:19 - 2016-10-27 19:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-09 21:19 - 2016-10-27 19:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-09 21:19 - 2016-10-27 19:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-09 21:19 - 2016-10-27 19:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-09 21:19 - 2016-10-27 19:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-09 21:19 - 2016-10-27 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-09 21:19 - 2016-10-27 19:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-09 21:19 - 2016-10-27 19:02 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-09 21:19 - 2016-10-27 18:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-09 21:19 - 2016-10-27 18:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-09 21:19 - 2016-10-27 18:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-09 21:19 - 2016-10-27 18:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-09 21:19 - 2016-10-27 18:44 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-09 21:19 - 2016-10-27 18:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-09 21:19 - 2016-10-27 18:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-09 21:19 - 2016-10-27 18:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-09 21:19 - 2016-10-27 17:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-09 21:19 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-09 21:19 - 2016-10-25 16:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-09 21:19 - 2016-10-22 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-09 21:19 - 2016-10-22 18:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-09 21:19 - 2016-10-22 18:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-09 21:19 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-09 21:19 - 2016-10-22 18:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-09 21:19 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-09 21:19 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-09 21:19 - 2016-10-22 18:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-09 21:19 - 2016-10-22 18:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-09 21:19 - 2016-10-22 18:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-09 21:19 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-09 21:19 - 2016-10-22 18:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-09 21:19 - 2016-10-22 18:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-09 21:19 - 2016-10-22 18:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-09 21:19 - 2016-10-22 18:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-09 21:19 - 2016-10-22 18:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-09 21:19 - 2016-10-22 17:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-09 21:19 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-09 21:19 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-09 21:19 - 2016-10-22 17:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-09 21:19 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-09 21:19 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-09 21:19 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-09 21:19 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-09 21:19 - 2016-10-22 17:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-09 21:19 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-09 21:19 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-09 21:19 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-09 21:19 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-09 21:19 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-09 21:19 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-09 21:19 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-09 21:19 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-09 21:19 - 2016-10-11 16:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-09 21:19 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-11-09 21:19 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-09 21:19 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-11-09 21:19 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-11-09 21:19 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-09 21:19 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-11-09 21:19 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-11-09 21:19 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-11-09 21:19 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-11-09 21:19 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-11-09 21:19 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-11-09 21:19 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-11-09 21:19 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-09 21:19 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-11-09 21:19 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-09 21:19 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-11-09 21:19 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-11-09 21:19 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-09 21:19 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-09 21:19 - 2016-10-10 16:38 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-09 21:19 - 2016-10-10 16:38 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-09 21:19 - 2016-10-10 16:34 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-09 21:19 - 2016-10-10 16:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-09 21:19 - 2016-10-10 16:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-09 21:19 - 2016-10-10 16:34 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-09 21:19 - 2016-10-10 16:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-09 21:19 - 2016-10-10 16:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-09 21:19 - 2016-10-10 16:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-09 21:19 - 2016-10-10 15:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-09 21:19 - 2016-10-10 15:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-09 21:19 - 2016-10-10 15:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-09 21:19 - 2016-10-10 15:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-09 21:19 - 2016-10-10 15:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-09 21:19 - 2016-10-10 15:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-09 21:19 - 2016-10-07 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-09 21:19 - 2016-10-07 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-09 21:19 - 2016-10-07 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-09 21:19 - 2016-10-07 16:35 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:18 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-09 21:19 - 2016-10-07 16:18 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-09 21:19 - 2016-10-07 16:15 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 16:04 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-09 21:19 - 2016-10-07 16:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-09 21:19 - 2016-10-07 16:04 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-09 21:19 - 2016-10-07 16:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-09 21:19 - 2016-10-07 16:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-09 21:19 - 2016-10-07 15:56 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-09 21:19 - 2016-10-07 15:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-09 21:19 - 2016-10-07 15:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-09 21:19 - 2016-10-07 15:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-09 21:19 - 2016-10-07 15:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-09 21:19 - 2016-10-07 15:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 15:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 15:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-09 21:19 - 2016-10-07 15:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-09 21:19 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-09 21:19 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-11-09 21:19 - 2016-09-13 16:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-11-09 21:19 - 2016-09-13 16:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-11-09 21:19 - 2016-09-09 19:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-09 21:19 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-11-09 21:19 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll

Botto97 · 07.12.2016, 17:46

Code:

ATTFilter

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-07 17:36 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-07 17:36 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-07 17:34 - 2013-01-28 08:58 - 00736146 _____ C:\Windows\system32\perfh013.dat
2016-12-07 17:34 - 2013-01-28 08:58 - 00153312 _____ C:\Windows\system32\perfc013.dat
2016-12-07 17:34 - 2013-01-28 08:55 - 00732694 _____ C:\Windows\system32\perfh010.dat
2016-12-07 17:34 - 2013-01-28 08:55 - 00147056 _____ C:\Windows\system32\perfc010.dat
2016-12-07 17:34 - 2013-01-28 08:53 - 00738364 _____ C:\Windows\system32\perfh00C.dat
2016-12-07 17:34 - 2013-01-28 08:53 - 00149790 _____ C:\Windows\system32\perfc00C.dat
2016-12-07 17:34 - 2013-01-28 08:50 - 00738104 _____ C:\Windows\system32\perfh00A.dat
2016-12-07 17:34 - 2013-01-28 08:50 - 00158684 _____ C:\Windows\system32\perfc00A.dat
2016-12-07 17:34 - 2013-01-28 08:48 - 00700146 _____ C:\Windows\system32\perfh007.dat
2016-12-07 17:34 - 2013-01-28 08:48 - 00149784 _____ C:\Windows\system32\perfc007.dat
2016-12-07 17:34 - 2009-07-14 06:13 - 05176728 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-07 17:34 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-07 17:29 - 2016-10-22 16:21 - 00001102 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-07 17:29 - 2016-07-19 17:45 - 00000000 ____D C:\Users\User\AppData\Local\Overwolf
2016-12-07 17:29 - 2016-05-17 08:33 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-12-07 17:29 - 2009-01-01 00:24 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-07 17:28 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-07 17:26 - 2016-10-22 16:21 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-07 16:29 - 2016-05-20 20:19 - 00000000 ____D C:\Users\User\AppData\Roaming\Origin
2016-12-07 16:13 - 2016-11-04 15:21 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-07 13:34 - 2016-06-06 21:24 - 00000000 ____D C:\Users\User\AppData\Local\Ubisoft Game Launcher
2016-12-07 12:14 - 2016-05-20 20:18 - 00000000 ____D C:\ProgramData\Origin
2016-12-06 22:28 - 2016-07-19 10:46 - 00000000 ____D C:\ProgramData\IObit
2016-12-06 22:28 - 2016-07-19 10:46 - 00000000 ____D C:\Program Files (x86)\IObit
2016-12-06 22:28 - 2016-07-19 10:45 - 00000000 ____D C:\Users\User\AppData\Roaming\IObit
2016-12-06 17:27 - 2009-01-01 00:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-12-06 17:27 - 2009-01-01 00:23 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-06 17:25 - 2016-06-07 02:13 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps
2016-12-06 11:19 - 2016-05-20 20:17 - 00000000 ____D C:\Program Files (x86)\Origin
2016-12-02 01:34 - 2016-10-22 16:21 - 00001164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-02 01:34 - 2016-10-18 19:35 - 00000681 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crazy Machines 3.lnk
2016-12-02 01:34 - 2016-10-17 13:34 - 00000881 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Suite.lnk
2016-12-02 01:34 - 2016-10-07 20:58 - 00000857 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Big Pharma Marketing and Malpractice.lnk
2016-12-02 01:34 - 2016-09-21 12:11 - 00001047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-12-02 01:34 - 2016-08-25 13:38 - 00001272 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\OpenIV.lnk
2016-12-02 01:34 - 2016-08-11 13:12 - 00000737 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bus Simulator 16.lnk
2016-12-02 01:34 - 2016-07-18 11:16 - 00001058 _____ C:\Users\User\Desktop\Freenet.lnk
2016-12-02 01:34 - 2016-07-05 00:27 - 00002591 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-12-02 01:34 - 2016-07-04 18:48 - 00002176 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002416 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002372 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002366 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-12-02 01:34 - 2016-07-04 18:47 - 00002358 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-12-02 01:34 - 2016-07-01 16:07 - 00001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-12-02 01:34 - 2016-06-16 22:26 - 00001084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk
2016-12-02 01:34 - 2016-06-16 22:21 - 00001534 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-12-02 01:34 - 2016-06-13 20:24 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-12-02 01:34 - 2016-06-12 17:06 - 00000673 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project CARS.lnk
2016-12-02 01:34 - 2016-06-09 14:33 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-12-02 01:34 - 2016-05-30 20:45 - 00001785 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-12-02 01:34 - 2016-05-21 10:05 - 00000973 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2016-12-02 01:34 - 2016-05-17 07:33 - 00000879 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-12-02 01:34 - 2014-06-17 20:35 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-12-02 01:34 - 2014-06-17 20:35 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-12-02 01:34 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-02 01:34 - 2009-07-14 06:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-12-02 01:34 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-12-02 01:34 - 2009-07-14 05:57 - 00001352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-12-02 01:34 - 2009-07-14 05:57 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-12-02 01:34 - 2009-07-14 05:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-12-02 01:34 - 2009-07-14 05:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-12-02 01:34 - 2009-07-14 05:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-12-02 01:15 - 2016-06-09 17:39 - 00000000 ____D C:\Users\User\AppData\Roaming\UseNeXT
2016-12-01 20:52 - 2016-11-04 15:16 - 00491536 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-12-01 20:52 - 2014-10-16 17:54 - 17373312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-12-01 20:52 - 2014-10-16 17:54 - 14410120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-12-01 20:52 - 2014-10-16 17:54 - 03941536 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-12-01 20:52 - 2014-10-16 17:54 - 03479560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-12-01 20:52 - 2009-01-01 00:23 - 00041344 _____ C:\Windows\system32\nvinfo.pb
2016-12-01 19:34 - 2016-05-20 20:20 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-12-01 18:33 - 2016-08-24 08:47 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2016-12-01 18:32 - 2016-05-28 11:44 - 00546752 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-12-01 18:32 - 2016-05-28 11:44 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-12-01 18:32 - 2009-01-01 00:24 - 06384576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-12-01 18:32 - 2009-01-01 00:24 - 02475968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-12-01 18:32 - 2009-01-01 00:24 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-12-01 18:32 - 2009-01-01 00:24 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-12-01 18:32 - 2009-01-01 00:24 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-12-01 10:49 - 2016-08-31 11:08 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller
2016-12-01 10:48 - 2016-05-17 16:15 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-30 13:28 - 2016-07-05 00:26 - 00000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2016-11-30 10:34 - 2009-01-01 00:24 - 07607057 _____ C:\Windows\system32\nvcoproc.bin
2016-11-30 09:57 - 2009-07-14 05:45 - 00417608 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-29 12:56 - 2016-06-07 02:20 - 00000000 ____D C:\Users\User\Documents\Flight Simulator X Files
2016-11-29 12:23 - 2016-05-17 07:34 - 00114944 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-28 23:46 - 2016-07-19 17:46 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-11-28 19:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-11-28 14:52 - 2016-06-13 20:24 - 00000000 ____D C:\Users\User\Documents\Flight Simulator-Dateien
2016-11-28 10:41 - 2016-06-12 16:51 - 00000000 ____D C:\Users\User\AppData\Roaming\DAEMON Tools Lite
2016-11-28 10:02 - 2016-07-01 16:06 - 00004180 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-11-27 14:24 - 2016-08-11 12:53 - 00000000 ____D C:\Users\User\AppData\Roaming\tropico 5
2016-11-26 10:50 - 2016-05-17 16:16 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-11-26 09:08 - 2016-07-04 18:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-11-26 09:07 - 2016-07-04 18:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-11-26 08:55 - 2016-09-21 08:29 - 00003590 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-26 08:55 - 2016-08-01 15:08 - 00003828 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-26 08:55 - 2016-08-01 15:08 - 00003828 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-26 08:55 - 2016-08-01 15:08 - 00003778 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-26 08:55 - 2016-08-01 15:08 - 00003766 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-26 08:55 - 2016-08-01 15:08 - 00003530 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-26 08:55 - 2009-01-01 00:23 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-11-26 08:55 - 2009-01-01 00:23 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-11-26 08:54 - 2016-11-04 15:21 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-26 08:54 - 2016-05-20 20:24 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-26 08:54 - 2016-05-20 20:24 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-26 08:54 - 2016-05-20 20:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-26 08:54 - 2016-05-20 20:24 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-26 08:52 - 2016-11-04 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2016-11-26 08:49 - 2009-07-14 06:08 - 00032628 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-11-24 00:18 - 2016-08-16 16:11 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
2016-11-23 17:43 - 2016-07-19 15:05 - 00000015 _____ C:\Users\User\AppData\Local\X-Plane_drm.prf
2016-11-23 11:53 - 2016-05-21 20:40 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2016-11-23 11:52 - 2016-05-21 20:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-23 11:52 - 2016-05-21 20:39 - 00000000 ____D C:\ProgramData\Skype
2016-11-21 19:45 - 2016-07-19 17:46 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2016-11-20 20:18 - 2016-03-29 10:12 - 00000000 ____D C:\Users\User\Desktop\Xperia_Z3_Compact
2016-11-20 16:52 - 2016-10-17 11:57 - 00000000 ____D C:\Users\User\Documents\Bewerbung
2016-11-20 02:54 - 2016-07-01 22:29 - 00000000 ____D C:\Program Files (x86)\OpenAL
2016-11-20 02:54 - 2016-06-20 23:23 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2016-11-20 02:54 - 2016-06-09 17:39 - 00000000 ____D C:\Program Files (x86)\UseNeXT
2016-11-20 02:53 - 2016-10-29 15:52 - 00000000 ___HD C:\Program Files (x86)\Zero G Registry
2016-11-20 02:53 - 2016-10-23 09:51 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-11-20 02:53 - 2016-10-23 09:50 - 00000000 ____D C:\Program Files (x86)\WinISO Computing
2016-11-20 02:53 - 2016-10-18 15:10 - 00000000 ____D C:\Program Files (x86)\Novation
2016-11-20 02:53 - 2016-10-17 11:36 - 00000000 ____D C:\Program Files (x86)\VirtualDJ
2016-11-20 02:53 - 2016-10-05 10:40 - 00000000 ____D C:\Program Files (x86)\Software2000
2016-11-20 02:53 - 2016-09-22 15:29 - 00000000 ____D C:\Program Files (x86)\GameDog
2016-11-20 02:53 - 2016-09-22 15:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2016-11-20 02:53 - 2016-09-21 12:11 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-11-20 02:53 - 2016-09-15 22:55 - 00000000 ____D C:\Program Files (x86)\Pidgin
2016-11-20 02:53 - 2016-09-14 11:42 - 00000000 ____D C:\Program Files (x86)\GNU
2016-11-20 02:53 - 2016-09-09 15:40 - 00000000 ____D C:\Program Files (x86)\The Mighty Quest For Epic Loot
2016-11-20 02:53 - 2016-09-06 20:38 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2016-11-20 02:53 - 2016-09-06 20:38 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2016-11-20 02:53 - 2016-09-06 20:36 - 00000000 ____D C:\Program Files (x86)\Image-Line
2016-11-20 02:53 - 2016-08-22 13:19 - 00000000 ____D C:\Program Files (x86)\Windows Media Components
2016-11-20 02:53 - 2016-08-21 20:10 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-11-20 02:53 - 2016-08-16 16:10 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-11-20 02:53 - 2016-07-05 00:21 - 00000000 ____D C:\Program Files (x86)\BitTyrant
2016-11-20 02:53 - 2016-07-05 00:20 - 00000000 ____D C:\Program Files (x86)\Azureus
2016-11-20 02:53 - 2016-07-04 20:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 11.0
2016-11-20 02:53 - 2016-07-04 20:38 - 00000000 ____D C:\Program Files (x86)\NuGet
2016-11-20 02:53 - 2016-07-04 20:36 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2016-11-20 02:53 - 2016-07-04 20:35 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-11-20 02:53 - 2016-07-04 20:35 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-11-20 02:53 - 2016-07-04 20:35 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-11-20 02:53 - 2016-07-04 20:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2016-11-20 02:53 - 2016-07-04 20:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2016-11-20 02:53 - 2016-07-04 18:48 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-11-20 02:53 - 2016-07-02 09:11 - 00000000 ____D C:\Program Files (x86)\MegaDev
2016-11-20 02:53 - 2016-07-01 22:30 - 00000000 ____D C:\Program Files (x86)\Xvid
2016-11-20 02:53 - 2016-06-27 18:40 - 00000000 ____D C:\Program Files (x86)\Minecraft
2016-11-20 02:53 - 2016-06-17 00:02 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2016-11-20 02:53 - 2016-06-16 22:56 - 00000000 ____D C:\Program Files (x86)\SQL Anywhere 16
2016-11-20 02:53 - 2016-06-09 21:19 - 00000000 ____D C:\Program Files (x86)\Java
2016-11-20 02:53 - 2016-06-09 14:33 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-11-20 02:53 - 2016-06-09 14:33 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-11-20 02:53 - 2016-06-07 02:16 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2016-11-20 02:53 - 2016-06-02 21:56 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.5.1
2016-11-20 02:53 - 2016-05-21 10:08 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-11-20 02:53 - 2016-05-21 09:49 - 00000000 ____D C:\Program Files (x86)\Google
2016-11-20 02:53 - 2016-05-21 09:33 - 00000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2016-11-20 02:53 - 2016-05-21 09:32 - 00000000 ____D C:\Program Files (x86)\Razer
2016-11-20 02:53 - 2016-05-20 20:40 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2016-11-20 02:53 - 2016-05-17 16:19 - 00000000 ____D C:\Program Files (x86)\Intel
2016-11-20 02:53 - 2016-05-17 16:16 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-11-20 02:53 - 2016-05-17 16:16 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-11-20 02:53 - 2016-05-17 16:15 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-11-20 02:53 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-11-20 02:53 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-11-20 02:53 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-11-20 02:53 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-11-20 02:53 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-11-20 02:53 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-11-20 02:53 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-11-19 18:19 - 2016-08-11 14:06 - 00000000 ____D C:\Users\User\AppData\Roaming\Kalypso Media
2016-11-19 13:50 - 2016-07-02 09:13 - 00000007 _____ C:\Users\User\Documents\mt-e_hook.txt
2016-11-17 14:45 - 2016-05-28 11:40 - 01854400 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-11-17 14:45 - 2016-05-28 11:40 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-11-17 14:45 - 2016-05-28 11:40 - 01452480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-11-17 14:45 - 2016-05-28 11:40 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-11-17 14:45 - 2016-05-28 11:40 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-11-16 12:53 - 2016-07-27 20:30 - 00000000 ____D C:\Users\Gast\Documents\My Games
2016-11-16 12:28 - 2016-06-02 22:04 - 00000000 ____D C:\Users\User\AppData\Local\Arma 3 Launcher
2016-11-16 12:16 - 2016-06-02 22:04 - 00000000 ____D C:\Users\User\AppData\Local\Arma 3
2016-11-15 13:34 - 2016-07-01 22:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
2016-11-15 13:33 - 2016-09-15 21:40 - 00000000 ____D C:\Users\User\AppData\Roaming\Nox
2016-11-15 13:33 - 2016-09-15 21:40 - 00000000 ____D C:\Users\User\AppData\Local\Nox
2016-11-15 13:32 - 2016-07-04 18:49 - 00000000 ____D C:\Program Files\KMSpico
2016-11-15 13:31 - 2016-10-10 21:26 - 00000000 ____D C:\Users\User\AppData\Local\Apple Inc
2016-11-15 13:31 - 2016-06-09 14:33 - 00000000 ____D C:\Users\User\AppData\Roaming\Apple Computer
2016-11-15 13:31 - 2016-06-09 14:32 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-11-13 23:56 - 2016-10-28 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-11-13 23:56 - 2016-10-28 21:09 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2016-11-13 19:01 - 2016-08-24 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-11-13 18:57 - 2016-06-28 21:57 - 00000000 ____D C:\Users\User\AppData\Roaming\Ubisoft
2016-11-13 15:09 - 2016-05-21 10:05 - 00000000 ____D C:\Users\User\AppData\Roaming\TS3Client
2016-11-12 20:08 - 2016-07-01 21:21 - 00000000 ____D C:\Users\User\Documents\Anno 1404
2016-11-12 20:08 - 2016-06-28 22:34 - 00000000 ____D C:\Users\User\Documents\ANNO 1404 Venedig
2016-11-11 23:21 - 2016-06-19 16:04 - 00000000 ____D C:\Users\Gast\AppData\Local\NVIDIA Corporation
2016-11-11 23:20 - 2016-06-19 16:04 - 00111400 _____ C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-09 23:15 - 2014-06-17 22:46 - 00000000 ____D C:\Windows\system32\MRT
2016-11-09 23:12 - 2014-06-17 22:46 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-09 13:43 - 2016-10-28 20:33 - 00000000 ____D C:\Users\User\AppData\Local\Skyrim Special Edition

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-06-27 14:55 - 2016-08-23 13:16 - 0000099 _____ () C:\Users\User\AppData\Roaming\LauncherSettings_live.cfg
2016-06-27 14:27 - 2016-06-27 14:27 - 0000040 _____ () C:\Users\User\AppData\Roaming\TheHunterSettings_steam_live.cfg
2016-11-28 16:50 - 2016-11-28 16:50 - 0000017 _____ () C:\Users\User\AppData\Local\resmon.resmoncfg
2016-07-19 15:05 - 2016-11-23 17:43 - 0000015 _____ () C:\Users\User\AppData\Local\X-Plane_drm.prf
2016-07-19 15:05 - 2016-07-22 09:13 - 0000061 _____ () C:\Users\User\AppData\Local\x-plane_install_10.txt
2016-05-17 16:17 - 2016-05-17 16:17 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-07-07 18:05 - 2016-07-07 18:05 - 0000111 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-12-04 15:48

==================== Ende von FRST.txt ============================