Okay, du bist der Profi :D
MBAM Log: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlaufdatum: 15.09.2015
Suchlaufzeit: 20:34
Protokolldatei: MBAM.txt
Administrator: Ja
Version: 2.1.8.1057
Malware-Datenbank: v2015.09.15.06
Rootkit-Datenbank: v2015.08.16.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Max Mustermann
Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 454641
Abgelaufene Zeit: 3 Min., 45 Sek.
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(keine bösartigen Elemente erkannt)
Module: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswerte: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Dateien: 12
RiskWare.Injector.DC, C:\$Recycle.Bin\S-1-5-21-4196615078-3407273420-3945318707-1000\$R8YAMW8.exe, In Quarantäne, [be740927dbb049ed7606b9f11de436ca],
RiskWare.Injector.DC, C:\$Recycle.Bin\S-1-5-21-4196615078-3407273420-3945318707-1000\$RBTB4HH.exe, In Quarantäne, [b87a9b951972f541a1db08a28f724fb1],
RiskWare.Injector.DC, C:\$Recycle.Bin\S-1-5-21-4196615078-3407273420-3945318707-1000\$RBTNV9B.exe, In Quarantäne, [062c3cf4a1ea87aff389b8f2a859a759],
PUP.RiskWare.Patcher, C:\$Recycle.Bin\S-1-5-21-4196615078-3407273420-3945318707-1000\$RC6BA6J.exe, In Quarantäne, [ef43f838008b54e24b18e7c3d03103fd],
RiskWare.Injector.DC, C:\$Recycle.Bin\S-1-5-21-4196615078-3407273420-3945318707-1000\$RF0QTAF.exe, In Quarantäne, [052dc07099f2f83e2e4e278334cd2ed2],
PUP.RiskWare.Patcher, C:\$Recycle.Bin\S-1-5-21-4196615078-3407273420-3945318707-1000\$RTRRQN2.exe, In Quarantäne, [39f90030a8e39f97283bbfeb48b9b34d],
RiskWare.Injector.DC, C:\$Recycle.Bin\S-1-5-21-4196615078-3407273420-3945318707-1000\$R6VMZAV\Extreme Injector v3.3.rar, In Quarantäne, [d9590f21117a64d29fdd2c7ecf32da26],
RiskWare.Injector.DC, C:\$Recycle.Bin\S-1-5-21-4196615078-3407273420-3945318707-1000\$R6VMZAV\Extreme Injector v3.exe, In Quarantäne, [0f2344ec7318b581ceaea00a35ccf40c],
RiskWare.Injector.DC, C:\$Recycle.Bin\S-1-5-21-4196615078-3407273420-3945318707-1000\$RSGMD3U.0\Extreme Injector v3.3.rar, In Quarantäne, [dd55d55b8ffc93a36e0e05a54eb35ba5],
RiskWare.Injector.DC, C:\$Recycle.Bin\S-1-5-21-4196615078-3407273420-3945318707-1000\$RSGMD3U.0\Extreme Injector v3.exe, In Quarantäne, [fb3778b84f3c0f2715671c8e9d648080],
PUP.Optional.Somoto, C:\Users\Max Mustermann\AppData\Local\Temp\nssCE79.tmp, In Quarantäne, [3cf67fb10a8168ceca169210cd384bb5],
PUP.Optional.AdOffer, C:\Users\Max Mustermann\AppData\Local\Temp\bitool.dll, In Quarantäne, [f63cfd33c3c8bb7bfdd75a3913ef1de3],
Physische Sektoren: 0
(keine bösartigen Elemente erkannt)
(end)
AdwCleaner: Code:
# AdwCleaner v5.007 - Bericht erstellt am 15/09/2015 um 20:29:23
# Aktualisiert am 08/09/2015 von Xplode
# Datenbank : 2015-09-08.2 [Lokal]
# Betriebssystem : Windows 10 Pro (x64)
# Benutzername : Max Mustermann - GAMER-PC
# Gestartet von : C:\Users\Max Mustermann\Desktop\Virus\AdwCleaner_5.007.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
***** [ Internetbrowser ] *****
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1521 Bytes] ##########
JRT: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.1 (09.08.2015:1)
OS: Windows 10 Pro x64
Ran by Max Mustermann on 15.09.2015 at 20:51:41,65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_B8C2EFD69B69FBEA94F994C89ABD1134
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\Users\Max Mustermann\Appdata\Local\crashrpt
~~~ Chrome
[C:\Users\Max Mustermann\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Max Mustermann\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Max Mustermann\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Max Mustermann\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.09.2015 at 20:53:18,76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Und das firsche FRST Log: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
durchgeführt von Niklas Gschaide (Administrator) auf GAMER-PC (15-09-2015 20:55:09)
Gestartet von C:\Users\Niklas Gschaider\Desktop\Virus\FRST
Geladene Profile: Niklas Gschaide (Verfügbare Profile: Niklas Gschaide & DefaultAppPool)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avast Software s.r.o.) C:\Program Files\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Avast Software) C:\Program Files\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\Avast\ng\ngservice.exe
(Avast Software s.r.o.) C:\Program Files\Avast\avastui.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2015-04-17] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [157696 2015-04-17] (Saitek)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-07-30] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Avast\AvastUI.exe [5515496 2015-05-21] (Avast Software s.r.o.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [592704 2015-07-08] (Razer Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104128 2015-08-14] (VMware, Inc.)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-4196615078-3407273420-3945318707-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd)
HKU\S-1-5-21-4196615078-3407273420-3945318707-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-4196615078-3407273420-3945318707-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3098424 2015-08-19] (Nota Inc.)
HKU\S-1-5-21-4196615078-3407273420-3945318707-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Niklas Gschaider\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-4196615078-3407273420-3945318707-1000\...\Run: [OneDrive] => "C:\Users\Niklas Gschaider\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
HKU\S-1-5-21-4196615078-3407273420-3945318707-1000\...\Run: [Dxtory Update Checker 2.0] => E:\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-4196615078-3407273420-3945318707-1000\...\Run: [WhatPulse] => E:\WhatPulse2\whatpulse.exe [3746816 2015-08-08] ()
HKU\S-1-5-21-4196615078-3407273420-3945318707-1000\...\RunOnce: [Uninstall C:\Users\Niklas Gschaider\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Niklas Gschaider\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-4196615078-3407273420-3945318707-1000\...\RunOnce: [Uninstall C:\Users\Niklas Gschaider\AppData\Local\Microsoft\OneDrive\17.3.5892.0626] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Niklas Gschaider\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"
IFEO\taskmgr.exe: [Debugger] "C:\USERS\NIKLAS GSCHAIDER\DOCUMENTS\PROCESSEXPLORER_NOTDELETE\PROCEXP.EXE"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast\ashShA64.dll [2015-05-21] (Avast Software s.r.o.)
Startup: C:\Users\Niklas Gschaider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XMouseButtonControl.exe.lnk [2015-07-30]
ShortcutTarget: XMouseButtonControl.exe.lnk -> E:\64bit (x64)\XMouseButtonControl.exe (Highresolution Enterprises)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\..\Interfaces\{d1aed3fd-5978-46b4-9952-3688ce375653}: [NameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-4196615078-3407273420-3945318707-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-at/?ocid=iehp
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Avast\aswWebRepIE64.dll [2015-05-21] (Avast Software s.r.o.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Avast\aswWebRepIE.dll [2015-05-21] (Avast Software s.r.o.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Avast\WebRep\FF [2015-05-21]
Chrome:
=======
CHR Profile: C:\Users\Niklas Gschaider\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Niklas Gschaider\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Präsentationen) - C:\Users\Niklas Gschaider\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-08]
CHR Extension: (Google Docs) - C:\Users\Niklas Gschaider\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-08]
CHR Extension: (Google Drive) - C:\Users\Niklas Gschaider\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-08]
CHR Extension: (YouTube) - C:\Users\Niklas Gschaider\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-08]
CHR Extension: (Google-Suche) - C:\Users\Niklas Gschaider\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-08]
CHR Extension: (Avast SafePrice) - C:\Users\Niklas Gschaider\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-08-08]
CHR Extension: (Google Tabellen) - C:\Users\Niklas Gschaider\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-08]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Niklas Gschaider\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-06]
CHR Extension: (Avast Online Security) - C:\Users\Niklas Gschaider\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-08-08]
CHR Extension: (SQLite Database Browser (Beta)) - C:\Users\Niklas Gschaider\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jlpbdkmaomigeneadlamehkfchdmojgg [2015-08-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Niklas Gschaider\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Niklas Gschaider\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-08]
CHR Extension: (Google Mail) - C:\Users\Niklas Gschaider\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-08]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-05-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-21]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avast! Antivirus; C:\Program Files\Avast\AvastSvc.exe [343336 2015-05-21] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-21] (Avast Software)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272560 2015-05-21] (Disc Soft Ltd)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 mi-raysat_3dsmax2016_64; E:\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe [86016 2011-09-15] () [Datei ist nicht signiert]
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-07-30] (Microsoft Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
S2 SaiDOutput; C:\Program Files\Saitek\DirectOutput\DirectOutputService.exe [233984 2015-04-17] (Saitek) [Datei ist nicht signiert]
S3 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12465344 2015-08-14] ()
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-30] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-07-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-21] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-21] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-21] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-21] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-04] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-21] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-21] ()
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-05-21] (Disc Soft Ltd)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [44992 2012-02-09] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-07-30] (Microsoft Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [49880 2015-07-21] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129472 2015-06-27] (Razer, Inc.)
S3 SaiK0762; C:\Windows\System32\drivers\SaiK0762.sys [179872 2015-04-17] (Saitek)
S3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [22528 2015-04-17] (Saitek)
S3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [50048 2015-04-17] (Saitek)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R2 VBoxAswDrv; C:\Program Files\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-21] (Avast Software)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-08-04] (VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [34520 2015-07-09] (VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-09-15] ()
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-15 20:51 - 2015-09-09 20:11 - 01800104 _____ (Malwarebytes Corporation) C:\Users\Niklas Gschaider\Desktop\JRT.exe
2015-09-15 20:47 - 2015-09-15 20:47 - 00016148 _____ C:\WINDOWS\system32\GAMER-PC_Niklas Gschaide_HistoryPrediction.bin
2015-09-15 20:27 - 2015-09-15 20:29 - 00000000 ____D C:\AdwCleaner
2015-09-15 20:14 - 2015-09-15 20:47 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-15 20:14 - 2015-09-15 20:14 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-15 20:14 - 2015-09-15 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-15 20:14 - 2015-09-15 20:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-15 20:14 - 2015-09-15 20:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-15 20:14 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-09-15 20:14 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-15 20:14 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-09-14 21:11 - 2015-09-14 21:10 - 00002831 _____ C:\Users\Niklas Gschaider\Desktop\Shutdown Timer.lnk
2015-09-14 21:10 - 2015-09-14 21:10 - 00000000 ____D C:\Users\Niklas Gschaider\AppData\Roaming\Sinvise Systems
2015-09-14 21:10 - 2015-09-14 21:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sinvise Systems
2015-09-14 21:10 - 2015-09-14 21:10 - 00000000 ____D C:\Program Files (x86)\Sinvise Systems
2015-09-14 20:41 - 2015-09-14 20:41 - 00000000 ____D C:\Users\Niklas Gschaider\Documents\Virtual Machines
2015-09-14 20:27 - 2015-09-15 20:26 - 00000000 ____D C:\Users\Niklas Gschaider\AppData\Roaming\VMware
2015-09-14 20:27 - 2015-09-15 20:26 - 00000000 ____D C:\Users\Niklas Gschaider\AppData\Local\VMware
2015-09-14 20:25 - 2015-08-14 14:03 - 00934080 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll
2015-09-14 20:25 - 2015-08-14 14:03 - 00391872 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe
2015-09-14 20:25 - 2015-08-14 14:03 - 00358080 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe
2015-09-14 20:25 - 2015-08-14 14:03 - 00066752 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmx86.sys
2015-09-14 20:25 - 2015-08-14 13:43 - 00026816 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetuserif.sys
2015-09-14 20:25 - 2015-08-11 19:27 - 00057536 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\hcmon.sys
2015-09-14 20:25 - 2015-08-04 01:10 - 00075512 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vsock.sys
2015-09-14 20:25 - 2015-08-04 01:10 - 00068288 _____ (VMware, Inc.) C:\WINDOWS\system32\vsocklib.dll
2015-09-14 20:25 - 2015-08-04 01:10 - 00064192 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vsocklib.dll
2015-09-14 20:24 - 2015-09-15 20:47 - 00000000 ____D C:\ProgramData\VMware
2015-09-14 20:24 - 2015-09-14 20:24 - 00001276 _____ C:\Users\Public\Desktop\VMware Workstation Pro.lnk
2015-09-14 20:24 - 2015-09-14 20:24 - 00001024 _____ C:\WINDOWS\SysWOW64\%TMP%
2015-09-14 20:24 - 2015-09-14 20:24 - 00000000 ____D C:\Users\Public\Documents\Shared Virtual Machines
2015-09-14 20:24 - 2015-09-14 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2015-09-14 20:24 - 2015-09-14 20:24 - 00000000 ____D C:\Program Files\Common Files\VMware
2015-09-14 20:24 - 2015-09-14 20:24 - 00000000 ____D C:\Program Files (x86)\VMware
2015-09-14 20:07 - 2015-09-14 20:07 - 00000805 _____ C:\Users\Niklas Gschaider\Downloads\Dokumente - Verknüpfung.lnk
2015-09-14 18:34 - 2015-09-15 20:55 - 00000000 ____D C:\FRST
2015-09-14 18:32 - 2015-09-15 20:49 - 00000000 ____D C:\Users\Niklas Gschaider\Desktop\Virus
2015-09-14 18:32 - 2015-09-14 18:32 - 00000000 _____ C:\Users\Niklas Gschaider\defogger_reenable
2015-09-14 17:09 - 2015-09-14 17:11 - 00008932 _____ C:\Users\Niklas Gschaider\Downloads\hurensohn.wav
2015-09-14 16:49 - 2015-09-14 16:49 - 00000875 _____ C:\Users\Niklas Gschaider\AppData\Local\recently-used.xbel
2015-09-14 15:04 - 2015-08-28 03:12 - 00000194 _____ C:\Users\Niklas Gschaider\Desktop\VMware Workstation 12 Serial Key.txt
2015-09-14 14:57 - 2015-09-14 14:57 - 00000000 ____D C:\Users\Niklas Gschaider\AppData\Local\RzStats
2015-09-09 18:42 - 2015-09-10 20:16 - 00000000 ____D C:\Users\Niklas Gschaider\Documents\MyTiData
2015-09-09 18:41 - 2015-09-09 18:41 - 00001082 _____ C:\Users\Public\Desktop\TI Connect.lnk
2015-09-09 18:41 - 2015-09-09 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TI Tools
2015-09-09 18:41 - 2015-09-09 18:41 - 00000000 ____D C:\Program Files\DIFX
2015-09-09 18:41 - 2015-09-09 18:41 - 00000000 ____D C:\Program Files (x86)\TI Connect
2015-09-09 18:41 - 2012-03-07 10:07 - 00129536 _____ (Texas Instruments) C:\WINDOWS\system32\Drivers\silvrlnk.sys
2015-09-09 18:41 - 2012-02-17 14:01 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71.dll
2015-09-09 18:41 - 2012-02-17 14:01 - 01047552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71u.dll
2015-09-09 18:41 - 2012-02-17 14:01 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll
2015-09-09 18:39 - 2015-09-10 21:08 - 00000000 ____D C:\Users\Niklas Gschaider\Desktop\Voyage 200
2015-09-09 18:08 - 2015-09-09 18:42 - 00000000 ____D C:\Users\Niklas Gschaider\Desktop\HTL Wr. Neustadt
2015-09-05 21:14 - 2015-09-05 23:18 - 1420594640 _____ C:\Users\Niklas Gschaider\Desktop\meeting.wav
2015-09-05 16:41 - 2015-09-05 16:41 - 00109056 _____ (Potatomaniac's Slavery Inc.) C:\Users\Niklas Gschaider\Desktop\Potatomaniac Pro M-DLL Injector Version5.exe
2015-09-05 11:49 - 2015-09-05 11:49 - 10022208 _____ C:\Users\Niklas Gschaider\Downloads\Admin Abuse.mp4
2015-09-04 21:19 - 2015-09-04 21:28 - 00001752 _____ C:\Users\Niklas Gschaider\Desktop\settings.xml
2015-09-04 21:10 - 2013-07-28 13:21 - 00103282 _____ C:\Users\Niklas Gschaider\Desktop\ttt3.lua
2015-09-04 21:10 - 2013-05-15 13:50 - 00011776 _____ C:\Users\Niklas Gschaider\Desktop\gmodpickles.dll
2015-09-04 14:48 - 2015-09-04 14:50 - 00000000 ____D C:\Users\Niklas Gschaider\Documents\ProcessExplorer_NOTDELETE
2015-09-02 20:29 - 2015-09-02 20:29 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-09-02 20:29 - 2015-09-02 20:29 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-09-02 20:00 - 2015-09-02 20:00 - 00000000 ____D C:\WINDOWS\USB Vibration
2015-09-02 19:59 - 2015-09-02 19:59 - 00000000 ____D C:\Program Files (x86)\USB Vibration
2015-09-02 19:39 - 2015-09-02 19:39 - 00000222 _____ C:\Users\Niklas Gschaider\Desktop\Rocket League.url
2015-08-31 16:59 - 2015-08-31 16:59 - 00001158 _____ C:\Users\Niklas Gschaider\Desktop\Cheat Engine.lnk
2015-08-31 16:59 - 2015-08-31 16:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2015-08-31 16:59 - 2015-08-31 16:59 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.4
2015-08-31 16:37 - 2015-09-05 22:07 - 00000000 ____D C:\Users\Niklas Gschaider\Documents\My Games
2015-08-31 16:37 - 2015-08-31 16:37 - 00000000 ____D C:\WINDOWS\D56B0E274A3E46C9B5C1D93D580C099C.TMP
2015-08-31 16:37 - 2015-08-31 16:37 - 00000000 ____D C:\Users\Niklas Gschaider\AppData\Local\Downloaded Installations
2015-08-31 16:37 - 2015-08-31 16:37 - 00000000 ____D C:\Program Files (x86)\AMD
2015-08-31 16:37 - 2008-07-12 08:18 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2015-08-31 16:37 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2015-08-31 16:37 - 2008-07-12 08:18 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2015-08-31 16:37 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2015-08-31 16:37 - 2008-07-12 08:18 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2015-08-31 16:37 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2015-08-31 15:57 - 2015-08-31 15:57 - 00000221 _____ C:\Users\Niklas Gschaider\Desktop\Moonbase Alpha.url
2015-08-31 15:57 - 2015-08-31 15:57 - 00000000 ____D C:\Users\Niklas Gschaider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-29 13:35 - 2015-08-20 08:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-29 13:35 - 2015-08-20 08:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-29 13:35 - 2015-08-20 08:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-29 13:35 - 2015-08-20 07:57 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-29 13:35 - 2015-08-20 07:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-29 13:35 - 2015-08-20 07:21 - 21875200 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-29 13:35 - 2015-08-20 07:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-29 13:35 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-29 13:35 - 2015-08-20 07:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-29 13:35 - 2015-08-20 06:31 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-29 13:35 - 2015-08-18 09:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 13:35 - 2015-08-18 09:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-08-29 13:35 - 2015-08-18 09:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-29 13:35 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-29 13:35 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-29 13:35 - 2015-08-18 09:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-08-29 13:35 - 2015-08-18 09:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2015-08-29 13:35 - 2015-08-18 09:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-29 13:35 - 2015-08-18 09:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-08-29 13:35 - 2015-08-18 09:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2015-08-29 13:35 - 2015-08-18 09:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-29 13:35 - 2015-08-18 08:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2015-08-29 13:35 - 2015-08-18 08:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2015-08-29 13:35 - 2015-08-18 08:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-08-29 13:35 - 2015-08-18 08:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2015-08-29 13:35 - 2015-08-18 08:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2015-08-29 13:35 - 2015-08-18 08:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
2015-08-29 13:35 - 2015-08-18 08:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2015-08-29 13:35 - 2015-08-18 08:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2015-08-29 13:35 - 2015-08-18 08:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-29 13:35 - 2015-08-18 08:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2015-08-29 13:35 - 2015-08-18 08:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-29 13:35 - 2015-08-18 08:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-29 13:35 - 2015-08-18 08:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-29 13:35 - 2015-08-18 08:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-29 13:35 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2015-08-29 13:35 - 2015-08-18 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2015-08-29 13:35 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2015-08-29 13:35 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2015-08-29 13:35 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2015-08-29 13:35 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2015-08-29 13:35 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-29 13:35 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2015-08-29 13:35 - 2015-08-18 06:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
2015-08-27 13:55 - 2015-08-27 13:55 - 00000000 ____D C:\Users\Niklas Gschaider\AppData\Roaming\SkypePM
2015-08-27 13:42 - 2015-09-04 14:36 - 00003662 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2015-08-27 13:35 - 2015-08-27 13:35 - 00001221 _____ C:\Users\Niklas Gschaider\Desktop\Themes.lnk
2015-08-27 13:16 - 2015-08-27 13:16 - 00000000 ____D C:\Users\Niklas Gschaider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UltraUXThemePatcher
2015-08-27 13:16 - 2015-08-27 13:16 - 00000000 ____D C:\Program Files (x86)\UltraUXThemePatcher
2015-08-27 13:16 - 2015-07-22 06:02 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll.backup
2015-08-27 13:16 - 2015-07-10 13:00 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll.backup
2015-08-27 13:16 - 2015-07-10 13:00 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxinit.dll.backup
2015-08-26 13:01 - 2015-08-27 13:55 - 00000000 ____D C:\Users\Niklas Gschaider\AppData\Local\Skype
2015-08-26 13:01 - 2015-08-26 13:01 - 00000000 ____D C:\Users\Niklas Gschaider\AppData\Roaming\SkypePM-BackupBySkypePortable
2015-08-26 13:01 - 2015-08-26 13:01 - 00000000 ____D C:\Users\Niklas Gschaider\AppData\Roaming\Skype
2015-08-25 23:48 - 2015-08-25 23:47 - 00001135 _____ C:\Users\Niklas Gschaider\Desktop\Vegas Pro 13.0 (64-bit).lnk
2015-08-25 23:47 - 2015-08-25 23:47 - 00000000 ____D C:\ProgramData\Sony
2015-08-25 23:47 - 2015-08-25 23:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-08-25 23:47 - 2015-08-25 23:47 - 00000000 ____D C:\Program Files (x86)\Sony
2015-08-25 18:20 - 2015-08-25 18:20 - 00001174 _____ C:\Users\Niklas Gschaider\Desktop\TheForest.lnk
2015-08-25 16:07 - 2015-08-13 06:33 - 24593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-25 16:07 - 2015-08-13 06:22 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-08-25 16:07 - 2015-08-13 06:20 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-08-25 16:07 - 2015-08-13 06:07 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-25 16:07 - 2015-08-13 05:53 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-08-25 16:07 - 2015-08-11 12:04 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-25 16:07 - 2015-08-11 12:04 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-25 16:07 - 2015-08-11 12:04 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-25 16:07 - 2015-08-11 12:03 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2015-08-25 16:07 - 2015-08-11 12:02 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-08-25 16:07 - 2015-08-11 12:02 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-25 16:07 - 2015-08-11 12:02 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2015-08-25 16:07 - 2015-08-11 11:57 - 03622256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-25 16:07 - 2015-08-11 11:52 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-25 16:07 - 2015-08-11 11:50 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-25 16:07 - 2015-08-11 11:40 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-25 16:07 - 2015-08-11 11:40 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-25 16:07 - 2015-08-11 11:40 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-25 16:07 - 2015-08-11 11:38 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-08-25 16:07 - 2015-08-11 11:37 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-25 16:07 - 2015-08-11 11:31 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-25 16:07 - 2015-08-11 11:26 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-25 16:07 - 2015-08-11 11:23 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-25 16:07 - 2015-08-11 11:21 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-25 16:07 - 2015-08-11 11:21 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-08-25 16:07 - 2015-08-11 11:20 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-08-25 16:07 - 2015-08-11 11:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-25 16:07 - 2015-08-11 11:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-08-25 16:07 - 2015-08-11 11:16 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-25 16:07 - 2015-08-11 11:14 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-25 16:07 - 2015-08-11 11:13 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-25 16:07 - 2015-08-11 11:11 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-25 16:07 - 2015-08-11 11:11 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-25 16:07 - 2015-08-11 11:10 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-25 16:07 - 2015-08-11 11:10 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-25 16:07 - 2015-08-11 11:10 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-08-25 16:07 - 2015-08-11 11:09 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2015-08-25 16:07 - 2015-08-11 11:08 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2015-08-25 16:07 - 2015-08-11 11:08 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-25 16:07 - 2015-08-11 11:07 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-25 16:07 - 2015-08-11 11:07 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-25 16:07 - 2015-08-11 11:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2015-08-25 16:07 - 2015-08-11 11:06 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-25 16:07 - 2015-08-11 11:06 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-25 16:07 - 2015-08-11 11:05 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-08-25 16:07 - 2015-08-11 11:05 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-25 16:07 - 2015-08-11 11:05 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-08-25 16:07 - 2015-08-11 11:05 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-08-25 16:07 - 2015-08-11 11:05 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll
2015-08-25 16:07 - 2015-08-11 11:05 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2015-08-25 16:07 - 2015-08-11 11:03 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-25 16:07 - 2015-08-11 11:02 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-25 16:07 - 2015-08-11 11:02 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-08-25 16:07 - 2015-08-11 11:02 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-25 16:07 - 2015-08-11 11:01 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-25 16:07 - 2015-08-11 11:00 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-08-25 16:07 - 2015-08-11 11:00 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-08-25 16:07 - 2015-08-11 10:59 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-25 16:07 - 2015-08-11 10:59 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-08-25 16:07 - 2015-08-11 10:59 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-25 16:07 - 2015-08-11 10:59 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2015-08-25 16:07 - 2015-08-11 10:58 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-08-25 16:07 - 2015-08-11 10:57 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-25 16:07 - 2015-08-11 10:57 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-08-25 16:07 - 2015-08-11 10:51 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-25 16:07 - 2015-08-11 10:51 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-25 16:07 - 2015-08-11 10:50 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-25 16:07 - 2015-08-11 10:50 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-08-25 16:07 - 2015-08-11 10:50 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-08-25 16:07 - 2015-08-11 10:49 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-25 16:07 - 2015-08-11 10:49 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-25 16:07 - 2015-08-11 10:48 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2015-08-25 16:07 - 2015-08-11 10:47 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-25 16:07 - 2015-08-11 10:45 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-25 16:07 - 2015-08-11 10:43 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-08-25 16:07 - 2015-08-11 10:42 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-25 16:07 - 2015-08-11 10:40 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-25 16:07 - 2015-08-11 10:40 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-25 16:07 - 2015-08-11 10:39 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-08-25 16:07 - 2015-08-11 10:38 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-25 15:27 - 2015-08-25 15:27 - 00001013 _____ C:\Users\Niklas Gschaider\Desktop\SkypePortable.lnk
2015-08-25 15:24 - 2015-08-25 15:24 - 00000000 ____D C:\ProgramData\ATI
2015-08-25 12:28 - 2015-08-25 12:28 - 00000000 ____D C:\Users\Niklas Gschaider\Desktop\MC
2015-08-25 12:21 - 2015-08-25 12:21 - 00062133 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508251221587584.log
2015-08-25 12:21 - 2015-08-25 12:21 - 00061253 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508251221379324.log
2015-08-25 12:21 - 2015-08-25 12:21 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI
2015-08-25 12:21 - 2015-08-25 12:21 - 00000000 ____D C:\Users\Default\AppData\Local\ATI
2015-08-25 12:21 - 2015-08-25 12:21 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2015-08-25 12:21 - 2015-08-25 12:21 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI
2015-08-25 12:21 - 2015-08-25 12:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-08-25 12:20 - 2015-08-25 12:20 - 47795680 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 39725024 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 30762464 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 27546080 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 25308656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 22328800 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 15725552 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 14310896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 09191312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 07577184 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 06486000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 05076976 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2015-08-25 12:20 - 2015-08-25 12:20 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2015-08-25 12:20 - 2015-08-25 12:20 - 01197552 _____ C:\WINDOWS\system32\amdocl_as64.exe
2015-08-25 12:20 - 2015-08-25 12:20 - 01070592 _____ C:\WINDOWS\system32\amdocl_ld64.exe
2015-08-25 12:20 - 2015-08-25 12:20 - 01004032 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe
2015-08-25 12:20 - 2015-08-25 12:20 - 00936928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00936928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00808944 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2015-08-25 12:20 - 2015-08-25 12:20 - 00660928 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2015-08-25 12:20 - 2015-08-25 12:20 - 00660928 _____ C:\WINDOWS\system32\atiapfxx.blb
2015-08-25 12:20 - 2015-08-25 12:20 - 00471320 _____ C:\WINDOWS\system32\amdmiracast.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00377312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-08-25 12:20 - 2015-08-25 12:20 - 00341488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2015-08-25 12:20 - 2015-08-25 12:20 - 00243696 _____ C:\WINDOWS\system32\clinfo.exe
2015-08-25 12:20 - 2015-08-25 12:20 - 00215008 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00199664 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00198640 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00168944 _____ C:\WINDOWS\system32\atieah64.exe
2015-08-25 12:20 - 2015-08-25 12:20 - 00165360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00152560 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2015-08-25 12:20 - 2015-08-25 12:20 - 00151936 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00150512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00143344 _____ C:\WINDOWS\system32\amdhdl64.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00138384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00137696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00132080 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00123872 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00117608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00111840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00111600 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00111088 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00103904 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00097776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00096736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00091104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00085472 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00082688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00081168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00073712 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00071152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00069600 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00064496 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00062432 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00059888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2015-08-25 12:20 - 2015-08-25 12:20 - 00059376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00059360 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00049632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00039904 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00014304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2015-08-25 12:20 - 2015-08-25 12:20 - 00014304 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2015-08-16 21:49 - 2015-08-26 19:12 - 00001057 _____ C:\Users\Niklas Gschaider\Desktop\netflix.txt
2015-08-16 14:25 - 2015-09-15 20:42 - 00000000 ____D C:\Users\Niklas Gschaider\AppData\Local\whatpulse
2015-08-16 14:24 - 2015-08-16 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhatPulse
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-15 20:54 - 2015-08-01 23:09 - 00004178 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{CD537BC2-4028-4379-8630-CF1DE4A78EBD}
2015-09-15 20:48 - 2015-07-04 16:57 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-15 20:47 - 2015-07-30 01:12 - 00026556 _____ C:\WINDOWS\PFRO.log
2015-09-15 20:47 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-15 20:47 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-15 20:47 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-15 20:47 - 2015-07-10 11:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-09-15 20:47 - 2015-07-04 17:15 - 00034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2015-09-15 20:47 - 2015-05-21 20:12 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-15 20:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-15 20:45 - 2015-05-21 20:12 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-15 20:37 - 2015-07-30 01:13 - 02085408 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-15 20:37 - 2015-07-10 18:34 - 00886474 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-15 20:37 - 2015-07-10 18:34 - 00197134 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-14 20:42 - 2015-07-04 19:12 - 00000000 ____D C:\Users\Niklas Gschaider\AppData\Roaming\TS3Client
2015-09-14 20:24 - 2015-07-30 01:13 - 02104680 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-09-14 18:32 - 2015-07-30 01:13 - 00000000 ____D C:\Users\Niklas Gschaider
2015-09-14 17:13 - 2015-08-07 19:04 - 00000000 ____D C:\Users\Niklas Gschaider\AppData\Roaming\vlc
2015-09-14 16:49 - 2015-07-07 18:22 - 00000000 ____D C:\Users\Niklas Gschaider\AppData\Local\gtk-2.0
2015-09-14 16:49 - 2015-07-07 18:14 - 00000000 ____D C:\Users\Niklas Gschaider\.gimp-2.8
2015-09-12 16:32 - 2015-07-21 19:15 - 00001934 _____ C:\Users\Niklas Gschaider\AppData\Local\0Pq7q
2015-09-10 20:01 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-10 19:53 - 2015-07-10 14:20 - 00346208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-09 18:41 - 2015-07-04 17:15 - 00158834 _____ C:\WINDOWS\DPINST.LOG
2015-09-05 22:34 - 2015-07-13 21:25 - 00002370 ____H C:\Users\Niklas Gschaider\Documents\Default.rdp
2015-09-05 10:46 - 2015-05-21 20:24 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-02 20:00 - 2015-05-21 19:58 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-01 20:12 - 2015-07-18 16:49 - 00000000 ____D C:\Users\Niklas Gschaider\AppData\Roaming\Audacity
2015-08-31 20:01 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-31 16:37 - 2015-07-04 19:57 - 00045377 _____ C:\WINDOWS\DirectX.log
2015-08-30 01:36 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-30 01:36 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-27 18:40 - 2015-05-21 20:12 - 00004194 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-27 18:40 - 2015-05-21 20:12 - 00003962 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-27 14:49 - 2015-07-10 21:15 - 00000000 ____D C:\Users\Niklas Gschaider\AppData\Roaming\.minecraft
2015-08-27 14:49 - 2015-07-10 14:20 - 00039728 _____ C:\WINDOWS\setupact.log
2015-08-27 13:42 - 2015-07-30 07:05 - 04724736 _____ (Microsoft Corporation) C:\WINDOWS\system32\explorerframe.dll.151
2015-08-27 13:42 - 2015-07-30 07:05 - 04314624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorerframe.dll.151
2015-08-26 21:16 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-26 15:20 - 2015-07-30 02:10 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-25 23:47 - 2015-08-07 21:44 - 00000000 ____D C:\Users\Niklas Gschaider\AppData\Local\Sony
2015-08-25 23:47 - 2015-08-07 21:40 - 00000000 ____D C:\Users\Niklas Gschaider\AppData\Roaming\Sony
2015-08-25 15:44 - 2015-07-10 14:38 - 00003556 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachineDaily
2015-08-25 15:44 - 2015-07-10 14:38 - 00003420 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine
2015-08-25 15:44 - 2015-07-10 14:38 - 00000000 ____D C:\Program Files (x86)\Gyazo
2015-08-25 12:21 - 2015-07-30 07:06 - 00000000 ____D C:\AMD
2015-08-25 12:21 - 2015-05-21 20:06 - 00000000 ____D C:\Program Files\ATI Technologies
2015-08-25 12:21 - 2015-05-21 20:06 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-08-25 12:20 - 2015-07-30 07:05 - 21632992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-08-25 12:20 - 2015-07-30 07:05 - 12062048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2015-08-25 12:20 - 2015-07-30 07:05 - 10191264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2015-08-25 12:20 - 2015-07-30 07:05 - 08979760 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2015-08-25 12:20 - 2015-07-30 07:05 - 08867016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2015-08-25 12:20 - 2015-07-30 07:05 - 08007824 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2015-08-25 12:20 - 2015-07-30 07:05 - 07484080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2015-08-25 12:20 - 2015-07-30 07:05 - 01468232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2015-08-25 12:20 - 2015-07-30 07:05 - 01257952 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-08-25 12:20 - 2015-07-30 07:05 - 01213192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2015-08-25 12:20 - 2015-07-30 07:05 - 00876000 _____ (AMD) C:\WINDOWS\system32\coinst_15.20.dll
2015-08-25 12:20 - 2015-07-30 07:05 - 00681456 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-08-25 12:20 - 2015-07-30 07:05 - 00673776 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-08-25 12:20 - 2015-07-30 07:05 - 00451056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-08-25 12:20 - 2015-07-30 07:05 - 00256992 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-08-25 12:20 - 2015-07-30 07:05 - 00162240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2015-08-25 12:20 - 2015-07-30 07:05 - 00144568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2015-08-25 12:20 - 2015-07-30 07:05 - 00130072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2015-08-25 12:20 - 2015-07-30 07:05 - 00112368 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2015-08-17 09:55 - 2015-05-21 21:18 - 00004250 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-07-25 15:47 - 2015-07-25 15:47 - 0000000 _____ () C:\Users\Niklas Gschaider\AppData\Roaming\hdl_dump.conf
2015-07-21 19:15 - 2015-09-12 16:32 - 0001934 _____ () C:\Users\Niklas Gschaider\AppData\Local\0Pq7q
2015-07-25 15:17 - 2015-07-25 15:17 - 0000600 _____ () C:\Users\Niklas Gschaider\AppData\Local\PUTTY.RND
2015-09-14 16:49 - 2015-09-14 16:49 - 0000875 _____ () C:\Users\Niklas Gschaider\AppData\Local\recently-used.xbel
2015-07-30 07:06 - 2015-07-30 07:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Niklas Gschaider\AppData\Local\Temp\AcDeltree.exe
C:\Users\Niklas Gschaider\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
C:\Users\Niklas Gschaider\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Niklas Gschaider\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-01 17:08
==================== Ende von FRST.txt ============================
Und die Addition.txt: Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:15-09-2015
durchgeführt von Niklas Gschaide (2015-09-15 20:55:33)
Gestartet von C:\Users\Niklas Gschaider\Desktop\Virus\FRST
Windows 10 Pro (X64) (2015-07-30 04:41:53)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
admin (S-1-5-21-4196615078-3407273420-3945318707-1001 - Administrator - Enabled)
Administrator (S-1-5-21-4196615078-3407273420-3945318707-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4196615078-3407273420-3945318707-503 - Limited - Disabled)
Gast (S-1-5-21-4196615078-3407273420-3945318707-501 - Limited - Disabled)
Niklas Gschaide (S-1-5-21-4196615078-3407273420-3945318707-1000 - Administrator - Enabled) => C:\Users\Niklas Gschaider
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Aerosoft's - Airbus X Extended - FSX (HKLM-x32\...\Airbus X Extended - FSX) (Version: 1.15 - )
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{AF5C19C5-CE94-A874-5367-BDCFA59D42E0}) (Version: 3.0.868.0 - Advanced Micro Devices, Inc.)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Autodesk 3ds Max 2016 (HKLM\...\Autodesk 3ds Max 2016) (Version: 18.0.873.0 - Autodesk)
Autodesk 3ds Max 2016 (Version: 18.0.873.0 - Autodesk) Hidden
Autodesk 3ds Max 2016 Populate Data (HKLM\...\{57E92DED-DC7C-41E5-B9E1-76D83BD2EABE}) (Version: 18.0.0.0 - Autodesk)
Autodesk 3ds Max 2016 SDK (HKLM\...\{E0820BD5-930B-43EC-A3C1-2634D38A1931}) (Version: 18.0.873.0 - Autodesk)
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.19 - Autodesk)
Autodesk Backburner 2016 (HKLM-x32\...\{8C5F38D2-9EFE-49A4-B3F5-BF3210FED168}) (Version: 16.0.0.0 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2016 (HKLM-x32\...\{415A5A54-325E-4815-9940-62A889CA3877}) (Version: 6.3.0.19 - Autodesk)
Autodesk Network License Manager (HKLM\...\{4BE91685-1632-47FC-B563-A8A542C6664C}) (Version: 11.12.0 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.0.0.0054 - Disc Soft Ltd)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dxtory version 2.0.122 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.122 - Dxtory Software)
EAGLE 7.3.0 (HKLM\...\EAGLE 7.3.0) (Version: 7.3.0 - CadSoft Computer GmbH)
FileZilla Client 3.12.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.12.0.2 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.8.1216 - Foxit Software Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
Gyazo 3.1.6 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
HydraVision (x32 Version: 4.2.230.0 - Advanced Micro Devices, Inc.) Hidden
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62613.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62613.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Moonbase Alpha (HKLM-x32\...\Steam App 39000) (Version: - Virtual Heroes)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.8.1 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26914 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
Saitek DirectOutput 7.0.39.0 (HKLM\...\{63F77E79-4B36-454E-8953-BE341DF837D1}) (Version: 7.0.39.0 - Saitek)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shutdown Timer (HKLM-x32\...\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}) (Version: 3.3.4 - Sinvise Systems)
Smart Technology Programming Software 7.0.39.0 (HKLM\...\{8754B15B-2477-472A-94DB-0461E3572B61}) (Version: 7.0.39.0 - Mad Catz)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TI Connect™ (HKLM-x32\...\{D06BA64C-4447-49B4-B99D-E85BEA9E1035}) (Version: 4.0.0.218 - Texas Instruments Inc.)
Twin USB Vibration Gamepad (HKLM-x32\...\{1BBDD6C0-ED6F-43C3-8A9C-84E3249A5615}) (Version: 2007.01.01 - )
UECIDE (remove only) (HKLM-x32\...\UECIDE) (Version: - )
UltraUXThemePatcher (HKLM-x32\...\UltraUXThemePatcher) (Version: 3.0.1.0 - Manuel Hoefs (Zottel))
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Vegas Pro 13.0 (64-bit) (HKLM\...\{386F5740-091D-11E4-B13E-F04DA23A5C58}) (Version: 13.0.373 - Sony)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware Workstation (HKLM\...\{132E3257-14F1-411A-BC6C-0CA32D3A9BC6}) (Version: 12.0.0 - VMware, Inc.)
WhatPulse version 2.6.3 (HKLM-x32\...\{95CC8D5F-90A1-4285-9B2D-8D0FBCFD8D0D}_is1) (Version: 2.6.3 - WhatPulse)
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-08-27 12:45 - 00002028 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 compatexchange.cloudapp.net
127.0.0.1 a-0001.a-msedge.net
127.0.0.1 choice.microsoft.com
127.0.0.1 choice.microsoft.com.nsatc.net
127.0.0.1 corpext.msitadfs.glbdns2.microsoft.com
127.0.0.1 df.telemetry.microsoft.com
127.0.0.1 oca.telemetry.microsoft.com
127.0.0.1 oca.telemetry.microsoft.com.nsatc.net
127.0.0.1 redir.metaservices.microsoft.com
127.0.0.1 reports.wes.df.telemetry.microsoft.com
127.0.0.1 services.wes.df.telemetry.microsoft.com
127.0.0.1 settings-sandbox.data.microsoft.com
127.0.0.1 sls.update.microsoft.com.akadns.net
127.0.0.1 sqm.df.telemetry.microsoft.com
127.0.0.1 sqm.telemetry.microsoft.com
127.0.0.1 sqm.telemetry.microsoft.com.nsatc.net
127.0.0.1 statsfe2.ws.microsoft.com
127.0.0.1 telecommand.telemetry.microsoft.com
127.0.0.1 telecommand.telemetry.microsoft.com.nsat*c.net
127.0.0.1 telemetry.appex.bing.net
127.0.0.1 telemetry.microsoft.com
127.0.0.1 telemetry.urs.microsoft.com
127.0.0.1 vortex-sandbox.data.microsoft.com
127.0.0.1 vortex-win.data.microsoft.com
127.0.0.1 vortex.data.microsoft.com
127.0.0.1 watson.ppe.telemetry.microsoft.com
127.0.0.1 watson.telemetry.microsoft.com
127.0.0.1 watson.telemetry.microsoft.com.nsatc.net
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0168613B-056E-4B6E-88F9-022FD6348A11} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {0622138D-BF4F-446E-97B4-BC9FBCBB099F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {0C6A1331-67B0-42A6-83FF-357A2E558993} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {0EFB49C3-A06C-481D-97C2-203CE9357B8E} - System32\Tasks\avast! Emergency Update => C:\Program Files\Avast\AvastEmUpdate.exe [2015-07-04] (Avast Software s.r.o.)
Task: {144EC29F-AC69-472F-A34A-4A635A7ABD33} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {1CAC3012-08D4-424F-9104-B9C5CED703DF} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [2015-08-11] (Microsoft Corporation)
Task: {2339B231-DFC4-48B5-A29C-660BCC7DF439} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {25834EA2-425E-4302-A873-ABCFF46AB52A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {25AB49B7-8DAD-4814-A9F9-DE595FF5706A} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe
Task: {2DEFD77A-599B-482B-8EA8-9305A5032E04} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {2EE8D8FD-53EE-4199-A06D-C73020736721} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {2F70576A-3A6C-4B68-A197-F178BF8D2F35} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {4F4D8A57-C7D2-4D43-9B07-3383E271F7E9} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {523E8A2D-119F-4885-9AE2-6DC56409A1C6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {5D88363D-084B-4103-B9DE-659D9AC467DB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {5EAD9275-B20E-4886-9E14-CF3366AD7F47} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {61F2CCAE-D00A-4F02-8C34-77858D72C087} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {6C2B7F2B-EE2F-4A69-B43C-4C507417A1DC} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {71D9ACCF-456A-4B26-8A34-B17C1A7F20C3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {7F3C23DC-9C1B-495B-8A7E-4AF8F77997A1} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-08-19] ()
Task: {8A051382-8F1B-4EF5-806C-532EB1326D38} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {8CEDFAD8-482F-4F36-A7F3-840C79C32242} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {92B9EF68-8413-4578-AE17-E63417A4F77C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {99331DB0-44E2-4670-AF92-B7A09FE56DD9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {9B114116-6EBA-4878-903A-0B61C241AC5F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {A0FF1C4C-B44D-432C-AFCB-8A38CAAB8ADC} - \Microsoft\Windows\File Classification Infrastructure\Property Definition Sync -> Keine Datei <==== ACHTUNG
Task: {B3E6B3A3-7485-46E8-9EBF-ACBCDC8498E2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {B77C4492-E376-4C22-B7CC-3E170C0957B5} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {B91D7EBE-FF40-4D3E-8073-273E1E4500C0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {BA34DDC0-5922-4EC8-9290-2D8546C46BA8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {BF8E55C2-EF1A-43AF-8A81-E56C666AE30C} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {C861BB9D-B637-41C7-9B5E-C6F31A709D44} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-21] (Google Inc.)
Task: {CCC4A535-A121-46F4-AE11-3B29C6DCF7E6} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {CD6E1282-088B-4B9C-B075-64D7B6E9C957} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {CD8F8BA5-A76F-4259-BBF1-A452CB867807} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {D5A941DB-A0A8-4BAC-A4DB-49428C93400E} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {DDA8BC5F-BAA7-4152-BEF9-8F1255BFD777} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {E8D6BEDB-0B99-448D-8A40-F9787A915A25} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {EBC08CC3-DFC9-4928-AFC3-8768ECD49A50} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-08-19] ()
Task: {EC38E817-D362-431B-B733-FB42BB57125F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F05E100D-C427-4947-8AFB-7E689BA8DEB0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {F9698482-D23E-4F82-A90B-A9007362B447} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-21] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-07-30 07:05 - 2015-07-15 04:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-29 13:35 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 13:35 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-07-09 19:32 - 2015-07-09 19:32 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-12 11:52 - 2015-08-03 03:11 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:43 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-25 16:07 - 2015-08-11 10:58 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-12 11:52 - 2015-08-03 03:09 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2012-02-09 16:26 - 2012-02-09 16:26 - 00133632 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-02-09 16:26 - 2012-02-09 16:26 - 00048128 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-02-09 16:26 - 2012-02-09 16:26 - 00036864 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
2015-06-23 21:11 - 2015-06-23 21:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-08-14 14:02 - 2015-08-14 14:02 - 12465344 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2015-05-21 21:18 - 2015-05-21 21:18 - 00104400 _____ () C:\Program Files\Avast\log.dll
2015-05-21 21:18 - 2015-05-21 21:18 - 00081728 _____ () C:\Program Files\Avast\JsonRpcServer.dll
2015-09-15 20:10 - 2015-09-15 20:10 - 02962944 _____ () C:\Program Files\Avast\defs\15091500\algo.dll
2015-05-21 21:18 - 2015-05-21 21:18 - 40540672 _____ () C:\Program Files\Avast\libcef.dll
2015-08-14 14:02 - 2015-08-14 14:02 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2015-08-14 14:02 - 2015-08-14 14:02 - 00165056 _____ () C:\Program Files (x86)\VMware\VMware Workstation\nfc-types.dll
2015-08-14 14:02 - 2015-08-14 14:02 - 00191680 _____ () C:\Program Files (x86)\VMware\VMware Workstation\LIBEXPAT.dll
2015-08-14 14:02 - 2015-08-14 14:02 - 00388800 _____ () C:\Program Files (x86)\VMware\VMware Workstation\ssoClient.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4196615078-3407273420-3945318707-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\resources\Themes\ubuntu\wallpaper\ubuntu.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{19DB9F8E-BBE1-4181-854D-1A39F1B726A5}] => (Allow) E:\SteamLibrary\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{B44A8AFE-2CDC-4EC6-AFC3-1B6B452F0C2D}] => (Allow) E:\SteamLibrary\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{05451428-5115-4044-A1AF-CE8BFF4AD11E}] => (Allow) E:\SteamLibrary\SteamApps\common\insurgency2\insurgency.exe
FirewallRules: [{6312BBCC-02E5-4B48-8306-8D717DBD10F6}] => (Allow) E:\SteamLibrary\SteamApps\common\insurgency2\insurgency.exe
FirewallRules: [{54CBD93B-A163-43DE-A1D7-40E7AE70762A}] => (Allow) E:\SteamLibrary\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{35EA17CC-57A3-4EE2-9116-E18A7137775B}] => (Allow) E:\SteamLibrary\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{DBC18310-9211-4387-B416-5B4FA3196DE2}] => (Allow) E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{0E72BDD2-33B4-4078-A5D8-0DADC3DA3788}] => (Allow) E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{072C2CD0-2A34-4AB2-AFD2-B143200EF2BC}] => (Allow) E:\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64.exe
FirewallRules: [{8F169F69-0842-4D8C-BD27-4B9955F3E25D}] => (Allow) E:\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64.exe
FirewallRules: [{34AF0AD5-D870-4BE5-9D33-A5C262A189CE}] => (Allow) E:\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe
FirewallRules: [{AF5EE052-5D08-4CAD-8A41-111C299F3C12}] => (Allow) E:\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe
FirewallRules: [UDP Query User{F06C3047-6DD3-4AB8-92A5-5B6993F049F4}C:\users\niklas gschaider\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\niklas gschaider\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{83CEA41A-7A9D-4D8C-9B4B-D684C3F8557D}C:\users\niklas gschaider\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\niklas gschaider\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{796ED51F-43EF-456A-8436-24607CC2325C}C:\users\niklas gschaider\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\niklas gschaider\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{8A52A8DC-724C-4EBA-97BB-3CF7D1AB2DC8}C:\users\niklas gschaider\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\niklas gschaider\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{732B75AF-FC62-49DB-846E-FB8D466548C6}E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{327D2242-A3D5-4FE4-AFE5-6D30B1CD8642}E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{8EAA0ADC-2B2A-408F-9FAD-F36B6205EB3D}] => (Allow) E:\SteamLibrary\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{7DB08C32-D91F-47D9-805D-4310239F13B8}] => (Allow) E:\SteamLibrary\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{9AD7C7DE-C0AD-4472-B3C6-B568923D02E9}] => (Allow) E:\SteamLibrary\SteamApps\common\Blockade3d\main.exe
FirewallRules: [{B2B56014-F34F-4A08-A10F-8BB227E5BE4D}] => (Allow) E:\SteamLibrary\SteamApps\common\Blockade3d\main.exe
FirewallRules: [UDP Query User{52F3763D-3488-4957-AD5B-41EC4BCD069D}E:\datengrab\chrome downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) E:\datengrab\chrome downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{F11C229D-3BBF-46F2-B0A0-0F08CDA8B5E5}E:\datengrab\chrome downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) E:\datengrab\chrome downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{9A1B539D-1F3B-4DE6-8DFB-1FAD08FB334F}] => (Allow) E:\SteamLibrary\SteamApps\common\Rust\Rust.exe
FirewallRules: [{91FECA88-7392-4192-95BD-FE41C022AE02}] => (Allow) E:\SteamLibrary\SteamApps\common\Rust\Rust.exe
FirewallRules: [UDP Query User{76D3EC73-4957-4F77-B08D-B5BA7D055950}C:\program files (x86)\majenko technologies\uecide\java\bin\javaw.exe] => (Block) C:\program files (x86)\majenko technologies\uecide\java\bin\javaw.exe
FirewallRules: [TCP Query User{1E0652BE-FCFA-4DB5-82FF-9C0D52C9DB64}C:\program files (x86)\majenko technologies\uecide\java\bin\javaw.exe] => (Block) C:\program files (x86)\majenko technologies\uecide\java\bin\javaw.exe
FirewallRules: [{66DCE7F8-B55B-4FF6-BEB5-E223AF3619F2}] => (Allow) E:\SteamLibrary\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{49287D40-CE9D-42D7-AA5C-51C3C245B4A7}] => (Allow) E:\SteamLibrary\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{71A5FCFE-4F15-46B4-9985-8FC4AD0C604B}] => (Allow) E:\SteamLibrary\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{5647975A-6754-42EC-9669-3B96962DB8A0}] => (Allow) E:\SteamLibrary\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [UDP Query User{86D78403-6625-43F3-A4C3-A659012C5E1B}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [TCP Query User{90830837-5601-45CA-963C-60B276FFBD1C}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [{34659EE7-B9C2-49F2-8A40-BBBE2DEB2B1E}] => (Allow) E:\SteamLibrary\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{92B14D63-A79E-47D2-A608-5935F0F8C33A}] => (Allow) E:\SteamLibrary\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{497F807B-8BB4-4408-B151-F8975B38A446}] => (Allow) E:\SteamLibrary\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{DCD3B53F-E3AC-4007-89B4-78A3E06EAD97}] => (Allow) E:\SteamLibrary\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{978D9D5E-3780-421B-A31E-D99D1E5558E1}] => (Allow) E:\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0E94AA0D-9A84-41C5-B1CA-C69DF80973FF}] => (Allow) E:\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{5F474C27-D827-415A-AE97-740D3503D12F}] => (Allow) E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8006324E-00A7-4617-9D60-9D8059A2FAB1}] => (Allow) E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7EE28DBA-AEA7-48DB-9BF8-F94DCA59D2F8}] => (Allow) E:\SteamLibrary\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{699C9F97-991A-4439-B86A-A2E3DC61604C}] => (Allow) E:\SteamLibrary\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{C367EC7E-5EE3-4431-A406-D7E637685A90}] => (Allow) E:\SteamLibrary\SteamApps\common\FSX\fsx.exe
FirewallRules: [{29505908-97CD-4D85-8E23-081A4A7528C4}] => (Allow) E:\SteamLibrary\SteamApps\common\FSX\fsx.exe
FirewallRules: [{9C41B323-5E9B-4417-9F8B-F6EAEBF1DDFF}] => (Allow) E:\SteamLibrary\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{DB70D0D4-AFD7-4ED0-ADE9-910B079B101B}] => (Allow) E:\SteamLibrary\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{E2CF7E07-206C-4113-8A1A-2418CDB9BD25}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1E988DE9-AFDF-48BF-B2FB-57F587422EF5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{35DB3E73-B542-45FC-84F1-9432E680E4F7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B92CD431-E921-4CD0-BBE6-9FE88B39F0B1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{0FF004E5-9DE4-473E-8F8C-A19F6916D957}C:\users\niklas gschaider\appdata\local\temp\rarsfx0\bie_kms.exe] => (Allow) C:\users\niklas gschaider\appdata\local\temp\rarsfx0\bie_kms.exe
FirewallRules: [TCP Query User{3F322FA9-4EC0-41D3-B431-FD4509D1DA7A}C:\users\niklas gschaider\appdata\local\temp\rarsfx0\bie_kms.exe] => (Allow) C:\users\niklas gschaider\appdata\local\temp\rarsfx0\bie_kms.exe
FirewallRules: [{ACA48457-F3DA-410E-8359-F91FD6C91582}] => (Allow) C:\Program Files\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4B4C970C-E3CC-48DB-B550-7040AF32ADE6}] => (Allow) C:\Program Files\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{E2F9FA5A-ECB8-4DFE-AE7A-75C6CEB6ABC5}E:\steamlibrary\steamapps\common\half-life\hl.exe] => (Allow) E:\steamlibrary\steamapps\common\half-life\hl.exe
FirewallRules: [UDP Query User{42B92405-BADD-4E9C-8EE4-C3C5949CA026}E:\steamlibrary\steamapps\common\half-life\hl.exe] => (Allow) E:\steamlibrary\steamapps\common\half-life\hl.exe
FirewallRules: [TCP Query User{E4D16B10-4EF0-45FB-838E-E6837C999903}C:\users\niklas gschaider\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\niklas gschaider\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5AEADD9E-DD21-42B2-9850-602B3EB53AC7}C:\users\niklas gschaider\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\niklas gschaider\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{D17A89DD-23C9-4121-921B-01D097AFA089}E:\datengrab\chrome downloads\skypeportable\app\skype\phone\skype.exe] => (Allow) E:\datengrab\chrome downloads\skypeportable\app\skype\phone\skype.exe
FirewallRules: [UDP Query User{B6F9DAC4-BE84-4BFB-8A85-F39EE5ACD9C2}E:\datengrab\chrome downloads\skypeportable\app\skype\phone\skype.exe] => (Allow) E:\datengrab\chrome downloads\skypeportable\app\skype\phone\skype.exe
FirewallRules: [TCP Query User{A15FD839-0EAC-4166-9152-E7F587F244FD}E:\datengrab\chrome downloads\sb\starcraft.exe] => (Allow) E:\datengrab\chrome downloads\sb\starcraft.exe
FirewallRules: [UDP Query User{6F79F9AA-5078-4B41-B6AA-0624318116CD}E:\datengrab\chrome downloads\sb\starcraft.exe] => (Allow) E:\datengrab\chrome downloads\sb\starcraft.exe
FirewallRules: [TCP Query User{2A7FF478-C890-4874-B9D3-2972818CF962}E:\skypeportable\app\skype\phone\skype.exe] => (Allow) E:\skypeportable\app\skype\phone\skype.exe
FirewallRules: [UDP Query User{6D8A7389-49CB-4892-9C3C-5BB3B2624490}E:\skypeportable\app\skype\phone\skype.exe] => (Allow) E:\skypeportable\app\skype\phone\skype.exe
FirewallRules: [TCP Query User{37FF6BA4-0269-4568-8A86-188F5FE86DB3}C:\users\niklas gschaider\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\niklas gschaider\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{BC527FC9-80B6-48DE-B073-D9A109E495D6}C:\users\niklas gschaider\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\niklas gschaider\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{9E57B220-BA25-46E2-ACB9-7DB928C49434}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Moon Base Alpha\Binaries\Win32\MoonBaseAlphaGame.exe
FirewallRules: [{063F335C-F291-4AC8-8BDF-E72472E88A17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Moon Base Alpha\Binaries\Win32\MoonBaseAlphaGame.exe
FirewallRules: [{C60AE296-5231-45E7-9CDF-41261918F041}] => (Allow) E:\SteamLibrary\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{184C474E-72C6-4CDF-BC40-8D527D43868F}] => (Allow) E:\SteamLibrary\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{6F4CD719-147D-48A9-A063-4E3AFCB24F1E}] => (Allow) E:\SteamLibrary\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{37300DA3-53B6-409E-907C-BA2114EDB46E}] => (Allow) E:\SteamLibrary\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [TCP Query User{2D800F21-34F1-4BD1-9957-FA0842C3349A}E:\steamlibrary\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Allow) E:\steamlibrary\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [UDP Query User{BE18BC3B-D60C-4718-93E8-F67AE9BAE073}E:\steamlibrary\steamapps\common\rocketleague\binaries\win32\rocketleague.exe] => (Allow) E:\steamlibrary\steamapps\common\rocketleague\binaries\win32\rocketleague.exe
FirewallRules: [TCP Query User{7A34BC28-4B0B-4013-A68B-3DD7D915C914}C:\program files (x86)\majenko technologies\uecide\java\bin\javaw.exe] => (Allow) C:\program files (x86)\majenko technologies\uecide\java\bin\javaw.exe
FirewallRules: [UDP Query User{23CD4C3D-FACD-4B55-9396-75F560380AA2}C:\program files (x86)\majenko technologies\uecide\java\bin\javaw.exe] => (Allow) C:\program files (x86)\majenko technologies\uecide\java\bin\javaw.exe
FirewallRules: [{B3E15DA9-3AB4-44DC-A978-0B948C9B28F2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{3B023C2D-619F-427C-AEBE-585A71FA9DA6}E:\steamlibrary\steamapps\common\goatsimulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\goatsimulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{C6104BBA-13E2-48E3-A404-975EBD99ECE7}E:\steamlibrary\steamapps\common\goatsimulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) E:\steamlibrary\steamapps\common\goatsimulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [{01E80105-5B5E-41C3-AA1E-624D376F5D29}] => (Allow) E:\SteamLibrary\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{7637B1CE-AE63-4FE5-A9AD-209C365DA137}] => (Allow) E:\SteamLibrary\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F99C78E2-DD3C-4DCB-B028-7EC595C18A39}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{601A2170-88F0-4F2F-809C-C328989E07F7}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{800AFC09-5CE6-4DB7-8727-FC5726282F42}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{2A0D3605-9A44-4BBB-86D8-C5EE19BB12F4}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/15/2015 08:52:03 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2
Error: (09/15/2015 08:47:21 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2
Error: (09/15/2015 08:31:47 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2
Error: (09/15/2015 08:29:27 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2
Error: (09/15/2015 08:23:12 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (7552) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (09/15/2015 08:23:12 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (7552) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (09/15/2015 08:23:02 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (7552) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (09/15/2015 08:23:02 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (7552) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (09/15/2015 08:22:52 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (7552) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (09/15/2015 08:22:52 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (7552) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Systemfehler:
=============
Error: (09/15/2015 08:52:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/15/2015 08:51:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Disc Soft Lite Bus Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/15/2015 08:51:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware Workstation Server" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/15/2015 08:51:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware NAT Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 1000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/15/2015 08:51:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "VMware USB Arbitration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/15/2015 08:51:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VMware Authorization Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/15/2015 08:51:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VMware DHCP Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/15/2015 08:51:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Razer Game Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/15/2015 08:51:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Saitek DirectOutput" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/15/2015 08:51:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Message Queuing" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2015-09-15 20:47:15.234
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-15 20:31:41.365
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-15 20:01:25.513
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-14 14:49:49.371
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-12 15:28:07.511
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-10 19:53:12.167
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-09 17:56:49.383
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-06 12:41:45.329
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-05 10:17:17.359
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-04 12:52:40.188
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 20%
Installierter physikalischer RAM: 8147.25 MB
Verfügbarer physikalischer RAM: 6478.65 MB
Summe virtueller Speicher: 16339.25 MB
Verfügbarer virtueller Speicher: 14706.71 MB
==================== Laufwerke ================================
Drive a: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive c: () (Fixed) (Total:111.25 GB) (Free:40.78 GB) NTFS
Drive d: (Datengrab) (Fixed) (Total:537.11 GB) (Free:536.28 GB) NTFS
Drive e: (Datengrab) (Fixed) (Total:788.7 GB) (Free:383.5 GB) NTFS
Drive h: (Maxi) (Fixed) (Total:537.11 GB) (Free:301.88 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: F7DF11B1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 83235CBD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=537.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=537.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=788.7 GB) - (Type=OF Extended)
==================== Ende von Addition.txt ============================
|
So funktioniert es:
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
