Trojaner-Board - FireHooker im System32 ordner

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - FireHooker im System32 ordner (https://www.trojaner-board.de/176973-firehooker-system32-ordner.html)

FireHooker im System32 ordner

Hallo,

ich habe seit kurzem das Problem dass mein Kaspersky bei jedem Systemstart eine dll aus dem System32 Ordner desinfizieren will, da er es nicht schafft entfernt er die Datei.

Ich meine es ist die wow64.dll

anbei die FRST logfiles.

https://onedrive.live.com/redir?resid=9915FE91FF88961D!1511&authkey=!AMXp48s1W-FU83c&ithint=folder%2ctxt

Welche Möglichkeiten habe ich?

Danke und Gruß

Hallo und :hallo:

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

http://www.trojaner-board.de/picture...&pictureid=307

Hallo,

mir ist leider ein Fehler unterlaufen. Die infizierte Datei befindet sich nicht im system32 Ordner sondern im Ordner

Code:

"C:\Windows\SysWOW64\kd_12_14e4.dll;C:\Windows\SysWOW64\kd_12_14e4.dll"

Anbei noch alle Logfiles die mir zur Verfügung stehen.

Kaspersky Log

Code:

16.03.2016 18.14.03;Objekt (Datei) wurde gefunden.;C:\Windows\SysWOW64\kd_12_14e4.dll;C:\Windows\System32\DnsBlockUpdateSvc.exe;C:\Windows\SysWOW64\kd_12_14e4.dll;03/16/2016 18:14:03;Trojan.Win32.FireHooker.a

Code:

16.03.2016 18.14.08;Gefundenes Objekt (Datei) wurde gelöscht.;C:\Windows\SysWOW64\kd_12_14e4.dll;C:\Windows\System32\DnsBlockUpdateSvc.exe;C:\Windows\SysWOW64\kd_12_14e4.dll;03/16/2016 18:14:08;Trojan.Win32.FireHooker.a

Code:

16.03.2016 18.14.08;Gefundenes Objekt (Datei) wurde ins Backup verschoben.;C:\Windows\SysWOW64\kd_12_14e4.dll;C:\Windows\System32\DnsBlockUpdateSvc.exe;C:\Windows\SysWOW64\kd_12_14e4.dll;03/16/2016 18:14:08;Trojan.Win32.FireHooker.a

FRST Logs folgen

FRST Logfile:

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01

durchgeführt von Thomas Angl (Administrator) auf TA-PC (16-03-2016 20:27:30)

Gestartet von C:\Users\Thomas Angl\Desktop

Geladene Profile: Thomas Angl (Verfügbare Profile: Thomas Angl & TA & User & Administrator)

Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: "C:\Program Files\Waterfox\waterfox.exe" -osint -url "%1")

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe

() C:\Windows\System32\DnsBlockUpdateSvc.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe

(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe

(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe

(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe

(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe

(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avpui.exe

() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe

() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe

(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe

(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe

(Outertech) C:\Program Files (x86)\ClipboardHistory\ClipboardHistory.exe

(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.3\kpm.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE

() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe

(sw4you) C:\Program Files (x86)\Hardcopy\hardcopy.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\MSOSYNC.EXE

(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe

(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe

(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe

(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Waterfox) C:\Program Files\Waterfox\waterfox.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE

() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe

() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe

(Mozilla Corporation) C:\Program Files\Waterfox\plugin-container.exe
 
 

==================== Registry (Nicht auf der Ausnahmeliste) ===========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-20] (Logitech Inc.)

HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4887752 2015-12-23] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()

HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe

HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [56592 2016-03-02] (Raptr, Inc)

HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104128 2015-11-25] (VMware, Inc.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)

HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-03-10] (Plays.tv, LLC)

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\Run: [Clipomatic] => C:\Program Files\Clipomatic\CLIPOM~2.EXE

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3074128 2016-03-10] (Valve Corporation)

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23260000 2016-02-24] (Google)

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\Run: [ClipboardHistory] => C:\Program Files (x86)\ClipboardHistory\ClipboardHistory.exe [1124240 2015-12-23] (Outertech)

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\Run: [BitComet] => "C:\Program Files (x86)\BitComet\BitComet.exe" /tray

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.3\kpm.exe [7473880 2015-07-18] (AO Kaspersky Lab)

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\RunOnce: [Uninstall C:\Users\Thomas Angl\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Thomas Angl\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\RunOnce: [Uninstall C:\Users\Thomas Angl\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Thomas Angl\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\RunOnce: [Uninstall C:\Users\Thomas Angl\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Thomas Angl\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK [2016-01-10]

ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you)

Startup: C:\Users\Thomas Angl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CLIPOM~2.EXE - Verknüpfung.lnk [2016-01-09]

ShortcutTarget: CLIPOM~2.EXE - Verknüpfung.lnk -> C:\Program Files\Clipomatic\CLIPOM~2.EXE (Keine Datei)

GroupPolicy: Beschränkung - Chrome <======= ACHTUNG

CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ACHTUNG (Beschränkung - ProxySettings)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{3a941411-f9b1-4735-8b85-0c6833bf997a}: [DhcpNameServer] 192.168.178.1
 

Internet Explorer:

==================

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

SearchScopes: HKU\S-1-5-21-1453454617-903515338-1349220620-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

SearchScopes: HKU\S-1-5-21-1453454617-903515338-1349220620-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

BHO: Kein Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> Keine Datei

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-22] (Oracle Corporation)

BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-25] (AO Kaspersky Lab)

BHO: Kein Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> Keine Datei

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-22] (Oracle Corporation)

BHO: Kaspersky Password Manager -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.3\x64\ie_engine.dll [2015-07-18] (AO Kaspersky Lab)

BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-02-28] (Microsoft Corporation)

BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2015-12-25] (AO Kaspersky Lab)

BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-02-28] (Microsoft Corporation)

BHO-x32: Kaspersky Password Manager -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.3\ie_engine.dll [2015-07-18] (AO Kaspersky Lab)

Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-25] (AO Kaspersky Lab)

Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2015-10-19] (pdfforge GmbH)

Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2015-12-25] (AO Kaspersky Lab)

Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)

Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)

Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)

Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)
 

FireFox:

========

FF ProfilePath: C:\Users\Thomas Angl\AppData\Roaming\Mozilla\Firefox\Profiles\g50gxemg.default

FF DefaultSearchEngine: google

FF DefaultSearchUrl: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=utf-8&oe=utf-8&meta=lr=lang_de&q=

FF SelectedSearchEngine: Google

FF SelectedSearchEngine: google

FF Homepage: hxxp://www.google.de?hl=de&gl=de

FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=UTF-8&oe=UTF-8&meta=lr=lang_de&q=

FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=utf-8&oe=utf-8&meta=lr=lang_de&q=

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-10] ()

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-02-28] (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-10] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-02-28] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2015-10-19] (pdfforge GmbH)

FF user.js: detected! => C:\Users\Thomas Angl\AppData\Roaming\Mozilla\Firefox\Profiles\g50gxemg.default\user.js [2016-03-16]

FF Extension: Tab Mix Plus - C:\Users\Thomas Angl\AppData\Roaming\Mozilla\Firefox\Profiles\g50gxemg.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-03-16]

FF Extension: Tree Style Tab - C:\Users\Thomas Angl\AppData\Roaming\Mozilla\Firefox\Profiles\g50gxemg.default\extensions\treestyletab@piro.sakura.ne.jp.xpi [2016-03-16]

FF Extension: Roomy Bookmarks Toolbar - C:\Users\Thomas Angl\AppData\Roaming\Mozilla\Firefox\Profiles\g50gxemg.default\extensions\ALone-live@ya.ru.xpi [2016-03-16]

FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox [2016-03-01]

FF Extension: German Dictionary - C:\Users\Thomas Angl\AppData\Roaming\Mozilla\Firefox\Profiles\g50gxemg.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2016-03-16]

FF Extension: uBlock - C:\Users\Thomas Angl\AppData\Roaming\Mozilla\Firefox\Profiles\g50gxemg.default\Extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi [2016-03-16]

FF Extension: Personas Shuffler - C:\Users\Thomas Angl\AppData\Roaming\Mozilla\Firefox\Profiles\g50gxemg.default\Extensions\{f18ce681-59c6-4a25-8ecb-e3e0fd7fbb44}.xpi [2016-03-16]

FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox

FF HKLM-x32\...\Firefox\Extensions: [{925DEF43-7333-47E7-A204-E67CF6589A54}] - C:\WINDOWS\Installer\{8FC06C19-071A-4232-A6B7-9855F672D825}\{925DEF43-7333-47E7-A204-E67CF6589A54}.xpi

FF Extension: Download Protect - C:\WINDOWS\Installer\{8FC06C19-071A-4232-A6B7-9855F672D825}\{925DEF43-7333-47E7-A204-E67CF6589A54}.xpi [2016-03-07]

FF HKLM-x32\...\Firefox\Extensions: [{B4139F5C-9819-40A5-A444-563D976CBE05}] - C:\WINDOWS\Installer\{8EC67672-A3A6-4FB2-8562-6C799A1F7339}\{B4139F5C-9819-40A5-A444-563D976CBE05}.xpi

FF Extension: Download Protect - C:\WINDOWS\Installer\{8EC67672-A3A6-4FB2-8562-6C799A1F7339}\{B4139F5C-9819-40A5-A444-563D976CBE05}.xpi [2016-03-08]

FF HKLM-x32\...\Firefox\Extensions: [{50DE7D2C-E03D-411A-9DCC-678E533EEBE2}] - C:\WINDOWS\Installer\{0E0DD381-1A80-42E6-A261-F1A2FF3ED5A7}\{50DE7D2C-E03D-411A-9DCC-678E533EEBE2}.xpi

FF Extension: Download Protect - C:\WINDOWS\Installer\{0E0DD381-1A80-42E6-A261-F1A2FF3ED5A7}\{50DE7D2C-E03D-411A-9DCC-678E533EEBE2}.xpi [2016-03-16]
 

Chrome: 

=======

CHR Profile: C:\Users\Thomas Angl\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Web Store) - C:\Users\Thomas Angl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-25]

CHR Extension: (Google Drive) - C:\Users\Thomas Angl\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-25]

CHR Extension: (YouTube) - C:\Users\Thomas Angl\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-25]

CHR Extension: (Google-Suche) - C:\Users\Thomas Angl\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-25]

CHR Extension: (Web Store) - C:\Users\Thomas Angl\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-01-27]

CHR Extension: (Web Store) - C:\Users\Thomas Angl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-25]

CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Thomas Angl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-25]

CHR Extension: (Google Mail) - C:\Users\Thomas Angl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-25]

CHR Extension: (Download Protect) - C:\Users\Thomas Angl\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmnhfkfnkbdaklpjkembblhineampnf [2016-03-08]

CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

CHR HKU\S-1-5-21-1453454617-903515338-1349220620-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hlpfbladobbejblkbfleiljmikcfhkem] - hxxps://chrome.google.com/webstore/detail/hlpfbladobbejblkbfleiljmikcfhkem

CHR HKU\S-1-5-21-1453454617-903515338-1349220620-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
 

==================== Dienste (Nicht auf der Ausnahmeliste) ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2015-12-25] ()

R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe [194000 2015-12-25] (Kaspersky Lab ZAO)

S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-01-17] (BitRaider, LLC)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2804976 2016-02-28] (Microsoft Corporation)

R2 DnsBlockUpdateSvc; C:\WINDOWS\system32\DnsBlockUpdateSvc.exe [149024 2016-01-09] ()

S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)

R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]

S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation)

S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2105352 2016-01-30] (Electronic Arts)

S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2015-10-19] (pdfforge GmbH)

S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2015-10-19] (pdfforge GmbH)

R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2015-10-19] (pdfforge GmbH)

R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-03-10] (Plays.tv, LLC)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)

R2 vmware-converter-agent; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [503512 2016-02-09] (VMware, Inc.)

R2 vmware-converter-server; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [503512 2016-02-09] (VMware, Inc.)

R2 vmware-converter-worker; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [503512 2016-02-09] (VMware, Inc.)

R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12462784 2015-11-25] ()

S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

S2 PDF Architect 4 Manager; "C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe" [X]
 

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-12-25] ()

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-09-18] (Advanced Micro Devices)

S3 bmdrvr; C:\Windows\SysWow64\drivers\bmdrvr.sys [75992 2016-02-09] (VMware, Inc.)

R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)

R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)

R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)

R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)

R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [77728 2016-03-01] (AO Kaspersky Lab)

S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)

R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2015-12-25] (AO Kaspersky Lab)

R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2015-12-25] (AO Kaspersky Lab)

R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [927640 2016-03-01] (AO Kaspersky Lab)

S1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)

R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)

R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)

R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-12-25] (AO Kaspersky Lab)

R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2015-12-25] (Kaspersky Lab ZAO)

R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)

R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)

S3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)

R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)

R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)

R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [183584 2015-06-12] (Intel Corporation)

R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()

S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()

R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek                                            )

R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-11-05] (VMware, Inc.)

R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [35032 2016-02-09] (VMware, Inc.)

S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)

R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-03-16 20:27 - 2016-03-16 20:27 - 00028676 _____ C:\Users\Thomas Angl\Desktop\FRST.txt

2016-03-16 20:27 - 2016-03-16 18:28 - 02374144 _____ (Farbar) C:\Users\Thomas Angl\Desktop\FRST64.exe

2016-03-16 18:28 - 2016-03-16 20:27 - 00000000 ____D C:\FRST

2016-03-16 18:21 - 2016-03-16 18:21 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2016-03-16 18:21 - 2016-03-16 18:21 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2016-03-16 18:21 - 2016-03-16 18:21 - 00000000 ____D C:\ProgramData\Malwarebytes

2016-03-16 18:20 - 2016-03-16 18:28 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2016-03-16 18:20 - 2016-03-16 18:28 - 00000000 ____D C:\Users\Thomas Angl\Desktop\mbar

2016-03-16 18:20 - 2016-03-16 18:20 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Thomas Angl\Desktop\mbar-1.09.3.1001.exe

2016-03-16 18:14 - 2016-03-16 18:14 - 00000000 ____D C:\Program Files (x86)\{3A411C52-5BFA-4B6E-9250-B545845499AC}

2016-03-16 16:57 - 2016-03-16 16:57 - 00001514 _____ C:\Users\Thomas Angl\AppData\Local\recently-used.xbel

2016-03-16 16:57 - 2016-03-16 16:57 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\gtk-2.0

2016-03-16 16:50 - 2016-03-16 16:50 - 00000000 ____D C:\Users\Thomas Angl\.thumbnails

2016-03-16 16:49 - 2016-03-16 16:57 - 00000000 ____D C:\Users\Thomas Angl\.gimp-2.8

2016-03-16 16:49 - 2016-03-16 16:49 - 00000960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk

2016-03-16 16:49 - 2016-03-16 16:49 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\gegl-0.2

2016-03-16 16:49 - 2016-03-16 16:49 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\fontconfig

2016-03-16 16:49 - 2016-03-16 16:49 - 00000000 ____D C:\Program Files\GIMP 2

2016-03-15 17:01 - 2016-03-15 17:01 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\.minecraft

2016-03-15 16:27 - 2016-03-15 16:27 - 00000000 ____D C:\Program Files\Common Files\DESIGNER

2016-03-15 16:23 - 2016-03-15 16:23 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\.technic

2016-03-15 16:17 - 2016-03-15 16:17 - 00000726 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Feed the Beast (FTB).lnk

2016-03-14 18:27 - 2016-03-14 18:27 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\Axolot Games

2016-03-14 14:45 - 2016-03-14 14:45 - 00001390 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk

2016-03-14 14:45 - 2016-03-14 14:45 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\Kaspersky Lab

2016-03-14 14:45 - 2016-03-14 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager

2016-03-11 19:45 - 2016-03-11 19:45 - 00000000 ____D C:\Users\Default\AppData\Local\Google

2016-03-11 19:45 - 2016-03-11 19:45 - 00000000 ____D C:\Users\Default User\AppData\Local\Google

2016-03-09 16:21 - 2016-03-01 06:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll

2016-03-09 16:21 - 2016-03-01 06:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll

2016-03-09 16:21 - 2016-02-24 10:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2016-03-09 16:21 - 2016-02-24 10:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2016-03-09 16:21 - 2016-02-24 10:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2016-03-09 16:21 - 2016-02-24 10:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll

2016-03-09 16:21 - 2016-02-24 10:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll

2016-03-09 16:21 - 2016-02-24 10:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2016-03-09 16:21 - 2016-02-24 09:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll

2016-03-09 16:21 - 2016-02-24 09:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll

2016-03-09 16:21 - 2016-02-24 09:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe

2016-03-09 16:21 - 2016-02-24 09:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll

2016-03-09 16:21 - 2016-02-24 09:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll

2016-03-09 16:21 - 2016-02-24 09:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll

2016-03-09 16:21 - 2016-02-24 09:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll

2016-03-09 16:21 - 2016-02-24 09:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2016-03-09 16:21 - 2016-02-24 09:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll

2016-03-09 16:21 - 2016-02-24 09:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe

2016-03-09 16:21 - 2016-02-24 09:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll

2016-03-09 16:21 - 2016-02-24 09:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll

2016-03-09 16:21 - 2016-02-24 09:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2016-03-09 16:21 - 2016-02-24 09:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys

2016-03-09 16:21 - 2016-02-24 09:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll

2016-03-09 16:21 - 2016-02-24 09:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll

2016-03-09 16:21 - 2016-02-24 08:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll

2016-03-09 16:21 - 2016-02-24 08:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2016-03-09 16:21 - 2016-02-24 08:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll

2016-03-09 16:21 - 2016-02-24 08:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll

2016-03-09 16:21 - 2016-02-24 08:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll

2016-03-09 16:21 - 2016-02-24 08:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll

2016-03-09 16:21 - 2016-02-24 07:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll

2016-03-09 16:21 - 2016-02-24 07:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe

2016-03-09 16:21 - 2016-02-24 07:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll

2016-03-09 16:21 - 2016-02-24 07:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll

2016-03-09 16:21 - 2016-02-24 07:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll

2016-03-09 16:21 - 2016-02-24 07:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll

2016-03-09 16:21 - 2016-02-24 07:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll

2016-03-09 16:21 - 2016-02-24 07:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

2016-03-09 16:21 - 2016-02-24 07:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll

2016-03-09 16:21 - 2016-02-24 07:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2016-03-09 16:21 - 2016-02-24 07:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe

2016-03-09 16:21 - 2016-02-24 07:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll

2016-03-09 16:21 - 2016-02-24 07:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll

2016-03-09 16:21 - 2016-02-24 07:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll

2016-03-09 16:21 - 2016-02-24 07:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2016-03-09 16:21 - 2016-02-24 07:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll

2016-03-09 16:21 - 2016-02-24 07:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll

2016-03-09 16:21 - 2016-02-24 07:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll

2016-03-09 16:21 - 2016-02-24 07:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll

2016-03-09 16:21 - 2016-02-24 07:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll

2016-03-09 16:21 - 2016-02-24 07:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll

2016-03-09 16:21 - 2016-02-24 07:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

2016-03-09 16:21 - 2016-02-24 07:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe

2016-03-09 16:21 - 2016-02-24 07:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll

2016-03-09 16:21 - 2016-02-24 07:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll

2016-03-09 16:21 - 2016-02-24 07:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2016-03-09 16:21 - 2016-02-24 07:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll

2016-03-09 16:21 - 2016-02-24 06:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2016-03-09 16:21 - 2016-02-24 06:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll

2016-03-09 16:21 - 2016-02-24 06:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll

2016-03-09 16:21 - 2016-02-24 06:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2016-03-09 16:21 - 2016-02-24 06:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2016-03-09 16:21 - 2016-02-24 06:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2016-03-09 16:21 - 2016-02-24 06:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll

2016-03-09 16:21 - 2016-02-24 06:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2016-03-09 16:21 - 2016-02-24 06:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll

2016-03-09 16:21 - 2016-02-24 06:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll

2016-03-09 16:21 - 2016-02-24 06:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll

2016-03-09 16:21 - 2016-02-24 05:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2016-03-09 16:21 - 2016-02-24 05:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2016-03-09 16:20 - 2016-02-24 10:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2016-03-09 16:20 - 2016-02-24 10:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2016-03-09 16:20 - 2016-02-24 09:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS

2016-03-09 16:20 - 2016-02-24 09:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe

2016-03-09 16:20 - 2016-02-24 09:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll

2016-03-09 16:20 - 2016-02-24 09:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2016-03-09 16:20 - 2016-02-24 09:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe

2016-03-09 16:20 - 2016-02-24 08:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll

2016-03-09 16:20 - 2016-02-24 08:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll

2016-03-09 16:20 - 2016-02-24 08:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll

2016-03-09 16:20 - 2016-02-24 08:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll

2016-03-09 16:20 - 2016-02-24 08:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll

2016-03-09 16:20 - 2016-02-24 08:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll

2016-03-09 16:20 - 2016-02-24 08:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

2016-03-09 16:20 - 2016-02-24 08:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe

2016-03-09 16:20 - 2016-02-24 08:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll

2016-03-09 16:20 - 2016-02-24 08:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll

2016-03-09 16:20 - 2016-02-24 08:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll

2016-03-09 16:20 - 2016-02-24 08:23 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys

2016-03-09 16:20 - 2016-02-24 08:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll

2016-03-09 16:20 - 2016-02-24 08:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll

2016-03-09 16:20 - 2016-02-24 08:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll

2016-03-09 16:20 - 2016-02-24 08:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll

2016-03-09 16:20 - 2016-02-24 08:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll

2016-03-09 16:20 - 2016-02-24 08:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll

2016-03-09 16:20 - 2016-02-24 08:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll

2016-03-09 16:20 - 2016-02-24 08:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

2016-03-09 16:20 - 2016-02-24 08:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll

2016-03-09 16:20 - 2016-02-24 08:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll

2016-03-09 16:20 - 2016-02-24 08:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll

2016-03-09 16:20 - 2016-02-24 08:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll

2016-03-09 16:20 - 2016-02-24 08:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll

2016-03-09 16:20 - 2016-02-24 08:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll

2016-03-09 16:20 - 2016-02-24 08:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll

2016-03-09 16:20 - 2016-02-24 08:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll

2016-03-09 16:20 - 2016-02-24 08:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2016-03-09 16:20 - 2016-02-24 08:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll

2016-03-09 16:20 - 2016-02-24 08:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll

2016-03-09 16:20 - 2016-02-24 08:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2016-03-09 16:20 - 2016-02-24 08:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll

2016-03-09 16:20 - 2016-02-24 08:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll

2016-03-09 16:20 - 2016-02-24 08:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll

2016-03-09 16:20 - 2016-02-24 07:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll

2016-03-09 16:20 - 2016-02-24 07:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll

2016-03-09 16:20 - 2016-02-24 07:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll

2016-03-09 16:20 - 2016-02-24 07:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll

2016-03-09 16:20 - 2016-02-24 07:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll

2016-03-09 16:20 - 2016-02-24 07:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll

2016-03-09 16:20 - 2016-02-24 07:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll

2016-03-09 16:20 - 2016-02-24 07:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll

2016-03-09 16:20 - 2016-02-24 07:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll

2016-03-09 16:20 - 2016-02-24 07:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll

2016-03-09 16:20 - 2016-02-24 07:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll

2016-03-09 16:20 - 2016-02-24 07:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll

2016-03-09 16:20 - 2016-02-24 07:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll

2016-03-09 16:20 - 2016-02-24 07:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

2016-03-09 16:20 - 2016-02-24 07:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll

2016-03-09 16:20 - 2016-02-24 07:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll

2016-03-09 16:20 - 2016-02-24 07:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll

2016-03-09 16:20 - 2016-02-24 07:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll

2016-03-09 16:20 - 2016-02-24 07:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll

2016-03-09 16:20 - 2016-02-24 07:42 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys

2016-03-09 16:20 - 2016-02-24 07:42 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS

2016-03-09 16:20 - 2016-02-24 07:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll

2016-03-09 16:20 - 2016-02-24 07:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll

2016-03-09 16:20 - 2016-02-24 07:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll

2016-03-09 16:20 - 2016-02-24 07:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll

2016-03-09 16:20 - 2016-02-24 07:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

2016-03-09 16:20 - 2016-02-24 07:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll

2016-03-09 16:20 - 2016-02-24 07:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll

2016-03-09 16:20 - 2016-02-24 07:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll

2016-03-09 16:20 - 2016-02-24 07:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll

2016-03-09 16:20 - 2016-02-24 07:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll

2016-03-09 16:20 - 2016-02-24 07:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll

2016-03-09 16:20 - 2016-02-24 07:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll

2016-03-09 16:20 - 2016-02-24 07:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll

2016-03-09 16:20 - 2016-02-24 07:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll

2016-03-09 16:20 - 2016-02-24 07:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll

2016-03-09 16:20 - 2016-02-24 07:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll

2016-03-09 16:20 - 2016-02-24 07:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll

2016-03-09 16:20 - 2016-02-24 07:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll

2016-03-09 16:20 - 2016-02-24 07:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll

2016-03-09 16:20 - 2016-02-24 07:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll

2016-03-09 16:20 - 2016-02-24 07:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll

2016-03-09 16:20 - 2016-02-24 06:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll

2016-03-09 16:20 - 2016-02-24 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll

2016-03-09 16:14 - 2016-03-09 16:14 - 00000000 ____D C:\Program Files (x86)\{93780901-98B8-4B09-91CD-D21F53E54533}

2016-03-08 18:54 - 2016-03-08 18:55 - 00000000 ____D C:\Program Files\Intel

2016-03-08 18:54 - 2016-03-08 18:55 - 00000000 ____D C:\Program Files (x86)\Intel

2016-03-08 18:54 - 2016-03-08 18:54 - 00000000 ____D C:\ProgramData\Intel

2016-03-08 18:44 - 2016-03-08 18:44 - 00001769 _____ C:\WINDOWS\Language_trs.ini

2016-03-08 18:44 - 2016-03-08 18:44 - 00000000 ____D C:\Users\Thomas Angl\Intel

2016-03-08 18:38 - 2015-05-29 03:14 - 00886528 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys

2016-03-08 18:38 - 2015-05-29 03:14 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll

2016-03-08 18:02 - 2016-03-08 19:13 - 00000000 ____D C:\Program Files\Waterfox

2016-03-08 18:02 - 2016-03-08 18:02 - 00000984 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox.lnk

2016-03-08 18:02 - 2016-03-08 18:02 - 00000972 _____ C:\Users\Public\Desktop\Waterfox.lnk

2016-03-08 18:02 - 2016-03-08 18:02 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\Mozilla

2016-03-08 18:02 - 2016-03-08 18:02 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\Mozilla

2016-03-07 22:12 - 2016-03-07 22:12 - 00005120 _____ C:\WINDOWS\SysWOW64\energy32.dll

2016-03-07 20:50 - 2016-03-07 20:50 - 00000000 ____D C:\Users\Thomas Angl\Documents\My Games_drive

2016-03-07 20:47 - 2016-03-13 18:25 - 00000000 ____D C:\Users\Thomas Angl\Documents\Banished

2016-03-07 20:39 - 2016-03-07 20:39 - 00003035 _____ C:\Users\Thomas Angl\Desktop\Banished 64-bit.lnk

2016-03-07 20:39 - 2016-03-07 20:39 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shining Rock Software LLC

2016-03-07 20:39 - 2016-03-07 20:39 - 00000000 ____D C:\Program Files\Shining Rock Software LLC

2016-03-07 16:26 - 2016-03-16 18:14 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\PlaysTV

2016-03-07 16:26 - 2016-03-07 16:26 - 00000000 ____D C:\Program Files (x86)\Raptr Inc

2016-03-07 16:05 - 2016-03-07 16:05 - 00000000 ____D C:\Users\Thomas Angl\Documents\Steuer

2016-03-05 01:24 - 2016-03-05 02:14 - 00000000 ____D C:\Users\Thomas Angl\Desktop\Tk_Schramm

2016-03-04 18:28 - 2016-03-04 18:28 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET

2016-03-02 18:22 - 2016-03-02 18:22 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\Microsoft Help

2016-03-02 17:58 - 2016-02-23 12:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2016-03-02 17:58 - 2016-02-23 12:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2016-03-02 17:58 - 2016-02-23 12:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll

2016-03-02 17:58 - 2016-02-23 12:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2016-03-02 17:58 - 2016-02-23 12:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2016-03-02 17:58 - 2016-02-23 12:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

2016-03-02 17:58 - 2016-02-23 12:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2016-03-02 17:58 - 2016-02-23 12:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys

2016-03-02 17:58 - 2016-02-23 12:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll

2016-03-02 17:58 - 2016-02-23 12:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi

2016-03-02 17:58 - 2016-02-23 11:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll

2016-03-02 17:58 - 2016-02-23 11:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2016-03-02 17:58 - 2016-02-23 11:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll

2016-03-02 17:58 - 2016-02-23 11:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll

2016-03-02 17:58 - 2016-02-23 11:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2016-03-02 17:58 - 2016-02-23 11:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2016-03-02 17:58 - 2016-02-23 11:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll

2016-03-02 17:58 - 2016-02-23 11:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2016-03-02 17:58 - 2016-02-23 11:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll

2016-03-02 17:58 - 2016-02-23 11:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2016-03-02 17:58 - 2016-02-23 11:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll

2016-03-02 17:58 - 2016-02-23 11:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll

2016-03-02 17:58 - 2016-02-23 11:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2016-03-02 17:58 - 2016-02-23 11:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll

2016-03-02 17:58 - 2016-02-23 11:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll

2016-03-02 17:58 - 2016-02-23 11:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2016-03-02 17:58 - 2016-02-23 11:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll

2016-03-02 17:58 - 2016-02-23 11:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2016-03-02 17:58 - 2016-02-23 11:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys

2016-03-02 17:58 - 2016-02-23 10:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll

2016-03-02 17:58 - 2016-02-23 10:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys

2016-03-02 17:58 - 2016-02-23 10:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll

2016-03-02 17:58 - 2016-02-23 10:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2016-03-02 17:58 - 2016-02-23 10:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2016-03-02 17:58 - 2016-02-23 10:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll

2016-03-02 17:58 - 2016-02-23 10:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll

2016-03-02 17:58 - 2016-02-23 10:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2016-03-02 17:58 - 2016-02-23 10:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll

2016-03-02 17:58 - 2016-02-23 10:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll

2016-03-02 17:58 - 2016-02-23 10:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll

2016-03-02 17:58 - 2016-02-23 10:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2016-03-02 17:58 - 2016-02-23 10:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2016-03-02 17:58 - 2016-02-23 10:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2016-03-02 17:58 - 2016-02-23 10:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll

2016-03-02 17:58 - 2016-02-23 10:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS

2016-03-02 17:58 - 2016-02-23 10:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll

2016-03-02 17:58 - 2016-02-23 10:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys

2016-03-02 17:58 - 2016-02-23 10:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys

2016-03-02 17:58 - 2016-02-23 10:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll

2016-03-02 17:58 - 2016-02-23 10:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll

2016-03-02 17:58 - 2016-02-23 10:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll

2016-03-02 17:58 - 2016-02-23 10:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe

2016-03-02 17:58 - 2016-02-23 10:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll

2016-03-02 17:58 - 2016-02-23 10:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll

2016-03-02 17:58 - 2016-02-23 10:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys

2016-03-02 17:58 - 2016-02-23 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll

2016-03-02 17:58 - 2016-02-23 10:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll

2016-03-02 17:58 - 2016-02-23 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll

2016-03-02 17:58 - 2016-02-23 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2016-03-02 17:58 - 2016-02-23 09:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll

2016-03-02 17:58 - 2016-02-23 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe

2016-03-02 17:58 - 2016-02-23 09:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll

2016-03-02 17:58 - 2016-02-23 09:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys

2016-03-02 17:58 - 2016-02-23 09:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll

2016-03-02 17:58 - 2016-02-23 09:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll

2016-03-02 17:58 - 2016-02-23 09:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe

2016-03-02 17:58 - 2016-02-23 09:51 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys

2016-03-02 17:58 - 2016-02-23 09:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe

2016-03-02 17:58 - 2016-02-23 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll

2016-03-02 17:58 - 2016-02-23 09:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll

2016-03-02 17:58 - 2016-02-23 09:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll

2016-03-02 17:58 - 2016-02-23 09:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll

2016-03-02 17:58 - 2016-02-23 09:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll

2016-03-02 17:58 - 2016-02-23 09:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll

2016-03-02 17:58 - 2016-02-23 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll

2016-03-02 17:58 - 2016-02-23 09:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll

2016-03-02 17:58 - 2016-02-23 09:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll

2016-03-02 17:58 - 2016-02-23 09:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll

2016-03-02 17:58 - 2016-02-23 09:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll

2016-03-02 17:58 - 2016-02-23 09:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll

2016-03-02 17:58 - 2016-02-23 09:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll

2016-03-02 17:58 - 2016-02-23 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe

2016-03-02 17:58 - 2016-02-23 09:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll

2016-03-02 17:58 - 2016-02-23 09:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll

2016-03-02 17:58 - 2016-02-23 09:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2016-03-02 17:58 - 2016-02-23 09:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll

2016-03-02 17:58 - 2016-02-23 09:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe

2016-03-02 17:58 - 2016-02-23 09:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll

2016-03-02 17:58 - 2016-02-23 09:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll

2016-03-02 17:58 - 2016-02-23 09:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll

2016-03-02 17:58 - 2016-02-23 09:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll

2016-03-02 17:58 - 2016-02-23 09:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll

2016-03-02 17:58 - 2016-02-23 09:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2016-03-02 17:58 - 2016-02-23 09:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll

2016-03-02 17:58 - 2016-02-23 09:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv

2016-03-02 17:58 - 2016-02-23 09:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll

2016-03-02 17:58 - 2016-02-23 09:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll

2016-03-02 17:58 - 2016-02-23 09:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe

2016-03-02 17:58 - 2016-02-23 09:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll

2016-03-02 17:58 - 2016-02-23 09:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

2016-03-02 17:58 - 2016-02-23 09:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll

2016-03-02 17:58 - 2016-02-23 09:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll

2016-03-02 17:58 - 2016-02-23 09:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2016-03-02 17:58 - 2016-02-23 09:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll

2016-03-02 17:58 - 2016-02-23 09:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll

2016-03-02 17:58 - 2016-02-23 09:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll

2016-03-02 17:58 - 2016-02-23 09:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll

2016-03-02 17:58 - 2016-02-23 09:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll

2016-03-02 17:58 - 2016-02-23 09:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe

2016-03-02 17:58 - 2016-02-23 09:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll

2016-03-02 17:58 - 2016-02-23 09:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll

2016-03-02 17:58 - 2016-02-23 09:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

2016-03-02 17:58 - 2016-02-23 09:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll

2016-03-02 17:58 - 2016-02-23 09:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe

2016-03-02 17:58 - 2016-02-23 09:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys

2016-03-02 17:58 - 2016-02-23 09:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll

2016-03-02 17:58 - 2016-02-23 08:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll

2016-03-02 17:58 - 2016-02-23 08:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll

2016-03-02 17:58 - 2016-02-23 08:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll

2016-03-02 17:58 - 2016-02-23 08:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll

2016-03-02 17:58 - 2016-02-23 08:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll

2016-03-02 17:58 - 2016-02-23 08:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll

2016-03-02 17:58 - 2016-02-23 08:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll

2016-03-02 17:58 - 2016-02-23 08:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll

2016-03-02 17:58 - 2016-02-23 08:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll

2016-03-02 17:58 - 2016-02-23 08:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll

2016-03-02 17:58 - 2016-02-23 08:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll

2016-03-02 17:58 - 2016-02-23 08:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2016-03-02 17:58 - 2016-02-23 08:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll

2016-03-02 17:58 - 2016-02-23 08:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll

2016-03-02 17:58 - 2016-02-23 08:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll

2016-03-02 17:58 - 2016-02-23 08:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2016-03-02 17:58 - 2016-02-23 08:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv

2016-03-02 17:58 - 2016-02-23 08:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll

2016-03-02 17:58 - 2016-02-23 08:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2016-03-02 17:58 - 2016-02-23 08:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll

2016-03-02 17:58 - 2016-02-23 08:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll

2016-03-02 17:58 - 2016-02-23 08:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll

2016-03-02 17:58 - 2016-02-23 08:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll

2016-03-02 17:58 - 2016-02-23 08:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll

2016-03-02 17:58 - 2016-02-23 08:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2016-03-02 17:58 - 2016-02-23 08:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll

2016-03-02 17:58 - 2016-02-23 08:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll

2016-03-02 17:58 - 2016-02-23 08:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll

2016-03-02 17:58 - 2016-02-23 08:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll

2016-03-02 17:58 - 2016-02-23 08:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll

2016-03-02 17:58 - 2016-02-23 08:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll

2016-03-02 17:58 - 2016-02-23 08:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll

2016-03-02 17:58 - 2016-02-23 08:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll

2016-03-02 17:58 - 2016-02-23 08:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll

2016-03-02 17:58 - 2016-02-23 08:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll

2016-03-02 17:58 - 2016-02-23 08:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll

2016-03-02 17:58 - 2016-02-23 07:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2016-03-02 17:58 - 2016-02-23 07:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll

2016-03-02 17:58 - 2016-02-23 07:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll

2016-03-02 17:58 - 2016-02-23 07:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2016-03-02 17:58 - 2016-02-23 07:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2016-03-02 17:58 - 2016-02-23 07:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll

2016-03-02 17:58 - 2016-02-23 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2016-03-02 17:58 - 2016-02-23 07:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll

2016-03-02 17:58 - 2016-02-23 07:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2016-03-02 17:58 - 2016-02-23 07:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2016-03-02 17:58 - 2016-02-23 07:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll

2016-03-02 17:58 - 2016-02-23 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2016-03-02 17:58 - 2016-02-23 07:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2016-03-02 17:58 - 2016-02-23 07:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2016-03-02 17:58 - 2016-02-23 07:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2016-03-02 17:58 - 2016-02-23 07:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2016-03-02 17:58 - 2016-02-23 07:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll

2016-03-02 17:58 - 2016-02-23 07:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2016-03-02 17:58 - 2016-02-23 07:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2016-03-02 17:58 - 2016-02-23 07:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2016-03-02 17:58 - 2016-02-09 05:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys

2016-03-02 17:58 - 2016-02-09 05:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys

2016-03-02 17:58 - 2016-02-09 04:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2016-03-02 17:58 - 2016-02-09 04:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll

2016-03-02 17:58 - 2016-02-09 04:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll

2016-03-02 17:58 - 2016-02-09 04:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2016-03-02 17:58 - 2016-02-09 04:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe

2016-03-02 17:58 - 2016-02-09 04:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2016-03-02 17:58 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2016-03-02 17:58 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2016-03-02 17:58 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe

2016-03-02 17:58 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll

2016-03-02 17:58 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll

2016-03-02 17:58 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe

2016-03-02 17:58 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll

2016-03-02 17:58 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll

2016-03-02 17:58 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2016-03-02 17:58 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe

2016-03-02 17:58 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll

2016-03-02 17:58 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll

2016-03-02 17:58 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll

2016-03-02 17:58 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll

2016-03-02 17:58 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll

2016-03-02 17:58 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll

2016-03-02 17:58 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll

2016-03-02 17:58 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll

2016-03-02 17:58 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll

2016-03-02 17:58 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

2016-03-02 17:58 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll

2016-03-02 17:58 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll

2016-03-02 17:58 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys

2016-03-02 17:58 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll

2016-03-02 17:58 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2016-03-02 17:58 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2016-03-02 17:58 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll

2016-02-28 14:42 - 2016-02-28 14:42 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\DayZCommander

2016-02-28 14:42 - 2016-02-28 14:42 - 00000000 ____D C:\Program Files (x86)\Dotjosh Studios

2016-02-27 21:50 - 2016-02-27 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Resource Kit Tools

2016-02-27 21:50 - 2016-02-27 21:50 - 00000000 ____D C:\Program Files (x86)\Windows Resource Kits

2016-02-27 21:46 - 2016-02-27 21:46 - 00000000 ____D C:\Users\User\AppData\Local\ActiveSync

2016-02-27 21:45 - 2016-02-27 21:45 - 00002401 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2016-02-27 21:45 - 2016-02-27 21:45 - 00000020 ___SH C:\Users\Administrator\ntuser.ini

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\Vorlagen

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\Startmenü

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 ___RD C:\Users\User\OneDrive

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 ____D C:\Users\User\AppData\Roaming\Raptr

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 ____D C:\Users\User\AppData\Local\Logitech

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 ____D C:\Users\User\AppData\Local\AMD

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 ____D C:\Users\Administrator

2016-02-27 21:45 - 2016-01-02 11:10 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ATI

2016-02-27 21:45 - 2016-01-02 11:10 - 00000000 ____D C:\Users\Administrator\AppData\Local\ATI

2016-02-27 21:44 - 2016-02-27 21:44 - 00002513 _____ C:\Users\User\Desktop\Sicherer Zahlungsverkehr.lnk

2016-02-27 21:44 - 2016-02-27 21:44 - 00002345 _____ C:\Users\User\Desktop\Google Chrome.lnk

2016-02-27 21:44 - 2016-02-27 21:44 - 00000020 ___SH C:\Users\User\ntuser.ini

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\Vorlagen

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\Startmenü

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\Netzwerkumgebung

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\Lokale Einstellungen

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\Eigene Dateien

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\Druckumgebung

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\Documents\Eigene Videos

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\Documents\Eigene Musik

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\Documents\Eigene Bilder

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\AppData\Local\Verlauf

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\AppData\Local\Anwendungsdaten

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\Anwendungsdaten

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 ____D C:\Users\User\AppData\Local\VirtualStore

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 ____D C:\Users\User\AppData\Local\TileDataLayer

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 ____D C:\Users\User\AppData\Local\Publishers

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 ____D C:\Users\User\AppData\Local\Packages

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 ____D C:\Users\User\AppData\Local\Google

2016-02-27 21:44 - 2016-01-02 11:10 - 00000000 ____D C:\Users\User\AppData\Roaming\ATI

2016-02-27 21:44 - 2016-01-02 11:10 - 00000000 ____D C:\Users\User\AppData\Local\ATI

2016-02-27 21:36 - 2016-02-27 21:37 - 00000054 _____ C:\Users\Thomas Angl\Desktop\Test.bat

2016-02-27 21:08 - 2016-02-27 21:12 - 00000000 ____D C:\Users\Thomas Angl\AppData\LocalLow\Daybreak Game Company

2016-02-27 21:08 - 2016-02-27 21:08 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\SCE

2016-02-27 21:08 - 2016-02-27 21:08 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\Daybreak Game Company

2016-02-27 20:43 - 2016-02-27 20:43 - 00001046 _____ C:\Users\Public\Desktop\MiniTool Partition Wizard Free.lnk

2016-02-27 20:43 - 2016-02-27 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.1

2016-02-27 20:43 - 2016-02-27 20:43 - 00000000 ____D C:\Program Files\MiniTool Partition Wizard Free 9.1

2016-02-27 20:43 - 2015-08-11 12:22 - 03067392 _____ C:\WINDOWS\system32\pwNative.exe

2016-02-27 20:43 - 2013-09-30 15:26 - 00019152 ____N C:\WINDOWS\system32\pwdrvio.sys

2016-02-27 20:43 - 2013-09-30 15:26 - 00012504 ____N C:\WINDOWS\system32\pwdspio.sys

2016-02-27 20:04 - 2016-02-27 20:04 - 00000000 ____D C:\ProgramData\LockHunter

2016-02-27 19:47 - 2016-02-27 19:47 - 00000000 ____D C:\Users\Thomas Angl\AppData\LocalLow\uTorrent

2016-02-27 19:46 - 2016-02-27 19:46 - 00000903 _____ C:\Users\Thomas Angl\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk

2016-02-27 10:38 - 2016-02-27 10:38 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\LockHunter

2016-02-27 10:38 - 2016-02-27 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LockHunter

2016-02-27 10:38 - 2016-02-27 10:38 - 00000000 ____D C:\Program Files\LockHunter

2016-02-26 21:55 - 2016-02-27 00:06 - 00003106 _____ C:\Users\Thomas Angl\Desktop\vm_srv.cmd

2016-02-26 21:29 - 2016-02-26 21:36 - 00002475 _____ C:\Users\Thomas Angl\AppData\Local\Perfmon.PerfmonCfg

2016-02-22 19:31 - 2016-02-22 19:31 - 00000000 ____D C:\Users\Thomas Angl\.swt

2016-02-21 12:57 - 2016-02-26 22:03 - 00000026 _____ C:\Users\Thomas Angl\AppData\Local\isoworkshop.ini

2016-02-21 12:56 - 2016-02-21 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glorylogic

2016-02-21 12:56 - 2016-02-21 12:56 - 00000000 ____D C:\Program Files (x86)\Glorylogic

2016-02-21 12:52 - 2016-02-21 12:52 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\WinISO Computing

2016-02-21 12:52 - 2016-02-21 12:52 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\WinISO Computing

2016-02-21 12:51 - 2016-02-27 00:24 - 00000000 ____D C:\Program Files (x86)\WinISO Computing

2016-02-19 13:56 - 2016-02-19 13:56 - 00000222 _____ C:\Users\Thomas Angl\Desktop\Creativerse.url

2016-02-19 13:54 - 2016-02-19 13:54 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\.mono

2016-02-19 13:54 - 2016-02-19 13:54 - 00000000 ____D C:\Users\Thomas Angl\AppData\LocalLow\PlayfulCorp

2016-02-19 13:54 - 2016-02-19 13:54 - 00000000 ____D C:\ProgramData\.mono

2016-02-18 18:24 - 2016-02-18 18:24 - 00001388 _____ C:\Users\Public\Desktop\VMware vCenter Converter Standalone Client.lnk

2016-02-18 18:23 - 2016-02-18 18:24 - 00001024 _____ C:\.rnd

2016-02-18 18:07 - 2016-02-28 14:27 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\VMware

2016-02-18 18:07 - 2016-02-28 14:27 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\VMware

2016-02-18 18:06 - 2016-02-18 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware

2016-02-18 18:06 - 2016-02-18 18:06 - 01827630 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI

2016-02-18 18:06 - 2016-02-18 18:06 - 00001297 _____ C:\Users\Public\Desktop\VMware Workstation Pro.lnk

2016-02-18 18:06 - 2016-02-18 18:06 - 00001024 _____ C:\WINDOWS\SysWOW64\%TMP%

2016-02-18 18:06 - 2016-02-18 18:06 - 00000000 ____D C:\Program Files\Common Files\VMware

2016-02-18 18:06 - 2015-11-25 18:10 - 00934080 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll

2016-02-18 18:06 - 2015-11-25 18:10 - 00392896 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe

2016-02-18 18:06 - 2015-11-25 18:10 - 00358080 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe

2016-02-18 18:06 - 2015-11-25 18:10 - 00066752 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmx86.sys

2016-02-18 18:06 - 2015-11-25 18:10 - 00033472 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\VMkbd.sys

2016-02-18 18:06 - 2015-11-25 17:52 - 00026816 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetuserif.sys

2016-02-18 18:06 - 2015-11-06 11:57 - 00062160 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmusb.sys

2016-02-18 18:06 - 2015-11-06 11:57 - 00057536 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\hcmon.sys

2016-02-18 18:06 - 2015-11-05 19:25 - 00075512 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vsock.sys

2016-02-18 18:06 - 2015-11-05 19:25 - 00068288 _____ (VMware, Inc.) C:\WINDOWS\system32\vsocklib.dll

2016-02-18 18:06 - 2015-11-05 19:25 - 00064192 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vsocklib.dll

2016-02-18 18:05 - 2016-03-16 18:12 - 00000000 ____D C:\ProgramData\VMware

2016-02-18 18:05 - 2016-02-18 18:23 - 00000000 ____D C:\Program Files (x86)\VMware

2016-02-18 18:05 - 2016-02-18 18:05 - 00000000 ____D C:\Users\Public\Documents\Shared Virtual Machines

2016-02-18 17:45 - 2016-02-18 17:45 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\Outertech

2016-02-18 17:44 - 2016-02-18 17:44 - 00001193 _____ C:\Users\Thomas Angl\Desktop\Clipboard History.lnk

2016-02-18 17:44 - 2016-02-18 17:44 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Clipboard History

2016-02-18 17:44 - 2016-02-18 17:44 - 00000000 ____D C:\Program Files (x86)\ClipboardHistory
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-03-16 20:27 - 2015-12-25 15:03 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\NetSpeedMonitor

2016-03-16 19:45 - 2015-12-25 11:30 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2016-03-16 19:33 - 2016-01-02 23:33 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2016-03-16 18:53 - 2015-12-25 17:03 - 00000000 ____D C:\ProgramData\Kaspersky Lab

2016-03-16 18:18 - 2015-12-25 10:57 - 01807284 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2016-03-16 18:18 - 2015-10-30 19:35 - 00778208 _____ C:\WINDOWS\system32\perfh007.dat

2016-03-16 18:18 - 2015-10-30 19:35 - 00156548 _____ C:\WINDOWS\system32\perfc007.dat

2016-03-16 18:18 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF

2016-03-16 18:14 - 2016-01-16 09:35 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\Raptr

2016-03-16 18:14 - 2016-01-01 16:00 - 00000000 ____D C:\Users\Thomas Angl\Documents\Scan

2016-03-16 18:14 - 2015-12-29 14:15 - 00000936 __RSH C:\ProgramData\ntuser.pol

2016-03-16 18:14 - 2015-12-25 17:06 - 00000000 ____D C:\Program Files (x86)\Steam

2016-03-16 18:13 - 2015-12-25 11:30 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2016-03-16 18:13 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness

2016-03-16 18:13 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp

2016-03-16 18:12 - 2016-01-16 09:39 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files

2016-03-16 18:12 - 2015-12-29 03:43 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2016-03-16 17:45 - 2016-01-16 11:40 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\ftblauncher

2016-03-16 16:50 - 2015-12-29 03:39 - 00000000 ____D C:\Users\Thomas Angl

2016-03-16 16:19 - 2016-01-16 12:09 - 00000000 ____D C:\Feed the Beast

2016-03-16 16:06 - 2015-12-25 14:57 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\Telegram Desktop

2016-03-15 16:45 - 2015-12-25 11:30 - 00002285 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2016-03-15 16:27 - 2016-01-27 17:54 - 00000000 ____D C:\Program Files\Microsoft Office

2016-03-15 16:27 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2016-03-15 16:27 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

2016-03-15 16:22 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps

2016-03-15 16:20 - 2016-01-02 15:12 - 00000000 ____D C:\Games

2016-03-14 20:34 - 2015-12-26 15:29 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\vlc

2016-03-14 18:23 - 2016-01-01 18:53 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\JDownloader v2.0

2016-03-14 14:45 - 2015-12-25 17:03 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab

2016-03-12 13:26 - 2015-12-26 15:36 - 00000000 ____D C:\Program Files (x86)\TeamViewer

2016-03-11 20:30 - 2015-12-25 10:51 - 00002422 _____ C:\Users\Thomas Angl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2016-03-11 19:47 - 2016-02-10 16:00 - 00002136 _____ C:\Users\Public\Desktop\Google Slides.lnk

2016-03-11 19:47 - 2016-02-10 16:00 - 00002134 _____ C:\Users\Public\Desktop\Google Sheets.lnk

2016-03-11 19:47 - 2016-02-10 16:00 - 00002124 _____ C:\Users\Public\Desktop\Google Docs.lnk

2016-03-11 19:47 - 2016-02-10 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

2016-03-11 14:41 - 2016-01-01 16:09 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2016-03-09 19:22 - 2016-01-09 14:06 - 00007622 _____ C:\Users\Thomas Angl\AppData\Local\Resmon.ResmonCfg

2016-03-09 19:15 - 2015-12-29 03:38 - 00341328 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2016-03-09 19:14 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Portable Devices

2016-03-09 19:14 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform

2016-03-09 19:14 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices

2016-03-09 19:14 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform

2016-03-09 19:14 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI

2016-03-09 17:30 - 2015-12-25 15:08 - 00000000 ____D C:\WINDOWS\system32\MRT

2016-03-09 17:28 - 2015-12-25 15:08 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2016-03-08 19:14 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM

2016-03-08 19:09 - 2015-12-25 16:46 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys

2016-03-08 08:12 - 2015-10-30 08:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2016-03-08 08:12 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2016-03-07 20:44 - 2016-01-01 16:12 - 00000000 ____D C:\Users\Thomas Angl\Documents\_Dokumente

2016-03-07 14:32 - 2016-01-29 13:28 - 00000505 _____ C:\WINDOWS\wiso.ini

2016-03-07 14:32 - 2016-01-29 13:24 - 00000000 ____D C:\Program Files (x86)\Steuer 2015

2016-03-07 14:21 - 2015-12-25 10:49 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\Packages

2016-03-05 12:12 - 2015-12-26 15:36 - 00001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk

2016-03-05 12:12 - 2015-12-26 15:36 - 00001049 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk

2016-03-04 18:13 - 2015-09-10 06:44 - 00000000 __RHD C:\Users\Public\AccountPictures

2016-03-03 03:58 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache

2016-03-03 03:32 - 2016-01-09 15:54 - 00000000 ____D C:\Program Files\Unlocker

2016-03-03 03:32 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal

2016-03-03 03:32 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media

2016-03-03 03:32 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog

2016-03-03 03:32 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2016-03-03 03:32 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform

2016-03-03 03:32 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser

2016-03-03 03:32 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr

2016-03-03 03:32 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism

2016-03-03 03:32 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism

2016-03-01 18:04 - 2015-12-25 17:03 - 00927640 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys

2016-03-01 18:04 - 2015-06-06 08:51 - 00077728 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kldisk.sys

2016-02-27 10:30 - 2015-12-27 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free

2016-02-26 21:44 - 2015-12-29 03:39 - 00000000 ____D C:\ProgramData\Package Cache

2016-02-26 21:44 - 2015-12-29 03:39 - 00000000 ____D C:\Program Files\AMD

2016-02-26 21:38 - 2015-11-30 19:45 - 00000000 ____D C:\Users\Thomas Angl\Documents\Dreamspark

2016-02-26 21:32 - 2015-10-30 08:24 - 00000000 ____D C:\PerfLogs

2016-02-22 19:28 - 2015-12-29 12:48 - 00000000 ____D C:\Users\Thomas Angl\.oracle_jre_usage

2016-02-22 19:28 - 2015-12-29 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2016-02-22 19:28 - 2015-12-29 12:48 - 00000000 ____D C:\Program Files\Java

2016-02-22 19:27 - 2015-12-29 12:48 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll

2016-02-18 17:45 - 2015-12-29 03:44 - 00000020 ___SH C:\Users\Thomas Angl\ntuser.ini
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2016-02-21 12:57 - 2016-02-26 22:03 - 0000026 _____ () C:\Users\Thomas Angl\AppData\Local\isoworkshop.ini

2016-02-26 21:29 - 2016-02-26 21:36 - 0002475 _____ () C:\Users\Thomas Angl\AppData\Local\Perfmon.PerfmonCfg

2016-03-16 16:57 - 2016-03-16 16:57 - 0001514 _____ () C:\Users\Thomas Angl\AppData\Local\recently-used.xbel

2016-01-09 14:06 - 2016-03-09 19:22 - 0007622 _____ () C:\Users\Thomas Angl\AppData\Local\Resmon.ResmonCfg

2015-12-26 11:29 - 2015-12-26 11:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 

Einige Dateien in TEMP:

====================

C:\Users\Thomas Angl\AppData\Local\Temp\jansi-64.dll

C:\Users\Thomas Angl\AppData\Local\Temp\playstv_patch.exe

C:\Users\Thomas Angl\AppData\Local\Temp\proxy_vole2600196388475061269.dll

C:\Users\Thomas Angl\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
 
 

==================== Bamital & volsnap =================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert

C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert

C:\WINDOWS\explorer.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert

C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert

C:\WINDOWS\system32\services.exe => Datei ist digital signiert

C:\WINDOWS\system32\User32.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert

C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert

C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert

C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
 

LastRegBack: 2016-03-09 17:28
 

==================== Ende von FRST.txt ============================

--- --- ---

Code:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01

durchgeführt von Thomas Angl (2016-03-16 20:27:51)

Gestartet von C:\Users\Thomas Angl\Desktop

Windows 10 Pro Version 1511 (X64) (2015-12-29 02:44:48)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-1453454617-903515338-1349220620-500 - Administrator - Enabled) => C:\Users\Administrator

Administrator_TA (S-1-5-21-1453454617-903515338-1349220620-1003 - Administrator - Enabled)

DefaultAccount (S-1-5-21-1453454617-903515338-1349220620-503 - Limited - Disabled)

Freigabe_R (S-1-5-21-1453454617-903515338-1349220620-1007 - Limited - Enabled)

Freigabe_RW (S-1-5-21-1453454617-903515338-1349220620-1005 - Limited - Enabled)

Gast (S-1-5-21-1453454617-903515338-1349220620-501 - Limited - Disabled)

TA (S-1-5-21-1453454617-903515338-1349220620-1004 - Limited - Enabled) => C:\Users\TA

Thomas Angl (S-1-5-21-1453454617-903515338-1349220620-1001 - Administrator - Enabled) => C:\Users\Thomas Angl

User (S-1-5-21-1453454617-903515338-1349220620-1010 - Limited - Enabled) => C:\Users\User

___VMware_Conv_SA___ (S-1-5-21-1453454617-903515338-1349220620-1009 - Limited - Enabled)
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)

Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)

AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)

Arma 2 (HKLM-x32\...\Steam App 33900) (Version:  - Bohemia Interactive)

Arma 2: British Armed Forces (HKLM-x32\...\Steam App 65700) (Version:  - Bohemia Interactive)

Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version:  - Bohemia Interactive)

Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)

Arma 2: Operation Arrowhead Beta (Obsolete) (HKLM-x32\...\Steam App 219540) (Version:  - )

Arma 2: Private Military Company (HKLM-x32\...\Steam App 65720) (Version:  - Bohemia Interactive)

Astroburn Pro (HKLM-x32\...\Astroburn Pro) (Version: 3.2.0.0198 - Disc Soft Ltd)

Banished v1.0.4 64-bit (HKLM\...\{BF6CC00F-F4C4-4776-B9BD-0882FA92A899}) (Version: 1.0.4 - Shining Rock Software LLC)

BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)

BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)

Brother MFL-Pro Suite MFC-5890CN (HKLM-x32\...\{20E970DF-A7B2-4345-9DEB-72213A29645E}) (Version: 2.0.0.0 - Brother Industries, Ltd.)

Catalyst Control Center Next Localization BR (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization CHS (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization CHT (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization CS (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization DA (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization DE (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization EL (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization ES (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization FI (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization FR (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization HU (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization IT (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization JA (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization KO (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization NL (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization NO (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization PL (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization RU (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization SV (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization TH (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization TR (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)

Clipboard History (HKLM-x32\...\ClipboardHistory) (Version: 3.11 - Outertech)

Creativerse (HKLM-x32\...\Steam App 280790) (Version:  - Playful Corporation)

Crysis (HKLM-x32\...\Steam App 17300) (Version:  - Crytek)

Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version:  - Crytek Studios)

Crysis Warhead (HKLM-x32\...\Steam App 17330) (Version:  - Crytek)

Crysis Wars (HKLM-x32\...\Steam App 17340) (Version:  - Crytek)

Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)

Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)

Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)

Fractured Space (HKLM-x32\...\Steam App 310380) (Version:  - Edge Case Games Ltd.)

GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)

Git version 2.7.0 (HKLM\...\Git_is1) (Version: 2.7.0 - The Git Development Community)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)

Google Drive (HKLM-x32\...\{895D0391-459F-4D45-B8DD-13F0DE70C66E}) (Version: 1.28.1549.1322 - Google, Inc.)

Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden

Hardcopy (HKLM-x32\...\Hardcopy) (Version: 2015.12.01 - www.hardcopy.de)

Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)

Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)

ISO Workshop 6.1 (HKLM-x32\...\ISO Workshop_is1) (Version:  - Glorylogic)

Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)

JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)

Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{C706D102-D77E-4D45-B631-2A43C55F0F01}) (Version: 8.0.3.287 - Kaspersky Lab)

Kaspersky Password Manager (x32 Version: 8.0.3.287 - Kaspersky Lab) Hidden

Kaspersky Total Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)

Kaspersky Total Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden

LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version:  - Crystal Rich Ltd)

Manager (x32 Version: 4.0.1.25166 - 2015 pdfforge GmbH. All rights reserved) Hidden

Max Local Application (HKLM-x32\...\Max Local Application) (Version: 1.4.4 - ELV Elektronik AG)

Max Local Application (x32 Version: 1.4.4 - ELV Elektronik AG) Hidden

Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)

Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.6568.2036 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)

NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)

Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.9 - Black Tree Gaming)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)

NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)

Office 16 Click-to-Run Extensibility Component (Version: 16.0.6528.1017 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (Version: 16.0.6528.1017 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (Version: 16.0.6528.1017 - Microsoft Corporation) Hidden

Origin (HKLM-x32\...\Origin) (Version: 9.11.5.17432 - Electronic Arts, Inc.)

PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.26.25466 - pdfforge GmbH)

PDF Architect 4 Asian Fonts Pack (Version: 4.0.9.25450 - pdfforge GmbH) Hidden

PDF Architect 4 Create Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden

PDF Architect 4 Edit Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden

PDF Architect 4 Forms Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden

PDF Architect 4 Insert Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden

PDF Architect 4 View Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden

PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.8.11-r110387-release - Plays.tv, LLC)

Portal Knights (HKLM-x32\...\Steam App 374040) (Version:  - Keen Games)

Raptr (HKLM-x32\...\Raptr) (Version: 5.0.3-r110001-release - Raptr, Inc)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)

Rename Master (HKLM-x32\...\Rename Master_is1) (Version:  - )

Scrap Mechanic (HKLM\...\Steam App 387990) (Version:  - Axolot Games)

Sid Meier's Civilization V (HKLM-x32\...\Sid Meier's Civilization V_is1) (Version:  - )

Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 11.0.0.5 - Bioware/EA)

Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

Steuer 2015 (HKLM-x32\...\{E262CD3B-8825-4D56-AEF1-5E127F2FBB05}) (Version: 23.00.1146 - Buhl Data Service GmbH)

TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)

Telegram Desktop version 0.9.28 (HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.9.28 - Telegram Messenger LLP)

Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)

The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)

TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)

TreeSize Free V3.4.5 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.4.5 - JAM Software)

Tropico 4 (HKLM-x32\...\Steam App 57690) (Version:  - Haemimont Games)

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)

VMware vCenter Converter Standalone (HKLM-x32\...\{70487A14-885E-4203-80E6-6FE7AA5FDA8C}) (Version: 6.1.1.3533064 - VMware, Inc.)

VMware Workstation (HKLM\...\{0AD91785-F9BD-47FD-84F7-9E27B5A1853D}) (Version: 12.1.0 - VMware, Inc.)

Waterfox 44.0.3 (x64 en-US) (HKLM\...\Waterfox 44.0.3 (x64 en-US)) (Version: 44.0.3 - Mozilla)

Windows Resource Kit Tools (HKLM-x32\...\{FA237125-51FF-408C-8BB8-30C2B3DFFF9C}) (Version: 5.2.3790 - Microsoft Corporation)

WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

CustomCLSID: HKU\S-1-5-21-1453454617-903515338-1349220620-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Thomas Angl\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {0DDD7E65-CBE4-4C4C-9F62-ECB5F0E27BCF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-02-28] (Microsoft Corporation)

Task: {4698543C-C5A6-4914-B6F0-2DF32A8EA919} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-02-28] (Microsoft Corporation)

Task: {60185B40-7B78-4CCF-B0CD-1BD7FF5BEEF6} - System32\Tasks\hcdll2_ex_Win32 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe [2013-07-17] ()

Task: {61B0A5E6-1BA7-429C-813A-D66B242E6D7E} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2015-12-04] (Advanced Micro Devices, Inc.)

Task: {6565A6A9-90A0-47FE-9CD5-F07E6A8DB542} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-25] (Google Inc.)

Task: {7B138AD4-4633-46ED-8313-53664321AD98} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation)

Task: {829FEE8D-D9A6-46D7-BC5C-CF5F5BFAA6C8} - System32\Tasks\hcdll2_ex_x64 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe [2012-11-08] ()

Task: {85FC6483-D4A5-4881-9795-BAD44EF41A71} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)

Task: {8DCD7E5F-95D2-4953-AE24-136F82A16F4A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-25] (Google Inc.)

Task: {F10A6267-C35D-412B-8965-27A35178D1CB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-10] (Adobe Systems Incorporated)

Task: {FBFC8E3D-C5F4-46B0-A5F1-0686A00EF41C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-03-03] (Microsoft Corporation)
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Verknüpfungen =============================
 

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 

Shortcut: C:\Users\Thomas Angl\Desktop\Minecraft Server\1.7.10\_ServerStart.bat - Verknüpfung.lnk -> C:\Users\Thomas Angl\Desktop\Minecraft Server\1.7.10\KCauldron-1.7.10-1614.175\_ServerStart.bat ()
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll

2015-12-26 15:36 - 2016-03-02 11:39 - 00020240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll

2015-12-29 03:39 - 2015-12-25 10:52 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe

2016-01-09 15:59 - 2016-01-09 16:00 - 00149024 _____ () C:\WINDOWS\system32\DnsBlockUpdateSvc.exe

2016-01-27 17:54 - 2016-02-28 02:20 - 00173248 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll

2016-01-01 15:55 - 2005-04-22 13:36 - 00143360 ____N () C:\WINDOWS\system32\BrSNMP64.dll

2015-11-25 18:09 - 2015-11-25 18:09 - 12462784 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe

2016-03-02 17:58 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll

2016-01-10 03:10 - 2012-11-08 07:38 - 00044608 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe

2016-01-10 03:10 - 2015-03-20 07:24 - 00155616 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_45_x64.dll

2016-01-10 03:10 - 2013-07-17 16:03 - 00037880 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe

2016-03-02 17:58 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll

2015-12-29 03:36 - 2015-12-29 03:36 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll

2016-03-02 17:58 - 2016-02-23 09:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll

2016-01-13 13:12 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll

2016-01-13 13:12 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2016-01-28 18:40 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll

2016-01-28 18:40 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll

2015-11-20 22:41 - 2015-11-20 22:41 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll

2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll

2015-11-20 22:41 - 2015-11-20 22:41 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll

2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll

2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll

2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll

2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll

2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll

2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll

2016-01-01 15:55 - 2012-09-25 11:26 - 01163264 ____N () C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe

2016-03-15 16:25 - 2016-02-28 11:18 - 01402056 _____ () C:\Program Files\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll

2016-01-22 18:01 - 2016-01-22 18:01 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe

2016-01-21 18:06 - 2016-01-21 18:06 - 03746816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe

2015-12-25 11:13 - 2015-12-25 11:13 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll

2016-03-05 15:20 - 2016-03-05 15:20 - 00016384 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

2016-03-05 15:20 - 2016-03-05 15:20 - 16062976 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll

2016-03-05 15:20 - 2016-03-05 15:20 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll

2016-03-10 20:33 - 2016-03-10 20:33 - 26727616 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll

2015-12-29 03:39 - 2016-03-16 18:12 - 00034448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll

2015-12-29 03:39 - 2015-12-25 10:52 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll

2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\kpcengine.2.3.dll

2015-11-24 21:48 - 2015-11-24 21:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd

2015-11-24 21:46 - 2015-11-24 21:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll

2015-11-24 21:48 - 2015-11-24 21:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd

2015-11-24 21:48 - 2015-11-24 21:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd

2015-11-24 21:43 - 2015-11-24 21:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd

2015-11-24 21:48 - 2015-11-24 21:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd

2015-11-24 21:48 - 2015-11-24 21:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd

2015-11-24 21:48 - 2015-11-24 21:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd

2015-11-24 21:43 - 2015-11-24 21:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd

2015-11-24 21:43 - 2015-11-24 21:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd

2015-11-24 21:43 - 2015-11-24 21:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd

2015-11-24 21:46 - 2015-11-24 21:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll

2015-11-24 21:48 - 2015-11-24 21:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd

2015-11-24 21:47 - 2015-11-24 21:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd

2015-12-07 21:57 - 2015-12-07 21:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd

2015-11-24 21:47 - 2015-11-24 21:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd

2015-11-24 21:47 - 2015-11-24 21:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd

2015-11-24 21:47 - 2015-11-24 21:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd

2015-11-24 21:43 - 2015-11-24 21:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd

2016-02-09 02:43 - 2016-02-09 02:43 - 00191704 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\LIBEXPAT.dll

2016-02-09 02:43 - 2016-02-09 02:43 - 00388824 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\ssoClient.dll

2016-02-09 02:41 - 2016-02-09 02:41 - 00542936 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\sqlite3.dll

2016-02-09 02:41 - 2016-02-09 02:41 - 01301720 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\libxml2.dll

2016-02-09 02:44 - 2016-02-09 02:44 - 00086744 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\mspack.dll

2015-11-25 18:09 - 2015-11-25 18:09 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll

2015-11-25 18:09 - 2015-11-25 18:09 - 00165056 _____ () C:\Program Files (x86)\VMware\VMware Workstation\nfc-types.dll

2015-11-25 18:09 - 2015-11-25 18:09 - 00191680 _____ () C:\Program Files (x86)\VMware\VMware Workstation\LIBEXPAT.dll

2015-11-25 18:09 - 2015-11-25 18:09 - 00388800 _____ () C:\Program Files (x86)\VMware\VMware Workstation\ssoClient.dll

2016-01-10 03:10 - 2012-07-05 14:56 - 00052800 _____ () C:\Program Files (x86)\Hardcopy\hardcopy_05.dll

2016-01-10 03:10 - 2015-03-20 07:24 - 00141792 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_45_Win32.dll

2015-12-25 17:07 - 2016-02-10 02:17 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll

2015-12-25 17:07 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll

2015-12-25 17:07 - 2016-03-10 20:02 - 02547792 _____ () C:\Program Files (x86)\Steam\video.dll

2015-12-25 17:07 - 2016-02-09 00:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll

2015-12-25 17:07 - 2016-02-09 00:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll

2015-12-25 17:07 - 2016-02-09 00:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll

2015-12-25 17:07 - 2016-02-09 00:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll

2015-12-25 17:07 - 2016-02-09 00:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll

2015-12-25 17:07 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll

2015-12-25 17:07 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll

2015-12-25 17:07 - 2016-03-10 20:02 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL

2016-03-09 16:09 - 2016-02-17 23:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll

2016-03-16 18:14 - 2016-03-16 18:14 - 00098816 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\win32api.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00110080 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\pywintypes27.dll

2016-03-16 18:14 - 2016-03-16 18:14 - 00364544 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\pythoncom27.dll

2016-03-16 18:14 - 2016-03-16 18:14 - 00320512 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\win32com.shell.shell.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00776704 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\_hashlib.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 01176576 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\wx._core_.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00806400 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\wx._gdi_.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00816128 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\wx._windows_.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 01067008 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\wx._controls_.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00733184 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\wx._misc_.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00682496 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\pysqlite2._sqlite.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00088064 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\_ctypes.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00119808 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\win32file.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00108544 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\win32security.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00007168 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\hashobjs_ext.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00017920 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\thumbnails_ext.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00088064 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\usb_ext.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00167936 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\win32gui.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00018432 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\win32event.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00046080 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\_socket.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 01208320 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\_ssl.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00128512 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\_elementtree.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00127488 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\pyexpat.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00013824 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\common.time34.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00038912 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\win32inet.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00036864 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\_psutil_windows.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00525208 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\windows._lib_cacheinvalidation.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00011264 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\win32crypt.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00077312 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\wx._html2.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00027136 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\_multiprocessing.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00020480 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\_yappi.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00035840 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\win32process.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00686080 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\unicodedata.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00078848 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\wx._animate.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00123392 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\wx._wizard.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00024064 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\win32pipe.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00010240 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\select.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00025600 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\win32pdh.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00017408 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\win32profile.pyd

2016-03-16 18:14 - 2016-03-16 18:14 - 00022528 _____ () C:\Users\Thomas Angl\AppData\Local\Temp\_MEI82482\win32ts.pyd

2010-11-22 14:26 - 2010-11-22 14:26 - 00047880 _____ () C:\Program Files (x86)\ClipboardHistory\ClipboardHotkey.dll

2016-01-01 15:55 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

2016-01-10 03:10 - 2015-11-25 16:42 - 03654112 _____ () C:\Program Files (x86)\Hardcopy\HcDllS.dll

2010-11-22 23:56 - 2010-11-22 23:56 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd

2010-11-22 23:56 - 2010-11-22 23:56 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd

2010-11-22 23:56 - 2010-11-22 23:56 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd

2014-05-14 00:26 - 2014-05-14 00:26 - 05812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd

2014-05-14 00:26 - 2014-05-14 00:26 - 00067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd

2014-05-14 00:26 - 2014-05-14 00:26 - 01662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd

2014-05-14 00:26 - 2014-05-14 00:26 - 00494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd

2010-11-22 23:57 - 2010-11-22 23:57 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd

2010-11-22 23:56 - 2010-11-22 23:56 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll

2010-11-22 23:56 - 2010-11-22 23:56 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd

2010-11-22 23:56 - 2010-11-22 23:56 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd

2010-11-22 23:57 - 2010-11-22 23:57 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd

2010-11-22 23:57 - 2010-11-22 23:57 - 00111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd

2010-11-22 23:56 - 2010-11-22 23:56 - 00044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd

2011-02-15 19:17 - 2011-02-15 19:17 - 00417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll

2010-11-22 23:57 - 2010-11-22 23:57 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd

2014-05-14 00:26 - 2014-05-14 00:26 - 00313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd

2010-11-22 23:56 - 2010-11-22 23:56 - 00127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd

2010-11-22 23:56 - 2010-11-22 23:56 - 00009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd

2015-10-21 21:29 - 2015-10-21 21:29 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll

2015-10-21 21:29 - 2015-10-21 21:29 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll

2010-11-22 23:56 - 2010-11-22 23:56 - 00583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd

2010-11-22 23:56 - 2010-11-22 23:56 - 00324608 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PIL._imaging.pyd

2015-06-27 00:09 - 2015-06-27 00:09 - 00271872 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\amd_ags.dll

2010-11-22 23:57 - 2010-11-22 23:57 - 00024064 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32pipe.pyd

2010-11-22 23:56 - 2010-11-22 23:56 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pythoncom26.dll

2010-11-22 23:57 - 2010-11-22 23:57 - 00263168 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32com.shell.shell.pyd

2010-11-22 23:57 - 2010-11-22 23:57 - 00141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd

2016-01-26 00:08 - 2016-01-26 00:08 - 02717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd

2011-02-15 19:17 - 2011-02-15 19:17 - 01213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll

2010-11-23 00:06 - 2010-11-23 00:06 - 00055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll

2013-05-10 00:52 - 2013-05-10 00:52 - 00495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll

2013-05-10 00:52 - 2013-05-10 00:52 - 01183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll

2013-05-10 00:52 - 2013-05-10 00:52 - 00483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll

2013-05-03 19:57 - 2013-05-03 19:57 - 00655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll

2013-05-03 19:56 - 2013-05-03 19:56 - 01306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll

2013-05-03 19:56 - 2013-05-03 19:56 - 00565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll

2013-05-03 19:57 - 2013-05-03 19:57 - 01640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll

2013-05-03 19:56 - 2013-05-03 19:56 - 00506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll

2013-05-03 19:57 - 2013-05-03 19:57 - 01053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll

2013-05-03 19:57 - 2013-05-03 19:57 - 00497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll

2013-05-03 19:57 - 2013-05-03 19:57 - 00603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll

2013-05-03 19:57 - 2013-05-03 19:57 - 00474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll

2015-12-25 17:07 - 2016-02-09 02:33 - 48400672 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

2015-06-24 01:07 - 2015-06-24 01:07 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

2016-01-22 18:01 - 2016-01-22 18:01 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll

2016-01-22 18:01 - 2016-01-22 18:01 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 

AlternateDataStreams: C:\WINDOWS\system32\DnsBlockUpdateSvc.exe:IID [16]

AlternateDataStreams: C:\Users\Thomas Angl\ntuser.ini:ch2_encryption_d [50]
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 
 

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 
 

==================== Hosts Inhalt: ===============================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2015-07-30 23:42 - 2015-07-30 23:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg

DNS Servers: 192.168.178.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\StartupApproved\StartupFolder: => "CLIPOM~2.EXE - Verknüpfung.lnk"

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\StartupApproved\Run: => "Clipomatic"

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\StartupApproved\Run: => "BitComet"
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

FirewallRules: [{227ECB61-E3EA-4771-80F5-3F4F3DA3281E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{2F147B6D-245B-420A-8537-96D497647720}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{B12BE541-3855-46DC-93F3-34A848582BDF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{A908B620-B966-4BA2-AD39-C7D5C692331C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [UDP Query User{1EAE7E43-9822-4E32-8E64-03DEE7B546F0}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe

FirewallRules: [TCP Query User{3DCA2783-572F-4535-883B-6001A494F679}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe

FirewallRules: [{E69D7CCE-103D-4DED-9C6D-8A035BC66ABA}] => (Allow) LPort=62910

FirewallRules: [{F2B5C367-5736-4C00-AA7B-C24A76F7E170}] => (Allow) LPort=23272

FirewallRules: [{2D9D1FE5-FB44-4DE1-8CE9-13EE451F7226}] => (Allow) LPort=23272

FirewallRules: [{2472BEDE-198D-4081-BC17-576428CBB45E}] => (Allow) LPort=62910

FirewallRules: [{2C0DDC06-9DC1-414B-B46E-DF0B0C031E12}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08y\FAXRX.exe

FirewallRules: [{04490791-D0EA-49CD-837B-A3C135EDD055}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08y\FAXRX.exe

FirewallRules: [{FB941E40-C676-4EDE-B78F-C4CF327B5AEC}] => (Allow) LPort=54925

FirewallRules: [{2D837E7B-D7B8-4C12-B548-F9E4BD755E4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe

FirewallRules: [{3CC0954D-A134-4148-A507-478789F7E417}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe

FirewallRules: [{41E128B1-8331-4BD2-965B-474FA0A01838}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Anno 2070\Anno5.exe

FirewallRules: [{B390C7E7-AF2B-4209-943F-605F46D501F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Anno 2070\Anno5.exe

FirewallRules: [{A9C79589-31DB-4223-9F47-AE16C07C2D7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe

FirewallRules: [{F3719327-742E-4F9E-8F73-3B462C9E0A7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe

FirewallRules: [{571B5F20-B5E7-479D-BC07-59965A7F61B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 4\Tropico4.exe

FirewallRules: [{25DD0491-7D38-4690-892F-590213D34394}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 4\Tropico4.exe

FirewallRules: [{9BAC9A96-C637-4AE0-808D-686A62B9F064}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe

FirewallRules: [{5F9C0958-77A6-4988-B056-8E0E5B5F3D05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe

FirewallRules: [{AF7549E6-83BB-4117-8754-72BB1074FC44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe

FirewallRules: [{9071E3EB-C711-4660-8E99-70FF391A2742}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe

FirewallRules: [{281C655D-AF35-4F70-8EF1-ECE054E7C8C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe

FirewallRules: [{768CDFF2-60D5-4A61-8729-80421922B029}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe

FirewallRules: [{4F655F40-27DA-4018-B604-72AB4C9CAFA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis Wars\Bin32\Crysis.exe

FirewallRules: [{683390BE-7A27-43CA-A30D-CDA842A4BB92}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis Wars\Bin32\Crysis.exe

FirewallRules: [{E760056F-8376-4679-A03A-D6080A19BABE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis Warhead\Bin32\Crysis.exe

FirewallRules: [{39F158BC-AB69-44AC-8680-68E582A772D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis Warhead\Bin32\Crysis.exe

FirewallRules: [{B5E8F8F4-2EDE-4913-8D9C-3EFD250EDF66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis\Bin32\Crysis.exe

FirewallRules: [{048F4B24-A3A3-4C7B-BD3E-030EDB8554AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis\Bin32\Crysis.exe

FirewallRules: [{5A4AC177-E860-4FE2-8D7E-DCB6F45FB898}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe

FirewallRules: [{660AC0AA-68AE-4568-9A72-1C57E2BF03AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe

FirewallRules: [{2B430EA9-9B2B-4101-8431-63EAEDA97859}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARMA 2 Operation Arrowhead\DLCsetup\PMC\datacachepreprocessor.exe

FirewallRules: [{DA07C10C-BE60-4383-8549-71371BD03938}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARMA 2 Operation Arrowhead\DLCsetup\PMC\datacachepreprocessor.exe

FirewallRules: [{13AF669D-C660-41A9-BCDB-F4D8153B3F50}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARMA 2 Operation Arrowhead\Expansion\beta\Arma2OA.exe

FirewallRules: [{4CD46B4E-C812-4B87-8209-42E428AEDF0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARMA 2 Operation Arrowhead\Expansion\beta\Arma2OA.exe

FirewallRules: [{DD37A259-E142-4077-8D64-DB302D203037}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARMA 2 Operation Arrowhead\ArmA2OA_BE.exe

FirewallRules: [{B18E54A0-ED1D-43E4-B86D-DD9B87D44DBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARMA 2 Operation Arrowhead\ArmA2OA_BE.exe

FirewallRules: [{168F1D6C-FFBA-41AC-8AF6-581BD74E3464}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARMA 2 Operation Arrowhead\ArmA2OA.exe

FirewallRules: [{4057D1DD-7A3C-4B14-ABA0-34B0AF0D5348}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARMA 2 Operation Arrowhead\ArmA2OA.exe

FirewallRules: [{610BFF2F-3292-4F6B-8D98-97A48753B2DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARMA 2 Operation Arrowhead\DLCsetup\ACR\datacachepreprocessor.exe

FirewallRules: [{B8D0B30B-FE13-4436-B935-D76CE5BE07BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARMA 2 Operation Arrowhead\DLCsetup\ACR\datacachepreprocessor.exe

FirewallRules: [{2C6425A0-0E7F-4248-983C-A635EF4779C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARMA 2 Operation Arrowhead\DLCsetup\BAF\datacachepreprocessor.exe

FirewallRules: [{3BD55DE2-8794-4593-8493-CA2DCA43D3AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARMA 2 Operation Arrowhead\DLCsetup\BAF\datacachepreprocessor.exe

FirewallRules: [{2CA9C7FE-0B7D-4B78-8247-FE780ED2A7DA}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe

FirewallRules: [{6A94241C-B15B-4057-ADC7-B953029D2FF6}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe

FirewallRules: [{71A3BBB9-C709-4F6E-97D7-63B09E4E15C2}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe

FirewallRules: [{02F2383F-74E1-41D3-925A-8240F0D23EBC}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe

FirewallRules: [{A52F004C-A07D-456A-8839-62DE909AEF56}] => (Allow) C:\Games\Star Wars-The Old Republic\launcher.exe

FirewallRules: [{C0ED08CA-FF2E-492A-A2D2-3BADE49D3F9E}] => (Allow) C:\Games\Star Wars-The Old Republic\launcher.exe

FirewallRules: [{22CDFE49-F062-4AD3-AB56-461B94005334}] => (Allow) C:\Games\Star Wars-The Old Republic\launcher.exe

FirewallRules: [{C9743769-58DD-44AD-8DA8-8E428C220E9F}] => (Allow) C:\Games\Star Wars-The Old Republic\launcher.exe

FirewallRules: [{C0532531-BE56-4F45-9B99-57FA8AC595AF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe

FirewallRules: [{ABF4BA14-E17F-463B-B822-3D8BD2BDD192}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe

FirewallRules: [{4E9DFBF8-B05F-40ED-9E77-3665DEA30E01}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe

FirewallRules: [{30A3C6C8-34AD-4492-A188-0C3B5F13B325}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe

FirewallRules: [{B08553F2-F6B8-4992-975F-03EE8E64748B}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe

FirewallRules: [{8874789B-09EB-45D4-90E4-012CB361A025}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe

FirewallRules: [{8B95B3F2-AFBE-4236-9935-473CFA96CD4E}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe

FirewallRules: [{30D73ECC-83A0-47BD-A911-83522A759DFC}] => (Allow) LPort=9089

FirewallRules: [{DA19F5EA-9FB6-4159-A19D-F9D4DF7ABC3F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Creativerse\Creativerse.exe

FirewallRules: [{5F55D7E4-229D-4B09-B70C-302E0427553D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Creativerse\Creativerse.exe

FirewallRules: [{BC37847F-4497-4636-99C7-B8DFE38F1E40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal Knights\portal_knights_x64.exe

FirewallRules: [{47E3A83D-D80D-4546-B7CD-A7037DA29796}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal Knights\portal_knights_x64.exe

FirewallRules: [{B84FC4E8-746C-4FB2-9934-008FF66CF37E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{1678EDFB-7D52-4150-BC2E-EE54DF44511C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{5458CD84-4420-401D-8BB5-33459C8ED665}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{DBD79EB3-49D8-4238-9FE3-D066D090CECB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{824963FD-CF18-4870-A825-A155D442B215}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe

FirewallRules: [{7D0CF10D-6EE8-4BEE-8CBE-7D8C930262DD}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe

FirewallRules: [{D5C5BAFB-564B-44BF-835E-C20C13AEBFE8}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe

FirewallRules: [{F736B10C-777E-4B8E-90CB-EEDAD893CB59}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe

FirewallRules: [{1BFF3870-7FD1-4675-A477-ECFA2274BADE}] => (Allow) C:\Program Files\Waterfox\waterfox.exe

FirewallRules: [{3C2527EA-F5C1-4662-9354-DCB3ED0E806F}] => (Allow) C:\Program Files\Waterfox\waterfox.exe

FirewallRules: [{C7D0D125-806F-4FB8-893B-0A9463454B19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scrap Mechanic\Release\ScrapMechanic.exe

FirewallRules: [{EDBC921D-8478-487B-9AC2-7C202A980DE0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scrap Mechanic\Release\ScrapMechanic.exe

FirewallRules: [{E1F839E9-ECDE-4B15-9CB7-4F4B48FFB841}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe

FirewallRules: [{26E31931-A431-44A0-A5AF-7F1673E97D9B}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe

FirewallRules: [{0D76BAF4-14EE-410F-B3E3-44412C156F88}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{3B5269C7-08BD-491F-9209-5B9670BB534E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe

FirewallRules: [{50B9CDFD-648E-444C-A394-1509789D7FC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
 

==================== Wiederherstellungspunkte =========================
 

27-02-2016 21:50:08 Installed Windows Resource Kit Tools

02-03-2016 18:00:21 Windows Update

02-03-2016 18:00:32 Windows Update

07-03-2016 20:39:44 Installed Banished v1.0.4 64-bit

10-03-2016 20:58:04 Windows Update
 

==================== Fehlerhafte Geräte im Gerätemanager =============
 
 

==================== Fehlereinträge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (03/16/2016 06:38:18 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 10.1.2123.10, Zeitstempel: 0x569054dc

Name des fehlerhaften Moduls: SkyWrap.dll, Version: 10.1.2123.10, Zeitstempel: 0x569054c9

Ausnahmecode: 0xc0000005

Fehleroffset: 0x00ac6197

ID des fehlerhaften Prozesses: 0x1860

Startzeit der fehlerhaften Anwendung: 0xSkypeHost.exe0

Pfad der fehlerhaften Anwendung: SkypeHost.exe1

Pfad des fehlerhaften Moduls: SkypeHost.exe2

Berichtskennung: SkypeHost.exe3

Vollständiger Name des fehlerhaften Pakets: SkypeHost.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkypeHost.exe5
 

Error: (03/16/2016 04:03:37 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )

Description: Subscription licensing service failed: -1073418220
 

Error: (03/15/2016 04:26:43 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: TA-PC)

Description: Die Anwendung oder der Dienst "Microsoft Office Document Cache Sync Client Interface" konnte nicht heruntergefahren werden.
 

Error: (03/15/2016 04:24:40 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )

Description: Subscription licensing service failed: -1073418220
 

Error: (03/14/2016 08:15:26 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm ScrapMechanic.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 2540
 

Startzeit: 01d17e256a600299
 

Beendigungszeit: 52
 

Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Scrap Mechanic\Release\ScrapMechanic.exe
 

Berichts-ID: 198fd31a-ea19-11e5-8d9a-d850e6bda1ae
 

Vollständiger Name des fehlerhaften Pakets: 
 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:
 

Error: (03/14/2016 08:12:01 PM) (Source: BugSplat) (EventID: 1) (User: )

Description: scrap_mechanicScrapMechanic89539
 

Error: (03/14/2016 02:47:07 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )

Description: Subscription licensing service failed: -1073418220
 

Error: (03/13/2016 06:18:22 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm Steam.exe, Version 3.33.99.41 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 257c
 

Startzeit: 01d17bf34168036d
 

Beendigungszeit: 4294967295
 

Anwendungspfad: C:\Program Files (x86)\Steam\Steam.exe
 

Berichts-ID: 95cc06eb-e93f-11e5-8d9a-d850e6bda1ae
 

Vollständiger Name des fehlerhaften Pakets: 
 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:
 

Error: (03/13/2016 05:51:27 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )

Description: Subscription licensing service failed: -1073418220
 

Error: (03/12/2016 12:32:00 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm TeamViewer.exe, Version 11.0.56083.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 1d74
 

Startzeit: 01d17c525e062e57
 

Beendigungszeit: 4294967295
 

Anwendungspfad: C:\Program Files (x86)\TeamViewer\TeamViewer.exe
 

Berichts-ID: 0871b22a-e846-11e5-8d9a-d850e6bda1ae
 

Vollständiger Name des fehlerhaften Pakets: 
 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:
 
 

Systemfehler:

=============

Error: (03/16/2016 07:04:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
 

Error: (03/16/2016 06:12:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "PDF Architect 4 Manager" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%2
 

Error: (03/16/2016 06:12:29 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: Das System wurde zuvor am ‎16.‎03.‎2016 um 18:01:32 unerwartet heruntergefahren.
 

Error: (03/15/2016 06:20:13 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
 

Error: (03/14/2016 09:58:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
 

Error: (03/14/2016 03:42:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
 

Error: (03/14/2016 02:38:35 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)

Description: In der Dateisystemstruktur auf Volume "O:" wurde eine Beschädigung erkannt.
 

In einer Indexstruktur des Dateisystems wurde eine Beschädigung gefunden. Die Dateireferenznummer ist 0x40000000006ab. Der Name der Datei ist "\Schule\TM\GameData\Vehicles\Media\Texture\Image". Das Attribut des beschädigten Indexes ist ":$I30:$INDEX_ALLOCATION".
 

Error: (03/14/2016 02:38:35 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)

Description: In der Dateisystemstruktur auf Volume "O:" wurde eine Beschädigung erkannt.
 

In einer Indexstruktur des Dateisystems wurde eine Beschädigung gefunden. Die Dateireferenznummer ist 0x4000000000683. Der Name der Datei ist "\Schule\TM\GameData\Vehicles\Media\Audio\Sound\WavData". Das Attribut des beschädigten Indexes ist ":$I30:$INDEX_ALLOCATION".
 

Error: (03/14/2016 02:38:35 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)

Description: In der Dateisystemstruktur auf Volume "O:" wurde eine Beschädigung erkannt.
 

In einer Indexstruktur des Dateisystems wurde eine Beschädigung gefunden. Die Dateireferenznummer ist 0x4000000000615. Der Name der Datei ist "\Schule\TM\GameData\Tracks\Campaigns\Nations\Red". Das Attribut des beschädigten Indexes ist ":$I30:$INDEX_ALLOCATION".
 

Error: (03/14/2016 02:38:35 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)

Description: In der Dateisystemstruktur auf Volume "O:" wurde eine Beschädigung erkannt.
 

In einer Indexstruktur des Dateisystems wurde eine Beschädigung gefunden. Die Dateireferenznummer ist 0x40000000005f6. Der Name der Datei ist "\Schule\TM\GameData\Tracks\Campaigns\Nations\Green". Das Attribut des beschädigten Indexes ist ":$I30:$INDEX_ALLOCATION".
 
 

CodeIntegrity:

===================================

  Date: 2016-03-16 18:23:28.500

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-03-15 16:27:18.456

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-03-11 14:50:48.457

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-03-09 19:15:21.854

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-03-03 03:33:18.527

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-03-02 18:05:30.988

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-02-23 16:00:42.361

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-02-22 16:35:52.286

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-02-19 13:55:27.949

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-02-18 18:06:25.330

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: Intel(R) Xeon(R) CPU E3-1230 v3 @ 3.30GHz

Prozentuale Nutzung des RAM: 23%

Installierter physikalischer RAM: 16321.93 MB

Verfügbarer physikalischer RAM: 12447.17 MB

Summe virtueller Speicher: 18753.93 MB

Verfügbarer virtueller Speicher: 13541.91 MB
 

==================== Laufwerke ================================
 

Drive c: (Samsung_Evo_850_Win10) (Fixed) (Total:465.27 GB) (Free:216.69 GB) NTFS

Drive d: (Daten) (Fixed) (Total:1647.79 GB) (Free:839.23 GB) NTFS

Drive e: (HDD_Win10) (Fixed) (Total:215.22 GB) (Free:129.71 GB) NTFS
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 1167D80A)

Partition 1: (Not Active) - (Size=1863 GB) - (Type=42)
 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7B839F81)

Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=465.3 GB) - (Type=07 NTFS)
 

==================== Ende von Addition.txt ============================

Zitat:

Prozessor: Intel(R) Xeon(R) CPU E3-1230 v3 @ 3.30GHz

Xeon-CPU...:wtf:..ist das ein gewerblich genutztes System?

Nein Das System ist ausschließlich in privater Nutzung.
Aber der xeon ist eine günstige Alternative zu einem der Intel-I Prozessoren.

wenn du meinst xD

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Zitat:

wenn du meinst xD

:wtf: findest du nicht? xD

Ich finde einen 4 Kerner mit Hyperthreading und 3,3 Ghz für ca 180€ ein guter Alternative zu einem i7.
Man muss bedenken dass ich das System vor 2 Jahren erstellt habe, natürlich ist dieser Xeon dann nicht mehr mit aktuellen Prozessoren von Intel (Skylake) zu vergleichen.

Ich bin natürlich immer offen für andere Meinungen, kennst du vielleicht sogar bessere Alternativen?

Gruß

ps. ich lasse den Scan nun laufen.

Wenn er preislich okay war :) ist doch okay, ich kenn die Xeons aber nur aus dem Server- und Workstationbereich. Also Business wo dicke Leistung benötigt wird und Stromverbrauch keine (kaum eine) Rolle spielt...

Code:

Malwarebytes Anti-Rootkit BETA 1.9.3.1001

www.malwarebytes.org
 

Database version:

  main:    v2016.03.16.06

  rootkit: v2016.03.12.01
 

Windows 10 x64 NTFS

Internet Explorer 11.162.10586.0

Thomas Angl :: TA-PC [administrator]
 

16.03.2016 22:34:28

mbar-log-2016-03-16 (22-34-28).txt
 

Scan type: Quick scan

Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken

Scan options disabled: 

Objects scanned: 513855

Time elapsed: 9 minute(s), 34 second(s)
 

Memory Processes Detected: 0

(No malicious items detected)
 

Memory Modules Detected: 0

(No malicious items detected)
 

Registry Keys Detected: 0

(No malicious items detected)
 

Registry Values Detected: 0

(No malicious items detected)
 

Registry Data Items Detected: 0

(No malicious items detected)
 

Folders Detected: 0

(No malicious items detected)
 

Files Detected: 0

(No malicious items detected)
 

Physical Sectors Detected: 0

(No malicious items detected)
 

(end)

Zitat:

Zitat von cosinus (Beitrag 1571086)

Also ich bin sehr zufrieden mit dem Xeon und muss sagen er langweilt sich manchmal auch ein bisschen :).

Er tut auch ohne ECC-Ram was er soll und die fehlende Grafikeinheit stört mich nicht.

Bis jetzt hatte ich auch noch keine Probleme mit dem System.

Gruß

Natürlich sind keine Probleme damit zu erwarten, aber Intel Xeon CPUs sind halt nicht für die breite Masse bestimmt sondern für Server und Workstations gedacht.

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

AdwCleaner Logfile:

Code:

# AdwCleaner v5.102 - Bericht erstellt am 16/03/2016 um 23:50:28

# Aktualisiert am 13/03/2016 von Xplode

# Datenbank : 2016-03-16.1 [Server]

# Betriebssystem : Windows 10 Pro  (x64)

# Benutzername : Thomas Angl - TA-PC

# Gestartet von : C:\Users\Thomas Angl\Desktop\AdwCleaner_5.102.exe

# Option : Löschen

# Unterstützung : hxxp://toolslib.net/forum
 

***** [ Dienste ] *****
 

[-] Dienst Gelöscht : DnsBlockUpdateSvc
 

***** [ Ordner ] *****
 

[-] Ordner Gelöscht : C:\Program Files\{B8E929E7-950B-4B61-ABDA-EF538951DBDE}

[-] Ordner Gelöscht : C:\Program Files (x86)\{8FFAEA13-196F-4740-A57C-991DBAFB3888}

[-] Ordner Gelöscht : C:\Program Files (x86)\{93780901-98B8-4B09-91CD-D21F53E54533}

[-] Ordner Gelöscht : C:\Users\Thomas Angl\AppData\Local\DnsBlock

[-] Ordner Gelöscht : C:\Users\Thomas Angl\AppData\Local\StormFall

[-] Ordner Gelöscht : C:\Users\Thomas Angl\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmnhfkfnkbdaklpjkembblhineampnf

[-] Ordner Gelöscht : C:\WINDOWS\Installer\{0CD1A789-55A1-4F75-AD6C-691457711920}

[-] Ordner Gelöscht : C:\WINDOWS\Installer\{855BA90F-61EB-45DE-AF0C-51820DD6CA05}

[-] Ordner Gelöscht : C:\WINDOWS\Installer\{8C451577-FD2D-42D5-8373-8B2CA12B02D9}

[-] Ordner Gelöscht : C:\WINDOWS\Installer\{8EC67672-A3A6-4FB2-8562-6C799A1F7339}

[-] Ordner Gelöscht : C:\WINDOWS\Installer\{8FC06C19-071A-4232-A6B7-9855F672D825}

[-] Ordner Gelöscht : C:\WINDOWS\Installer\{AEA95D89-242F-4272-B525-56936CC90E6B}
 

***** [ Dateien ] *****
 

[-] Datei Gelöscht : C:\END

[-] Datei Gelöscht : C:\Users\Thomas Angl\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_plmnhfkfnkbdaklpjkembblhineampnf_0.localstorage

[-] Datei Gelöscht : C:\Users\Thomas Angl\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_plmnhfkfnkbdaklpjkembblhineampnf_0.localstorage-journal

[-] Datei Gelöscht : C:\WINDOWS\SysNative\DnsBlockUpdateSvc.exe

[-] Datei Gelöscht : C:\WINDOWS\SysNative\dns.block

[-] Datei Gelöscht : C:\WINDOWS\SysNative\GroupPolicy\Machine\Registry.pol

[-] Datei Gelöscht : C:\WINDOWS\SysNative\GroupPolicy\GPT.ini

[-] Datei Gelöscht : C:\WINDOWS\SysWOW64\dns.block
 

***** [ DLLs ] *****
 
 

***** [ Verknüpfungen ] *****
 
 

***** [ Aufgabenplanung ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\DPBHO.DLL

[-] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{6EE06FB0-F1B6-4367-BEF2-A25837347C4C}]

[-] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{B4139F5C-9819-40A5-A444-563D976CBE05}]

[-] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{925DEF43-7333-47E7-A204-E67CF6589A54}]

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1C6F51F8-BCE6-4702-8952-6A8233359FBC}

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E7BF74EE-9106-4113-B216-2F980BA29141}

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}

[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}

[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}

[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}]

[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}

[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F2DB3739-77FB-41EB-9ED3-ABF34DF2DBF7}

[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}

[-] Schlüssel Gelöscht : HKCU\Software\OCS

[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1453454617-903515338-1349220620-1001\Software\DownloadProtect
 

***** [ Internetbrowser ] *****
 
 

*************************
 

:: "Tracing" Schlüssel gelöscht

:: Proxy Einstellungen zurückgesetzt

:: Winsock Einstellungen zurückgesetzt

:: Internet Explorer Richtlinien gelöscht

:: Chrome Richtlinien gelöscht
 

*************************
 

C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [4495 Bytes] - [16/03/2016 23:50:28]

C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [4371 Bytes] - [16/03/2016 23:49:50]
 

########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [4681 Bytes] ##########

--- --- ---

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Malwarebytes

Version: 8.0.4 (03.14.2016)

Operating System: Windows 10 Pro x64 

Ran by Thomas Angl (Administrator) on 16.03.2016 at 23:53:30,21

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

File System: 4 
 

Successfully deleted: C:\Users\Thomas Angl\AppData\Roaming\Mozilla\Firefox\Profiles\g50gxemg.default\user.js (File) 

Successfully deleted: C:\WINDOWS\prefetch\PWFREE91.TMP-7B4033B0.pf (File) 

Successfully deleted: C:\WINDOWS\prefetch\PWFREE91.TMP-A1DAF4B8.pf (File) 

Successfully deleted: C:\WINDOWS\prefetch\TREESIZEFREE.EXE-CBDF8646.pf (File) 
 
 
 

Registry: 3 
 

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F710F7E5-A520-471D-989C-F653AC328FB2} (Registry Key)

Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F710F7E5-A520-471D-989C-F653AC328FB2} (Registry Key)

Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} (Registry Value) 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 16.03.2016 at 23:54:30,99

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01

durchgeführt von Thomas Angl (Administrator) auf TA-PC (16-03-2016 23:55:30)

Gestartet von C:\Users\Thomas Angl\Desktop

Geladene Profile: Thomas Angl (Verfügbare Profile: Thomas Angl & TA & User & Administrator)

Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: "C:\Program Files\Waterfox\waterfox.exe" -osint -url "%1")

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(AMD) C:\Windows\System32\atiesrxx.exe

() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe

() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe

(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe

(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe

(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe

(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe

(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(VMware, Inc.) C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

() C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe

() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

(Waterfox) C:\Program Files\Waterfox\waterfox.exe

(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.113_none_7689896a26389b16\TiWorker.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 

==================== Registry (Nicht auf der Ausnahmeliste) ===========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-20] (Logitech Inc.)

HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4887752 2015-12-23] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()

HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe

HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [56592 2016-03-02] (Raptr, Inc)

HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [104128 2015-11-25] (VMware, Inc.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\Run: [Clipomatic] => C:\Program Files\Clipomatic\CLIPOM~2.EXE

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3074128 2016-03-10] (Valve Corporation)

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23260000 2016-02-24] (Google)

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\Run: [ClipboardHistory] => C:\Program Files (x86)\ClipboardHistory\ClipboardHistory.exe [1124240 2015-12-23] (Outertech)

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\Run: [BitComet] => "C:\Program Files (x86)\BitComet\BitComet.exe" /tray

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.3\kpm.exe [7473880 2015-07-18] (AO Kaspersky Lab)

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\RunOnce: [Uninstall C:\Users\Thomas Angl\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Thomas Angl\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\RunOnce: [Uninstall C:\Users\Thomas Angl\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Thomas Angl\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\RunOnce: [Uninstall C:\Users\Thomas Angl\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Thomas Angl\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK [2016-01-10]

ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you)

Startup: C:\Users\Thomas Angl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CLIPOM~2.EXE - Verknüpfung.lnk [2016-01-09]

ShortcutTarget: CLIPOM~2.EXE - Verknüpfung.lnk -> C:\Program Files\Clipomatic\CLIPOM~2.EXE (Keine Datei)
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Tcpip\..\Interfaces\{3a941411-f9b1-4735-8b85-0c6833bf997a}: [DhcpNameServer] 192.168.178.1
 

Internet Explorer:

==================

HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

SearchScopes: HKU\S-1-5-21-1453454617-903515338-1349220620-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

SearchScopes: HKU\S-1-5-21-1453454617-903515338-1349220620-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

BHO: Kein Name -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> Keine Datei

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-22] (Oracle Corporation)

BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-25] (AO Kaspersky Lab)

BHO: Kein Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> Keine Datei

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-22] (Oracle Corporation)

BHO: Kaspersky Password Manager -> {F710F7E5-A520-471D-989C-F653AC328FB2} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.3\x64\ie_engine.dll [2015-07-18] (AO Kaspersky Lab)

BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-02-28] (Microsoft Corporation)

BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2015-12-25] (AO Kaspersky Lab)

BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-02-28] (Microsoft Corporation)

Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-12-25] (AO Kaspersky Lab)

Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll [2015-12-25] (AO Kaspersky Lab)

Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)

Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)

Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)

Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)

Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)

Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)

Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-02-28] (Microsoft Corporation)
 

FireFox:

========

FF ProfilePath: C:\Users\Thomas Angl\AppData\Roaming\Mozilla\Firefox\Profiles\g50gxemg.default

FF DefaultSearchEngine: google

FF DefaultSearchUrl: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=utf-8&oe=utf-8&meta=lr=lang_de&q=

FF SelectedSearchEngine: Google

FF SelectedSearchEngine: google

FF Homepage: hxxp://www.google.de?hl=de&gl=de

FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=UTF-8&oe=UTF-8&meta=lr=lang_de&q=

FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=utf-8&oe=utf-8&meta=lr=lang_de&q=

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-10] ()

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-02-28] (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-10] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-02-28] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2015-10-19] (pdfforge GmbH)

FF Extension: Tab Mix Plus - C:\Users\Thomas Angl\AppData\Roaming\Mozilla\Firefox\Profiles\g50gxemg.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-03-16]

FF Extension: Tree Style Tab - C:\Users\Thomas Angl\AppData\Roaming\Mozilla\Firefox\Profiles\g50gxemg.default\extensions\treestyletab@piro.sakura.ne.jp.xpi [2016-03-16]

FF Extension: Roomy Bookmarks Toolbar - C:\Users\Thomas Angl\AppData\Roaming\Mozilla\Firefox\Profiles\g50gxemg.default\extensions\ALone-live@ya.ru.xpi [2016-03-16]

FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox [2016-03-01]

FF Extension: German Dictionary - C:\Users\Thomas Angl\AppData\Roaming\Mozilla\Firefox\Profiles\g50gxemg.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2016-03-16]

FF Extension: uBlock - C:\Users\Thomas Angl\AppData\Roaming\Mozilla\Firefox\Profiles\g50gxemg.default\Extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi [2016-03-16]

FF Extension: Personas Shuffler - C:\Users\Thomas Angl\AppData\Roaming\Mozilla\Firefox\Profiles\g50gxemg.default\Extensions\{f18ce681-59c6-4a25-8ecb-e3e0fd7fbb44}.xpi [2016-03-16]

FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox
 

Chrome: 

=======

CHR Profile: C:\Users\Thomas Angl\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Web Store) - C:\Users\Thomas Angl\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-25]

CHR Extension: (Google Drive) - C:\Users\Thomas Angl\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-25]

CHR Extension: (YouTube) - C:\Users\Thomas Angl\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-25]

CHR Extension: (Google-Suche) - C:\Users\Thomas Angl\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-25]

CHR Extension: (Web Store) - C:\Users\Thomas Angl\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-01-27]

CHR Extension: (Web Store) - C:\Users\Thomas Angl\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-25]

CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Thomas Angl\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-25]

CHR Extension: (Google Mail) - C:\Users\Thomas Angl\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-25]

CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

CHR HKU\S-1-5-21-1453454617-903515338-1349220620-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hlpfbladobbejblkbfleiljmikcfhkem] - hxxps://chrome.google.com/webstore/detail/hlpfbladobbejblkbfleiljmikcfhkem

CHR HKU\S-1-5-21-1453454617-903515338-1349220620-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
 

==================== Dienste (Nicht auf der Ausnahmeliste) ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2015-12-25] ()

S2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe [194000 2015-12-25] (Kaspersky Lab ZAO)

S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-01-17] (BitRaider, LLC)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2804976 2016-02-28] (Microsoft Corporation)

S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)

S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]

R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation)

S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2015-10-19] (pdfforge GmbH)

S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2015-10-19] (pdfforge GmbH)

R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2015-10-19] (pdfforge GmbH)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)

R2 vmware-converter-agent; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter-a.exe [503512 2016-02-09] (VMware, Inc.)

R2 vmware-converter-server; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [503512 2016-02-09] (VMware, Inc.)

R2 vmware-converter-worker; C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\vmware-converter.exe [503512 2016-02-09] (VMware, Inc.)

R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12462784 2015-11-25] ()

S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

S2 PDF Architect 4 Manager; "C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe" [X]
 

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-12-25] ()

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-09-18] (Advanced Micro Devices)

S3 bmdrvr; C:\Windows\SysWow64\drivers\bmdrvr.sys [75992 2016-02-09] (VMware, Inc.)

R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)

R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)

R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)

R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)

R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [77728 2016-03-01] (AO Kaspersky Lab)

S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)

R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2015-12-25] (AO Kaspersky Lab)

R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2015-12-25] (AO Kaspersky Lab)

R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [927640 2016-03-01] (AO Kaspersky Lab)

S1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)

R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)

R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)

R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-12-25] (AO Kaspersky Lab)

R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2015-12-25] (Kaspersky Lab ZAO)

R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)

R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)

S3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)

R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)

R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)

R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [183584 2015-06-12] (Intel Corporation)

R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()

S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()

R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek                                            )

R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-11-05] (VMware, Inc.)

R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [35032 2016-02-09] (VMware, Inc.)

S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)

R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-03-16 23:55 - 2016-03-16 23:55 - 00023805 _____ C:\Users\Thomas Angl\Desktop\FRST.txt

2016-03-16 23:54 - 2016-03-16 23:54 - 00001369 _____ C:\Users\Thomas Angl\Desktop\JRT.txt

2016-03-16 23:48 - 2016-03-16 23:50 - 00000000 ____D C:\Program Files (x86)\AdwCleaner

2016-03-16 23:48 - 2016-03-16 23:48 - 01610352 _____ (Malwarebytes) C:\Users\Thomas Angl\Desktop\JRT.exe

2016-03-16 23:48 - 2016-03-16 23:48 - 00002272 _____ C:\Users\Thomas Angl\Desktop\new 1.txt

2016-03-16 23:47 - 2016-03-16 23:47 - 01527296 _____ C:\Users\Thomas Angl\Desktop\AdwCleaner_5.102.exe

2016-03-16 21:14 - 2016-03-16 21:14 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\PlaysTV

2016-03-16 20:27 - 2016-03-16 18:28 - 02374144 _____ (Farbar) C:\Users\Thomas Angl\Desktop\FRST64.exe

2016-03-16 18:28 - 2016-03-16 23:55 - 00000000 ____D C:\FRST

2016-03-16 18:21 - 2016-03-16 22:53 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2016-03-16 18:21 - 2016-03-16 22:34 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2016-03-16 18:21 - 2016-03-16 18:21 - 00000000 ____D C:\ProgramData\Malwarebytes

2016-03-16 18:20 - 2016-03-16 22:53 - 00000000 ____D C:\Users\Thomas Angl\Desktop\mbar

2016-03-16 18:20 - 2016-03-16 22:33 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2016-03-16 18:20 - 2016-03-16 18:20 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Thomas Angl\Desktop\mbar-1.09.3.1001.exe

2016-03-16 16:57 - 2016-03-16 16:57 - 00001514 _____ C:\Users\Thomas Angl\AppData\Local\recently-used.xbel

2016-03-16 16:57 - 2016-03-16 16:57 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\gtk-2.0

2016-03-16 16:50 - 2016-03-16 16:50 - 00000000 ____D C:\Users\Thomas Angl\.thumbnails

2016-03-16 16:49 - 2016-03-16 16:57 - 00000000 ____D C:\Users\Thomas Angl\.gimp-2.8

2016-03-16 16:49 - 2016-03-16 16:49 - 00000960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk

2016-03-16 16:49 - 2016-03-16 16:49 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\gegl-0.2

2016-03-16 16:49 - 2016-03-16 16:49 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\fontconfig

2016-03-16 16:49 - 2016-03-16 16:49 - 00000000 ____D C:\Program Files\GIMP 2

2016-03-15 17:01 - 2016-03-15 17:01 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\.minecraft

2016-03-15 16:27 - 2016-03-15 16:27 - 00000000 ____D C:\Program Files\Common Files\DESIGNER

2016-03-15 16:23 - 2016-03-15 16:23 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\.technic

2016-03-15 16:17 - 2016-03-15 16:17 - 00000726 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Feed the Beast (FTB).lnk

2016-03-14 18:27 - 2016-03-14 18:27 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\Axolot Games

2016-03-14 14:45 - 2016-03-14 14:45 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\Kaspersky Lab

2016-03-14 14:45 - 2016-03-14 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager

2016-03-11 19:45 - 2016-03-11 19:45 - 00000000 ____D C:\Users\Default\AppData\Local\Google

2016-03-11 19:45 - 2016-03-11 19:45 - 00000000 ____D C:\Users\Default User\AppData\Local\Google

2016-03-09 16:21 - 2016-03-01 06:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll

2016-03-09 16:21 - 2016-03-01 06:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll

2016-03-09 16:21 - 2016-02-24 10:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2016-03-09 16:21 - 2016-02-24 10:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2016-03-09 16:21 - 2016-02-24 10:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2016-03-09 16:21 - 2016-02-24 10:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll

2016-03-09 16:21 - 2016-02-24 10:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll

2016-03-09 16:21 - 2016-02-24 10:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2016-03-09 16:21 - 2016-02-24 09:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll

2016-03-09 16:21 - 2016-02-24 09:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll

2016-03-09 16:21 - 2016-02-24 09:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe

2016-03-09 16:21 - 2016-02-24 09:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll

2016-03-09 16:21 - 2016-02-24 09:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll

2016-03-09 16:21 - 2016-02-24 09:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll

2016-03-09 16:21 - 2016-02-24 09:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll

2016-03-09 16:21 - 2016-02-24 09:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2016-03-09 16:21 - 2016-02-24 09:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll

2016-03-09 16:21 - 2016-02-24 09:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe

2016-03-09 16:21 - 2016-02-24 09:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll

2016-03-09 16:21 - 2016-02-24 09:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll

2016-03-09 16:21 - 2016-02-24 09:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2016-03-09 16:21 - 2016-02-24 09:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys

2016-03-09 16:21 - 2016-02-24 09:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll

2016-03-09 16:21 - 2016-02-24 09:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll

2016-03-09 16:21 - 2016-02-24 08:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll

2016-03-09 16:21 - 2016-02-24 08:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2016-03-09 16:21 - 2016-02-24 08:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll

2016-03-09 16:21 - 2016-02-24 08:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll

2016-03-09 16:21 - 2016-02-24 08:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll

2016-03-09 16:21 - 2016-02-24 08:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll

2016-03-09 16:21 - 2016-02-24 07:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll

2016-03-09 16:21 - 2016-02-24 07:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe

2016-03-09 16:21 - 2016-02-24 07:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll

2016-03-09 16:21 - 2016-02-24 07:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll

2016-03-09 16:21 - 2016-02-24 07:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll

2016-03-09 16:21 - 2016-02-24 07:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll

2016-03-09 16:21 - 2016-02-24 07:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll

2016-03-09 16:21 - 2016-02-24 07:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

2016-03-09 16:21 - 2016-02-24 07:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll

2016-03-09 16:21 - 2016-02-24 07:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2016-03-09 16:21 - 2016-02-24 07:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe

2016-03-09 16:21 - 2016-02-24 07:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll

2016-03-09 16:21 - 2016-02-24 07:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll

2016-03-09 16:21 - 2016-02-24 07:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll

2016-03-09 16:21 - 2016-02-24 07:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2016-03-09 16:21 - 2016-02-24 07:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll

2016-03-09 16:21 - 2016-02-24 07:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll

2016-03-09 16:21 - 2016-02-24 07:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll

2016-03-09 16:21 - 2016-02-24 07:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll

2016-03-09 16:21 - 2016-02-24 07:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll

2016-03-09 16:21 - 2016-02-24 07:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll

2016-03-09 16:21 - 2016-02-24 07:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

2016-03-09 16:21 - 2016-02-24 07:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe

2016-03-09 16:21 - 2016-02-24 07:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll

2016-03-09 16:21 - 2016-02-24 07:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll

2016-03-09 16:21 - 2016-02-24 07:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2016-03-09 16:21 - 2016-02-24 07:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll

2016-03-09 16:21 - 2016-02-24 06:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2016-03-09 16:21 - 2016-02-24 06:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll

2016-03-09 16:21 - 2016-02-24 06:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll

2016-03-09 16:21 - 2016-02-24 06:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2016-03-09 16:21 - 2016-02-24 06:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2016-03-09 16:21 - 2016-02-24 06:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2016-03-09 16:21 - 2016-02-24 06:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll

2016-03-09 16:21 - 2016-02-24 06:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2016-03-09 16:21 - 2016-02-24 06:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll

2016-03-09 16:21 - 2016-02-24 06:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll

2016-03-09 16:21 - 2016-02-24 06:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll

2016-03-09 16:21 - 2016-02-24 05:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2016-03-09 16:21 - 2016-02-24 05:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2016-03-09 16:20 - 2016-02-24 10:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2016-03-09 16:20 - 2016-02-24 10:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2016-03-09 16:20 - 2016-02-24 09:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS

2016-03-09 16:20 - 2016-02-24 09:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe

2016-03-09 16:20 - 2016-02-24 09:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll

2016-03-09 16:20 - 2016-02-24 09:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2016-03-09 16:20 - 2016-02-24 09:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe

2016-03-09 16:20 - 2016-02-24 08:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll

2016-03-09 16:20 - 2016-02-24 08:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll

2016-03-09 16:20 - 2016-02-24 08:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll

2016-03-09 16:20 - 2016-02-24 08:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll

2016-03-09 16:20 - 2016-02-24 08:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll

2016-03-09 16:20 - 2016-02-24 08:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll

2016-03-09 16:20 - 2016-02-24 08:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

2016-03-09 16:20 - 2016-02-24 08:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe

2016-03-09 16:20 - 2016-02-24 08:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll

2016-03-09 16:20 - 2016-02-24 08:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll

2016-03-09 16:20 - 2016-02-24 08:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll

2016-03-09 16:20 - 2016-02-24 08:23 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys

2016-03-09 16:20 - 2016-02-24 08:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll

2016-03-09 16:20 - 2016-02-24 08:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll

2016-03-09 16:20 - 2016-02-24 08:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll

2016-03-09 16:20 - 2016-02-24 08:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll

2016-03-09 16:20 - 2016-02-24 08:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll

2016-03-09 16:20 - 2016-02-24 08:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll

2016-03-09 16:20 - 2016-02-24 08:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll

2016-03-09 16:20 - 2016-02-24 08:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

2016-03-09 16:20 - 2016-02-24 08:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll

2016-03-09 16:20 - 2016-02-24 08:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll

2016-03-09 16:20 - 2016-02-24 08:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll

2016-03-09 16:20 - 2016-02-24 08:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll

2016-03-09 16:20 - 2016-02-24 08:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll

2016-03-09 16:20 - 2016-02-24 08:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll

2016-03-09 16:20 - 2016-02-24 08:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll

2016-03-09 16:20 - 2016-02-24 08:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll

2016-03-09 16:20 - 2016-02-24 08:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2016-03-09 16:20 - 2016-02-24 08:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll

2016-03-09 16:20 - 2016-02-24 08:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll

2016-03-09 16:20 - 2016-02-24 08:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2016-03-09 16:20 - 2016-02-24 08:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll

2016-03-09 16:20 - 2016-02-24 08:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll

2016-03-09 16:20 - 2016-02-24 08:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll

2016-03-09 16:20 - 2016-02-24 07:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll

2016-03-09 16:20 - 2016-02-24 07:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll

2016-03-09 16:20 - 2016-02-24 07:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll

2016-03-09 16:20 - 2016-02-24 07:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll

2016-03-09 16:20 - 2016-02-24 07:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll

2016-03-09 16:20 - 2016-02-24 07:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll

2016-03-09 16:20 - 2016-02-24 07:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll

2016-03-09 16:20 - 2016-02-24 07:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll

2016-03-09 16:20 - 2016-02-24 07:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll

2016-03-09 16:20 - 2016-02-24 07:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll

2016-03-09 16:20 - 2016-02-24 07:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll

2016-03-09 16:20 - 2016-02-24 07:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll

2016-03-09 16:20 - 2016-02-24 07:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll

2016-03-09 16:20 - 2016-02-24 07:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

2016-03-09 16:20 - 2016-02-24 07:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll

2016-03-09 16:20 - 2016-02-24 07:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll

2016-03-09 16:20 - 2016-02-24 07:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll

2016-03-09 16:20 - 2016-02-24 07:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll

2016-03-09 16:20 - 2016-02-24 07:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll

2016-03-09 16:20 - 2016-02-24 07:42 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys

2016-03-09 16:20 - 2016-02-24 07:42 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS

2016-03-09 16:20 - 2016-02-24 07:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll

2016-03-09 16:20 - 2016-02-24 07:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll

2016-03-09 16:20 - 2016-02-24 07:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll

2016-03-09 16:20 - 2016-02-24 07:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll

2016-03-09 16:20 - 2016-02-24 07:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

2016-03-09 16:20 - 2016-02-24 07:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll

2016-03-09 16:20 - 2016-02-24 07:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll

2016-03-09 16:20 - 2016-02-24 07:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll

2016-03-09 16:20 - 2016-02-24 07:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll

2016-03-09 16:20 - 2016-02-24 07:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll

2016-03-09 16:20 - 2016-02-24 07:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll

2016-03-09 16:20 - 2016-02-24 07:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll

2016-03-09 16:20 - 2016-02-24 07:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll

2016-03-09 16:20 - 2016-02-24 07:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll

2016-03-09 16:20 - 2016-02-24 07:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll

2016-03-09 16:20 - 2016-02-24 07:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll

2016-03-09 16:20 - 2016-02-24 07:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll

2016-03-09 16:20 - 2016-02-24 07:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll

2016-03-09 16:20 - 2016-02-24 07:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll

2016-03-09 16:20 - 2016-02-24 07:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll

2016-03-09 16:20 - 2016-02-24 07:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll

2016-03-09 16:20 - 2016-02-24 06:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll

2016-03-09 16:20 - 2016-02-24 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll

2016-03-08 18:54 - 2016-03-08 18:55 - 00000000 ____D C:\Program Files\Intel

2016-03-08 18:54 - 2016-03-08 18:55 - 00000000 ____D C:\Program Files (x86)\Intel

2016-03-08 18:54 - 2016-03-08 18:54 - 00000000 ____D C:\ProgramData\Intel

2016-03-08 18:44 - 2016-03-08 18:44 - 00001769 _____ C:\WINDOWS\Language_trs.ini

2016-03-08 18:44 - 2016-03-08 18:44 - 00000000 ____D C:\Users\Thomas Angl\Intel

2016-03-08 18:38 - 2015-05-29 03:14 - 00886528 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys

2016-03-08 18:38 - 2015-05-29 03:14 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll

2016-03-08 18:02 - 2016-03-08 19:13 - 00000000 ____D C:\Program Files\Waterfox

2016-03-08 18:02 - 2016-03-08 18:02 - 00000984 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox.lnk

2016-03-08 18:02 - 2016-03-08 18:02 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\Mozilla

2016-03-08 18:02 - 2016-03-08 18:02 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\Mozilla

2016-03-07 22:12 - 2016-03-07 22:12 - 00005120 _____ C:\WINDOWS\SysWOW64\energy32.dll

2016-03-07 20:50 - 2016-03-07 20:50 - 00000000 ____D C:\Users\Thomas Angl\Documents\My Games_drive

2016-03-07 20:47 - 2016-03-13 18:25 - 00000000 ____D C:\Users\Thomas Angl\Documents\Banished

2016-03-07 20:39 - 2016-03-07 20:39 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shining Rock Software LLC

2016-03-07 20:39 - 2016-03-07 20:39 - 00000000 ____D C:\Program Files\Shining Rock Software LLC

2016-03-07 16:26 - 2016-03-16 21:01 - 00000000 ____D C:\Program Files (x86)\Raptr Inc

2016-03-07 16:05 - 2016-03-07 16:05 - 00000000 ____D C:\Users\Thomas Angl\Documents\Steuer

2016-03-05 01:24 - 2016-03-05 02:14 - 00000000 ____D C:\Users\Thomas Angl\Desktop\Tk_Schramm

2016-03-04 18:28 - 2016-03-04 18:28 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET

2016-03-02 18:22 - 2016-03-02 18:22 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\Microsoft Help

2016-03-02 17:58 - 2016-02-23 12:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2016-03-02 17:58 - 2016-02-23 12:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2016-03-02 17:58 - 2016-02-23 12:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll

2016-03-02 17:58 - 2016-02-23 12:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2016-03-02 17:58 - 2016-02-23 12:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2016-03-02 17:58 - 2016-02-23 12:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

2016-03-02 17:58 - 2016-02-23 12:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2016-03-02 17:58 - 2016-02-23 12:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys

2016-03-02 17:58 - 2016-02-23 12:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll

2016-03-02 17:58 - 2016-02-23 12:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi

2016-03-02 17:58 - 2016-02-23 11:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll

2016-03-02 17:58 - 2016-02-23 11:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2016-03-02 17:58 - 2016-02-23 11:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll

2016-03-02 17:58 - 2016-02-23 11:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll

2016-03-02 17:58 - 2016-02-23 11:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2016-03-02 17:58 - 2016-02-23 11:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2016-03-02 17:58 - 2016-02-23 11:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll

2016-03-02 17:58 - 2016-02-23 11:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2016-03-02 17:58 - 2016-02-23 11:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll

2016-03-02 17:58 - 2016-02-23 11:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2016-03-02 17:58 - 2016-02-23 11:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll

2016-03-02 17:58 - 2016-02-23 11:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll

2016-03-02 17:58 - 2016-02-23 11:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2016-03-02 17:58 - 2016-02-23 11:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll

2016-03-02 17:58 - 2016-02-23 11:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll

2016-03-02 17:58 - 2016-02-23 11:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2016-03-02 17:58 - 2016-02-23 11:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll

2016-03-02 17:58 - 2016-02-23 11:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2016-03-02 17:58 - 2016-02-23 11:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys

2016-03-02 17:58 - 2016-02-23 10:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll

2016-03-02 17:58 - 2016-02-23 10:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys

2016-03-02 17:58 - 2016-02-23 10:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll

2016-03-02 17:58 - 2016-02-23 10:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2016-03-02 17:58 - 2016-02-23 10:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2016-03-02 17:58 - 2016-02-23 10:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll

2016-03-02 17:58 - 2016-02-23 10:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll

2016-03-02 17:58 - 2016-02-23 10:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2016-03-02 17:58 - 2016-02-23 10:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll

2016-03-02 17:58 - 2016-02-23 10:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll

2016-03-02 17:58 - 2016-02-23 10:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll

2016-03-02 17:58 - 2016-02-23 10:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll

2016-03-02 17:58 - 2016-02-23 10:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2016-03-02 17:58 - 2016-02-23 10:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2016-03-02 17:58 - 2016-02-23 10:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll

2016-03-02 17:58 - 2016-02-23 10:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS

2016-03-02 17:58 - 2016-02-23 10:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll

2016-03-02 17:58 - 2016-02-23 10:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys

2016-03-02 17:58 - 2016-02-23 10:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys

2016-03-02 17:58 - 2016-02-23 10:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll

2016-03-02 17:58 - 2016-02-23 10:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll

2016-03-02 17:58 - 2016-02-23 10:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll

2016-03-02 17:58 - 2016-02-23 10:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe

2016-03-02 17:58 - 2016-02-23 10:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll

2016-03-02 17:58 - 2016-02-23 10:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll

2016-03-02 17:58 - 2016-02-23 10:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys

2016-03-02 17:58 - 2016-02-23 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll

2016-03-02 17:58 - 2016-02-23 10:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll

2016-03-02 17:58 - 2016-02-23 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll

2016-03-02 17:58 - 2016-02-23 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2016-03-02 17:58 - 2016-02-23 09:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll

2016-03-02 17:58 - 2016-02-23 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe

2016-03-02 17:58 - 2016-02-23 09:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll

2016-03-02 17:58 - 2016-02-23 09:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys

2016-03-02 17:58 - 2016-02-23 09:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll

2016-03-02 17:58 - 2016-02-23 09:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll

2016-03-02 17:58 - 2016-02-23 09:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe

2016-03-02 17:58 - 2016-02-23 09:51 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys

2016-03-02 17:58 - 2016-02-23 09:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe

2016-03-02 17:58 - 2016-02-23 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll

2016-03-02 17:58 - 2016-02-23 09:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll

2016-03-02 17:58 - 2016-02-23 09:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll

2016-03-02 17:58 - 2016-02-23 09:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll

2016-03-02 17:58 - 2016-02-23 09:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll

2016-03-02 17:58 - 2016-02-23 09:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll

2016-03-02 17:58 - 2016-02-23 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll

2016-03-02 17:58 - 2016-02-23 09:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll

2016-03-02 17:58 - 2016-02-23 09:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll

2016-03-02 17:58 - 2016-02-23 09:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll

2016-03-02 17:58 - 2016-02-23 09:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll

2016-03-02 17:58 - 2016-02-23 09:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll

2016-03-02 17:58 - 2016-02-23 09:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll

2016-03-02 17:58 - 2016-02-23 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe

2016-03-02 17:58 - 2016-02-23 09:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll

2016-03-02 17:58 - 2016-02-23 09:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll

2016-03-02 17:58 - 2016-02-23 09:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2016-03-02 17:58 - 2016-02-23 09:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll

2016-03-02 17:58 - 2016-02-23 09:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe

2016-03-02 17:58 - 2016-02-23 09:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll

2016-03-02 17:58 - 2016-02-23 09:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll

2016-03-02 17:58 - 2016-02-23 09:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll

2016-03-02 17:58 - 2016-02-23 09:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll

2016-03-02 17:58 - 2016-02-23 09:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll

2016-03-02 17:58 - 2016-02-23 09:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2016-03-02 17:58 - 2016-02-23 09:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll

2016-03-02 17:58 - 2016-02-23 09:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv

2016-03-02 17:58 - 2016-02-23 09:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll

2016-03-02 17:58 - 2016-02-23 09:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll

2016-03-02 17:58 - 2016-02-23 09:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe

2016-03-02 17:58 - 2016-02-23 09:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll

2016-03-02 17:58 - 2016-02-23 09:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

2016-03-02 17:58 - 2016-02-23 09:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll

2016-03-02 17:58 - 2016-02-23 09:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll

2016-03-02 17:58 - 2016-02-23 09:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2016-03-02 17:58 - 2016-02-23 09:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll

2016-03-02 17:58 - 2016-02-23 09:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll

2016-03-02 17:58 - 2016-02-23 09:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll

2016-03-02 17:58 - 2016-02-23 09:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll

2016-03-02 17:58 - 2016-02-23 09:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll

2016-03-02 17:58 - 2016-02-23 09:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe

2016-03-02 17:58 - 2016-02-23 09:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll

2016-03-02 17:58 - 2016-02-23 09:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll

2016-03-02 17:58 - 2016-02-23 09:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

2016-03-02 17:58 - 2016-02-23 09:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll

2016-03-02 17:58 - 2016-02-23 09:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe

2016-03-02 17:58 - 2016-02-23 09:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys

2016-03-02 17:58 - 2016-02-23 09:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll

2016-03-02 17:58 - 2016-02-23 08:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll

2016-03-02 17:58 - 2016-02-23 08:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll

2016-03-02 17:58 - 2016-02-23 08:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll

2016-03-02 17:58 - 2016-02-23 08:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll

2016-03-02 17:58 - 2016-02-23 08:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll

2016-03-02 17:58 - 2016-02-23 08:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll

2016-03-02 17:58 - 2016-02-23 08:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll

2016-03-02 17:58 - 2016-02-23 08:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll

2016-03-02 17:58 - 2016-02-23 08:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll

2016-03-02 17:58 - 2016-02-23 08:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll

2016-03-02 17:58 - 2016-02-23 08:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll

2016-03-02 17:58 - 2016-02-23 08:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2016-03-02 17:58 - 2016-02-23 08:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll

2016-03-02 17:58 - 2016-02-23 08:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll

2016-03-02 17:58 - 2016-02-23 08:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll

2016-03-02 17:58 - 2016-02-23 08:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2016-03-02 17:58 - 2016-02-23 08:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv

2016-03-02 17:58 - 2016-02-23 08:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll

2016-03-02 17:58 - 2016-02-23 08:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2016-03-02 17:58 - 2016-02-23 08:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll

2016-03-02 17:58 - 2016-02-23 08:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll

2016-03-02 17:58 - 2016-02-23 08:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll

2016-03-02 17:58 - 2016-02-23 08:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll

2016-03-02 17:58 - 2016-02-23 08:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll

2016-03-02 17:58 - 2016-02-23 08:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2016-03-02 17:58 - 2016-02-23 08:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll

2016-03-02 17:58 - 2016-02-23 08:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll

2016-03-02 17:58 - 2016-02-23 08:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll

2016-03-02 17:58 - 2016-02-23 08:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll

2016-03-02 17:58 - 2016-02-23 08:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll

2016-03-02 17:58 - 2016-02-23 08:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll

2016-03-02 17:58 - 2016-02-23 08:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll

2016-03-02 17:58 - 2016-02-23 08:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll

2016-03-02 17:58 - 2016-02-23 08:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll

2016-03-02 17:58 - 2016-02-23 08:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll

2016-03-02 17:58 - 2016-02-23 08:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll

2016-03-02 17:58 - 2016-02-23 07:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2016-03-02 17:58 - 2016-02-23 07:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll

2016-03-02 17:58 - 2016-02-23 07:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll

2016-03-02 17:58 - 2016-02-23 07:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2016-03-02 17:58 - 2016-02-23 07:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2016-03-02 17:58 - 2016-02-23 07:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll

2016-03-02 17:58 - 2016-02-23 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2016-03-02 17:58 - 2016-02-23 07:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll

2016-03-02 17:58 - 2016-02-23 07:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2016-03-02 17:58 - 2016-02-23 07:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2016-03-02 17:58 - 2016-02-23 07:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll

2016-03-02 17:58 - 2016-02-23 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2016-03-02 17:58 - 2016-02-23 07:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2016-03-02 17:58 - 2016-02-23 07:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2016-03-02 17:58 - 2016-02-23 07:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2016-03-02 17:58 - 2016-02-23 07:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2016-03-02 17:58 - 2016-02-23 07:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll

2016-03-02 17:58 - 2016-02-23 07:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2016-03-02 17:58 - 2016-02-23 07:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2016-03-02 17:58 - 2016-02-23 07:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2016-03-02 17:58 - 2016-02-09 05:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys

2016-03-02 17:58 - 2016-02-09 05:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys

2016-03-02 17:58 - 2016-02-09 04:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2016-03-02 17:58 - 2016-02-09 04:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll

2016-03-02 17:58 - 2016-02-09 04:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll

2016-03-02 17:58 - 2016-02-09 04:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2016-03-02 17:58 - 2016-02-09 04:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe

2016-03-02 17:58 - 2016-02-09 04:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2016-03-02 17:58 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2016-03-02 17:58 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2016-03-02 17:58 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe

2016-03-02 17:58 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll

2016-03-02 17:58 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll

2016-03-02 17:58 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe

2016-03-02 17:58 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll

2016-03-02 17:58 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll

2016-03-02 17:58 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2016-03-02 17:58 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe

2016-03-02 17:58 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll

2016-03-02 17:58 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll

2016-03-02 17:58 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll

2016-03-02 17:58 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll

2016-03-02 17:58 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll

2016-03-02 17:58 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll

2016-03-02 17:58 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll

2016-03-02 17:58 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll

2016-03-02 17:58 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll

2016-03-02 17:58 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

2016-03-02 17:58 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll

2016-03-02 17:58 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll

2016-03-02 17:58 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys

2016-03-02 17:58 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll

2016-03-02 17:58 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2016-03-02 17:58 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

2016-03-02 17:58 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll

2016-02-28 14:42 - 2016-02-28 14:42 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\DayZCommander

2016-02-28 14:42 - 2016-02-28 14:42 - 00000000 ____D C:\Program Files (x86)\Dotjosh Studios

2016-02-27 21:50 - 2016-02-27 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Resource Kit Tools

2016-02-27 21:50 - 2016-02-27 21:50 - 00000000 ____D C:\Program Files (x86)\Windows Resource Kits

2016-02-27 21:46 - 2016-02-27 21:46 - 00000000 ____D C:\Users\User\AppData\Local\ActiveSync

2016-02-27 21:45 - 2016-02-27 21:45 - 00002401 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2016-02-27 21:45 - 2016-02-27 21:45 - 00000020 ___SH C:\Users\Administrator\ntuser.ini

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\Vorlagen

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\Startmenü

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 ___RD C:\Users\User\OneDrive

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 ____D C:\Users\User\AppData\Roaming\Raptr

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 ____D C:\Users\User\AppData\Local\Logitech

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 ____D C:\Users\User\AppData\Local\AMD

2016-02-27 21:45 - 2016-02-27 21:45 - 00000000 ____D C:\Users\Administrator

2016-02-27 21:45 - 2016-01-02 11:10 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\ATI

2016-02-27 21:45 - 2016-01-02 11:10 - 00000000 ____D C:\Users\Administrator\AppData\Local\ATI

2016-02-27 21:44 - 2016-02-27 21:44 - 00002513 _____ C:\Users\User\Desktop\Sicherer Zahlungsverkehr.lnk

2016-02-27 21:44 - 2016-02-27 21:44 - 00002345 _____ C:\Users\User\Desktop\Google Chrome.lnk

2016-02-27 21:44 - 2016-02-27 21:44 - 00000020 ___SH C:\Users\User\ntuser.ini

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\Vorlagen

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\Startmenü

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\Netzwerkumgebung

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\Lokale Einstellungen

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\Eigene Dateien

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\Druckumgebung

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\Documents\Eigene Videos

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\Documents\Eigene Musik

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\Documents\Eigene Bilder

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\AppData\Local\Verlauf

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\AppData\Local\Anwendungsdaten

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 _SHDL C:\Users\User\Anwendungsdaten

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 ____D C:\Users\User\AppData\Local\VirtualStore

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 ____D C:\Users\User\AppData\Local\TileDataLayer

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 ____D C:\Users\User\AppData\Local\Publishers

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 ____D C:\Users\User\AppData\Local\Packages

2016-02-27 21:44 - 2016-02-27 21:44 - 00000000 ____D C:\Users\User\AppData\Local\Google

2016-02-27 21:44 - 2016-01-02 11:10 - 00000000 ____D C:\Users\User\AppData\Roaming\ATI

2016-02-27 21:44 - 2016-01-02 11:10 - 00000000 ____D C:\Users\User\AppData\Local\ATI

2016-02-27 21:36 - 2016-02-27 21:37 - 00000054 _____ C:\Users\Thomas Angl\Desktop\Test.bat

2016-02-27 21:08 - 2016-02-27 21:12 - 00000000 ____D C:\Users\Thomas Angl\AppData\LocalLow\Daybreak Game Company

2016-02-27 21:08 - 2016-02-27 21:08 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\SCE

2016-02-27 21:08 - 2016-02-27 21:08 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\Daybreak Game Company

2016-02-27 20:43 - 2016-02-27 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.1

2016-02-27 20:43 - 2016-02-27 20:43 - 00000000 ____D C:\Program Files\MiniTool Partition Wizard Free 9.1

2016-02-27 20:43 - 2015-08-11 12:22 - 03067392 _____ C:\WINDOWS\system32\pwNative.exe

2016-02-27 20:43 - 2013-09-30 15:26 - 00019152 ____N C:\WINDOWS\system32\pwdrvio.sys

2016-02-27 20:43 - 2013-09-30 15:26 - 00012504 ____N C:\WINDOWS\system32\pwdspio.sys

2016-02-27 20:04 - 2016-02-27 20:04 - 00000000 ____D C:\ProgramData\LockHunter

2016-02-27 19:47 - 2016-02-27 19:47 - 00000000 ____D C:\Users\Thomas Angl\AppData\LocalLow\uTorrent

2016-02-27 19:46 - 2016-02-27 19:46 - 00000903 _____ C:\Users\Thomas Angl\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk

2016-02-27 10:38 - 2016-02-27 10:38 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\LockHunter

2016-02-27 10:38 - 2016-02-27 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LockHunter

2016-02-27 10:38 - 2016-02-27 10:38 - 00000000 ____D C:\Program Files\LockHunter

2016-02-26 21:55 - 2016-03-16 21:57 - 00003111 _____ C:\Users\Thomas Angl\Desktop\vm_srv.cmd

2016-02-26 21:29 - 2016-02-26 21:36 - 00002475 _____ C:\Users\Thomas Angl\AppData\Local\Perfmon.PerfmonCfg

2016-02-22 19:31 - 2016-02-22 19:31 - 00000000 ____D C:\Users\Thomas Angl\.swt

2016-02-21 12:57 - 2016-02-26 22:03 - 00000026 _____ C:\Users\Thomas Angl\AppData\Local\isoworkshop.ini

2016-02-21 12:56 - 2016-02-21 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glorylogic

2016-02-21 12:56 - 2016-02-21 12:56 - 00000000 ____D C:\Program Files (x86)\Glorylogic

2016-02-21 12:52 - 2016-02-21 12:52 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\WinISO Computing

2016-02-21 12:52 - 2016-02-21 12:52 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\WinISO Computing

2016-02-21 12:51 - 2016-02-27 00:24 - 00000000 ____D C:\Program Files (x86)\WinISO Computing

2016-02-19 13:54 - 2016-02-19 13:54 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\.mono

2016-02-19 13:54 - 2016-02-19 13:54 - 00000000 ____D C:\Users\Thomas Angl\AppData\LocalLow\PlayfulCorp

2016-02-19 13:54 - 2016-02-19 13:54 - 00000000 ____D C:\ProgramData\.mono

2016-02-18 18:23 - 2016-02-18 18:24 - 00001024 _____ C:\.rnd

2016-02-18 18:07 - 2016-03-16 23:48 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\VMware

2016-02-18 18:07 - 2016-03-16 23:48 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\VMware

2016-02-18 18:06 - 2016-02-18 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware

2016-02-18 18:06 - 2016-02-18 18:06 - 01827630 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI

2016-02-18 18:06 - 2016-02-18 18:06 - 00001024 _____ C:\WINDOWS\SysWOW64\%TMP%

2016-02-18 18:06 - 2016-02-18 18:06 - 00000000 ____D C:\Program Files\Common Files\VMware

2016-02-18 18:06 - 2015-11-25 18:10 - 00934080 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll

2016-02-18 18:06 - 2015-11-25 18:10 - 00392896 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe

2016-02-18 18:06 - 2015-11-25 18:10 - 00358080 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe

2016-02-18 18:06 - 2015-11-25 18:10 - 00066752 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmx86.sys

2016-02-18 18:06 - 2015-11-25 18:10 - 00033472 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\VMkbd.sys

2016-02-18 18:06 - 2015-11-25 17:52 - 00026816 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetuserif.sys

2016-02-18 18:06 - 2015-11-06 11:57 - 00062160 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmusb.sys

2016-02-18 18:06 - 2015-11-06 11:57 - 00057536 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\hcmon.sys

2016-02-18 18:06 - 2015-11-05 19:25 - 00075512 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vsock.sys

2016-02-18 18:06 - 2015-11-05 19:25 - 00068288 _____ (VMware, Inc.) C:\WINDOWS\system32\vsocklib.dll

2016-02-18 18:06 - 2015-11-05 19:25 - 00064192 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vsocklib.dll

2016-02-18 18:05 - 2016-03-16 23:51 - 00000000 ____D C:\ProgramData\VMware

2016-02-18 18:05 - 2016-02-18 18:23 - 00000000 ____D C:\Program Files (x86)\VMware

2016-02-18 18:05 - 2016-02-18 18:05 - 00000000 ____D C:\Users\Public\Documents\Shared Virtual Machines

2016-02-18 17:45 - 2016-02-18 17:45 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\Outertech

2016-02-18 17:44 - 2016-02-18 17:44 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Clipboard History

2016-02-18 17:44 - 2016-02-18 17:44 - 00000000 ____D C:\Program Files (x86)\ClipboardHistory
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-03-16 23:55 - 2015-12-25 15:03 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\NetSpeedMonitor

2016-03-16 23:52 - 2016-01-16 09:35 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\Raptr

2016-03-16 23:52 - 2016-01-01 16:00 - 00000000 ____D C:\Users\Thomas Angl\Documents\Scan

2016-03-16 23:52 - 2015-12-25 17:06 - 00000000 ____D C:\Program Files (x86)\Steam

2016-03-16 23:52 - 2015-12-25 17:03 - 00000000 ____D C:\ProgramData\Kaspersky Lab

2016-03-16 23:52 - 2015-12-25 11:30 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2016-03-16 23:51 - 2015-12-29 03:43 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2016-03-16 23:51 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI

2016-03-16 23:50 - 2015-12-29 14:15 - 00000008 __RSH C:\ProgramData\ntuser.pol

2016-03-16 23:45 - 2015-12-25 11:30 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2016-03-16 23:33 - 2016-01-02 23:33 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2016-03-16 23:00 - 2015-12-25 14:57 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\Telegram Desktop

2016-03-16 21:19 - 2015-12-25 10:57 - 01807284 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2016-03-16 21:19 - 2015-10-30 19:35 - 00778208 _____ C:\WINDOWS\system32\perfh007.dat

2016-03-16 21:19 - 2015-10-30 19:35 - 00156548 _____ C:\WINDOWS\system32\perfc007.dat

2016-03-16 21:19 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF

2016-03-16 21:11 - 2015-12-29 03:39 - 00000000 ____D C:\Users\Thomas Angl

2016-03-16 21:02 - 2016-01-30 16:03 - 00000000 ____D C:\ProgramData\Origin

2016-03-16 21:00 - 2016-01-02 15:12 - 00000000 ____D C:\Games

2016-03-16 18:13 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness

2016-03-16 18:13 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp

2016-03-16 18:12 - 2016-01-16 09:39 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files

2016-03-16 17:45 - 2016-01-16 11:40 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\ftblauncher

2016-03-16 16:19 - 2016-01-16 12:09 - 00000000 ____D C:\Feed the Beast

2016-03-15 16:45 - 2015-12-25 11:30 - 00002285 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2016-03-15 16:27 - 2016-01-27 17:54 - 00000000 ____D C:\Program Files\Microsoft Office

2016-03-15 16:27 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2016-03-15 16:27 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared

2016-03-15 16:22 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps

2016-03-14 20:34 - 2015-12-26 15:29 - 00000000 ____D C:\Users\Thomas Angl\AppData\Roaming\vlc

2016-03-14 18:23 - 2016-01-01 18:53 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\JDownloader v2.0

2016-03-14 14:45 - 2015-12-25 17:03 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab

2016-03-12 13:26 - 2015-12-26 15:36 - 00000000 ____D C:\Program Files (x86)\TeamViewer

2016-03-11 20:30 - 2015-12-25 10:51 - 00002422 _____ C:\Users\Thomas Angl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

2016-03-11 19:47 - 2016-02-10 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

2016-03-11 14:41 - 2016-01-01 16:09 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2016-03-09 19:22 - 2016-01-09 14:06 - 00007622 _____ C:\Users\Thomas Angl\AppData\Local\Resmon.ResmonCfg

2016-03-09 19:15 - 2015-12-29 03:38 - 00341328 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2016-03-09 19:14 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Portable Devices

2016-03-09 19:14 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform

2016-03-09 19:14 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices

2016-03-09 19:14 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform

2016-03-09 17:30 - 2015-12-25 15:08 - 00000000 ____D C:\WINDOWS\system32\MRT

2016-03-09 17:28 - 2015-12-25 15:08 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2016-03-08 19:14 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM

2016-03-08 19:09 - 2015-12-25 16:46 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys

2016-03-08 08:12 - 2015-10-30 08:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2016-03-08 08:12 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2016-03-07 20:44 - 2016-01-01 16:12 - 00000000 ____D C:\Users\Thomas Angl\Documents\_Dokumente

2016-03-07 14:32 - 2016-01-29 13:28 - 00000505 _____ C:\WINDOWS\wiso.ini

2016-03-07 14:32 - 2016-01-29 13:24 - 00000000 ____D C:\Program Files (x86)\Steuer 2015

2016-03-07 14:21 - 2015-12-25 10:49 - 00000000 ____D C:\Users\Thomas Angl\AppData\Local\Packages

2016-03-05 12:12 - 2015-12-26 15:36 - 00001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk

2016-03-04 18:13 - 2015-09-10 06:44 - 00000000 __RHD C:\Users\Public\AccountPictures

2016-03-03 03:58 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache

2016-03-03 03:32 - 2016-01-09 15:54 - 00000000 ____D C:\Program Files\Unlocker

2016-03-03 03:32 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal

2016-03-03 03:32 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media

2016-03-03 03:32 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog

2016-03-03 03:32 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns

2016-03-03 03:32 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform

2016-03-03 03:32 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser

2016-03-03 03:32 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr

2016-03-03 03:32 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism

2016-03-03 03:32 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism

2016-03-01 18:04 - 2015-12-25 17:03 - 00927640 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys

2016-03-01 18:04 - 2015-06-06 08:51 - 00077728 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kldisk.sys

2016-02-27 10:30 - 2015-12-27 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free

2016-02-26 21:44 - 2015-12-29 03:39 - 00000000 ____D C:\ProgramData\Package Cache

2016-02-26 21:44 - 2015-12-29 03:39 - 00000000 ____D C:\Program Files\AMD

2016-02-26 21:38 - 2015-11-30 19:45 - 00000000 ____D C:\Users\Thomas Angl\Documents\Dreamspark

2016-02-26 21:32 - 2015-10-30 08:24 - 00000000 ____D C:\PerfLogs

2016-02-22 19:28 - 2015-12-29 12:48 - 00000000 ____D C:\Users\Thomas Angl\.oracle_jre_usage

2016-02-22 19:28 - 2015-12-29 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2016-02-22 19:28 - 2015-12-29 12:48 - 00000000 ____D C:\Program Files\Java

2016-02-22 19:27 - 2015-12-29 12:48 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll

2016-02-18 17:45 - 2015-12-29 03:44 - 00000020 ___SH C:\Users\Thomas Angl\ntuser.ini
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2016-02-21 12:57 - 2016-02-26 22:03 - 0000026 _____ () C:\Users\Thomas Angl\AppData\Local\isoworkshop.ini

2016-02-26 21:29 - 2016-02-26 21:36 - 0002475 _____ () C:\Users\Thomas Angl\AppData\Local\Perfmon.PerfmonCfg

2016-03-16 16:57 - 2016-03-16 16:57 - 0001514 _____ () C:\Users\Thomas Angl\AppData\Local\recently-used.xbel

2016-01-09 14:06 - 2016-03-09 19:22 - 0007622 _____ () C:\Users\Thomas Angl\AppData\Local\Resmon.ResmonCfg

2015-12-26 11:29 - 2015-12-26 11:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 

Einige Dateien in TEMP:

====================

C:\Users\Thomas Angl\AppData\Local\Temp\jansi-64.dll

C:\Users\Thomas Angl\AppData\Local\Temp\playstv_patch.exe

C:\Users\Thomas Angl\AppData\Local\Temp\proxy_vole2600196388475061269.dll

C:\Users\Thomas Angl\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll

C:\Users\Thomas Angl\AppData\Local\Temp\sqlite3.dll
 
 

==================== Bamital & volsnap =================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert

C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert

C:\WINDOWS\explorer.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert

C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert

C:\WINDOWS\system32\services.exe => Datei ist digital signiert

C:\WINDOWS\system32\User32.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert

C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert

C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert

C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
 

LastRegBack: 2016-03-09 17:28
 

==================== Ende von FRST.txt ============================

--- --- ---

Code:



Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01

durchgeführt von Thomas Angl (2016-03-16 23:55:52)

Gestartet von C:\Users\Thomas Angl\Desktop

Windows 10 Pro Version 1511 (X64) (2015-12-29 02:44:48)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-1453454617-903515338-1349220620-500 - Administrator - Enabled) => C:\Users\Administrator

Administrator_TA (S-1-5-21-1453454617-903515338-1349220620-1003 - Administrator - Enabled)

DefaultAccount (S-1-5-21-1453454617-903515338-1349220620-503 - Limited - Disabled)

Freigabe_R (S-1-5-21-1453454617-903515338-1349220620-1007 - Limited - Enabled)

Freigabe_RW (S-1-5-21-1453454617-903515338-1349220620-1005 - Limited - Enabled)

Gast (S-1-5-21-1453454617-903515338-1349220620-501 - Limited - Disabled)

TA (S-1-5-21-1453454617-903515338-1349220620-1004 - Limited - Enabled) => C:\Users\TA

Thomas Angl (S-1-5-21-1453454617-903515338-1349220620-1001 - Administrator - Enabled) => C:\Users\Thomas Angl

User (S-1-5-21-1453454617-903515338-1349220620-1010 - Limited - Enabled) => C:\Users\User

___VMware_Conv_SA___ (S-1-5-21-1453454617-903515338-1349220620-1009 - Limited - Enabled)
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Kaspersky Total Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Kaspersky Total Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Kaspersky Total Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)

Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)

AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)

Astroburn Pro (HKLM-x32\...\Astroburn Pro) (Version: 3.2.0.0198 - Disc Soft Ltd)

Banished v1.0.4 64-bit (HKLM\...\{BF6CC00F-F4C4-4776-B9BD-0882FA92A899}) (Version: 1.0.4 - Shining Rock Software LLC)

BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)

BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)

Brother MFL-Pro Suite MFC-5890CN (HKLM-x32\...\{20E970DF-A7B2-4345-9DEB-72213A29645E}) (Version: 2.0.0.0 - Brother Industries, Ltd.)

Catalyst Control Center Next Localization BR (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization CHS (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization CHT (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization CS (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization DA (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization DE (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization EL (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization ES (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization FI (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization FR (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization HU (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization IT (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization JA (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization KO (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization NL (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization NO (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization PL (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization RU (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization SV (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization TH (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Next Localization TR (Version: 2015.1223.1060.19763 - Advanced Micro Devices, Inc.) Hidden

Clipboard History (HKLM-x32\...\ClipboardHistory) (Version: 3.11 - Outertech)

Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)

GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)

Git version 2.7.0 (HKLM\...\Git_is1) (Version: 2.7.0 - The Git Development Community)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)

Google Drive (HKLM-x32\...\{895D0391-459F-4D45-B8DD-13F0DE70C66E}) (Version: 1.28.1549.1322 - Google, Inc.)

Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden

Hardcopy (HKLM-x32\...\Hardcopy) (Version: 2015.12.01 - www.hardcopy.de)

Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)

Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)

ISO Workshop 6.1 (HKLM-x32\...\ISO Workshop_is1) (Version:  - Glorylogic)

Java 8 Update 73 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418073F0}) (Version: 8.0.730.2 - Oracle Corporation)

JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)

Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{C706D102-D77E-4D45-B631-2A43C55F0F01}) (Version: 8.0.3.287 - Kaspersky Lab)

Kaspersky Password Manager (x32 Version: 8.0.3.287 - Kaspersky Lab) Hidden

Kaspersky Total Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)

Kaspersky Total Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden

LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version:  - Crystal Rich Ltd)

Manager (x32 Version: 4.0.1.25166 - 2015 pdfforge GmbH. All rights reserved) Hidden

Max Local Application (HKLM-x32\...\Max Local Application) (Version: 1.4.4 - ELV Elektronik AG)

Max Local Application (x32 Version: 1.4.4 - ELV Elektronik AG) Hidden

Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)

Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.6568.2036 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)

NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)

Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.9 - Black Tree Gaming)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)

NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)

Office 16 Click-to-Run Extensibility Component (Version: 16.0.6528.1017 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Licensing Component (Version: 16.0.6528.1017 - Microsoft Corporation) Hidden

Office 16 Click-to-Run Localization Component (Version: 16.0.6528.1017 - Microsoft Corporation) Hidden

PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.26.25466 - pdfforge GmbH)

PDF Architect 4 Asian Fonts Pack (Version: 4.0.9.25450 - pdfforge GmbH) Hidden

PDF Architect 4 Create Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden

PDF Architect 4 Edit Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden

PDF Architect 4 Forms Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden

PDF Architect 4 Insert Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden

PDF Architect 4 View Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden

Raptr (HKLM-x32\...\Raptr) (Version: 5.0.3-r110001-release - Raptr, Inc)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)

Rename Master (HKLM-x32\...\Rename Master_is1) (Version:  - )

Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

Steuer 2015 (HKLM-x32\...\{E262CD3B-8825-4D56-AEF1-5E127F2FBB05}) (Version: 23.00.1146 - Buhl Data Service GmbH)

TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)

Telegram Desktop version 0.9.28 (HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.9.28 - Telegram Messenger LLP)

TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)

TreeSize Free V3.4.5 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.4.5 - JAM Software)

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)

VMware vCenter Converter Standalone (HKLM-x32\...\{70487A14-885E-4203-80E6-6FE7AA5FDA8C}) (Version: 6.1.1.3533064 - VMware, Inc.)

VMware Workstation (HKLM\...\{0AD91785-F9BD-47FD-84F7-9E27B5A1853D}) (Version: 12.1.0 - VMware, Inc.)

Waterfox 44.0.3 (x64 en-US) (HKLM\...\Waterfox 44.0.3 (x64 en-US)) (Version: 44.0.3 - Mozilla)

Windows Resource Kit Tools (HKLM-x32\...\{FA237125-51FF-408C-8BB8-30C2B3DFFF9C}) (Version: 5.2.3790 - Microsoft Corporation)

WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

CustomCLSID: HKU\S-1-5-21-1453454617-903515338-1349220620-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Thomas Angl\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {0DDD7E65-CBE4-4C4C-9F62-ECB5F0E27BCF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-02-28] (Microsoft Corporation)

Task: {4698543C-C5A6-4914-B6F0-2DF32A8EA919} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-02-28] (Microsoft Corporation)

Task: {60185B40-7B78-4CCF-B0CD-1BD7FF5BEEF6} - System32\Tasks\hcdll2_ex_Win32 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe [2013-07-17] ()

Task: {61B0A5E6-1BA7-429C-813A-D66B242E6D7E} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2015-12-04] (Advanced Micro Devices, Inc.)

Task: {6565A6A9-90A0-47FE-9CD5-F07E6A8DB542} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-25] (Google Inc.)

Task: {7B138AD4-4633-46ED-8313-53664321AD98} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation)

Task: {829FEE8D-D9A6-46D7-BC5C-CF5F5BFAA6C8} - System32\Tasks\hcdll2_ex_x64 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe [2012-11-08] ()

Task: {85FC6483-D4A5-4881-9795-BAD44EF41A71} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)

Task: {8DCD7E5F-95D2-4953-AE24-136F82A16F4A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-25] (Google Inc.)

Task: {F10A6267-C35D-412B-8965-27A35178D1CB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-10] (Adobe Systems Incorporated)

Task: {FBFC8E3D-C5F4-46B0-A5F1-0686A00EF41C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-03-03] (Microsoft Corporation)
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Verknüpfungen =============================
 

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
 

Shortcut: C:\Users\Thomas Angl\Desktop\Minecraft Server\1.7.10\_ServerStart.bat - Verknüpfung.lnk -> C:\Users\Thomas Angl\Desktop\Minecraft Server\1.7.10\KCauldron-1.7.10-1614.175\_ServerStart.bat ()
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll

2015-12-26 15:36 - 2016-03-02 11:39 - 00020240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll

2015-12-29 03:39 - 2015-12-25 10:52 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe

2016-01-27 17:54 - 2016-02-28 02:20 - 00173248 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll

2015-05-19 09:11 - 2015-05-19 09:11 - 00007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe

2016-01-01 15:55 - 2005-04-22 13:36 - 00143360 ____N () C:\WINDOWS\system32\BrSNMP64.dll

2015-11-25 18:09 - 2015-11-25 18:09 - 12462784 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe

2016-03-02 17:58 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll

2016-03-02 17:58 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll

2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll

2016-01-22 18:01 - 2016-01-22 18:01 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe

2015-12-29 03:36 - 2015-12-29 03:36 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll

2016-03-02 17:58 - 2016-02-23 09:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll

2016-01-13 13:12 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll

2016-01-13 13:12 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2016-01-28 18:40 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll

2016-01-28 18:40 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

2015-12-29 03:39 - 2016-03-16 23:51 - 00034448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll

2015-12-29 03:39 - 2015-12-25 10:52 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll

2015-11-25 18:09 - 2015-11-25 18:09 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll

2016-02-09 02:43 - 2016-02-09 02:43 - 00191704 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\LIBEXPAT.dll

2016-02-09 02:43 - 2016-02-09 02:43 - 00388824 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\ssoClient.dll

2016-02-09 02:44 - 2016-02-09 02:44 - 00086744 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\mspack.dll

2016-02-09 02:41 - 2016-02-09 02:41 - 01301720 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\libxml2.dll

2016-02-09 02:41 - 2016-02-09 02:41 - 00542936 _____ () C:\Program Files (x86)\VMware\VMware vCenter Converter Standalone\sqlite3.dll

2015-11-25 18:09 - 2015-11-25 18:09 - 00165056 _____ () C:\Program Files (x86)\VMware\VMware Workstation\nfc-types.dll

2015-11-25 18:09 - 2015-11-25 18:09 - 00191680 _____ () C:\Program Files (x86)\VMware\VMware Workstation\LIBEXPAT.dll

2015-11-25 18:09 - 2015-11-25 18:09 - 00388800 _____ () C:\Program Files (x86)\VMware\VMware Workstation\ssoClient.dll

2016-01-22 18:01 - 2016-01-22 18:01 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll

2016-01-22 18:01 - 2016-01-22 18:01 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll

2015-06-24 01:07 - 2015-06-24 01:07 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 

AlternateDataStreams: C:\Users\Thomas Angl\ntuser.ini:ch2_encryption_d [50]
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 
 

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
 
 

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 
 

==================== Hosts Inhalt: ===============================
 

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
 

2015-07-30 23:42 - 2015-07-30 23:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg

DNS Servers: 192.168.178.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
 

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
 

HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\StartupApproved\StartupFolder: => "CLIPOM~2.EXE - Verknüpfung.lnk"

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\StartupApproved\Run: => "Clipomatic"

HKU\S-1-5-21-1453454617-903515338-1349220620-1001\...\StartupApproved\Run: => "BitComet"
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

FirewallRules: [{227ECB61-E3EA-4771-80F5-3F4F3DA3281E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{2F147B6D-245B-420A-8537-96D497647720}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{B12BE541-3855-46DC-93F3-34A848582BDF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{A908B620-B966-4BA2-AD39-C7D5C692331C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [UDP Query User{1EAE7E43-9822-4E32-8E64-03DEE7B546F0}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe

FirewallRules: [TCP Query User{3DCA2783-572F-4535-883B-6001A494F679}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe

FirewallRules: [{E69D7CCE-103D-4DED-9C6D-8A035BC66ABA}] => (Allow) LPort=62910

FirewallRules: [{F2B5C367-5736-4C00-AA7B-C24A76F7E170}] => (Allow) LPort=23272

FirewallRules: [{2D9D1FE5-FB44-4DE1-8CE9-13EE451F7226}] => (Allow) LPort=23272

FirewallRules: [{2472BEDE-198D-4081-BC17-576428CBB45E}] => (Allow) LPort=62910

FirewallRules: [{2C0DDC06-9DC1-414B-B46E-DF0B0C031E12}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08y\FAXRX.exe

FirewallRules: [{04490791-D0EA-49CD-837B-A3C135EDD055}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08y\FAXRX.exe

FirewallRules: [{FB941E40-C676-4EDE-B78F-C4CF327B5AEC}] => (Allow) LPort=54925

FirewallRules: [{281C655D-AF35-4F70-8EF1-ECE054E7C8C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe

FirewallRules: [{768CDFF2-60D5-4A61-8729-80421922B029}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe

FirewallRules: [{2CA9C7FE-0B7D-4B78-8247-FE780ED2A7DA}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe

FirewallRules: [{6A94241C-B15B-4057-ADC7-B953029D2FF6}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe

FirewallRules: [{71A3BBB9-C709-4F6E-97D7-63B09E4E15C2}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe

FirewallRules: [{02F2383F-74E1-41D3-925A-8240F0D23EBC}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe

FirewallRules: [{A52F004C-A07D-456A-8839-62DE909AEF56}] => (Allow) C:\Games\Star Wars-The Old Republic\launcher.exe

FirewallRules: [{C0ED08CA-FF2E-492A-A2D2-3BADE49D3F9E}] => (Allow) C:\Games\Star Wars-The Old Republic\launcher.exe

FirewallRules: [{22CDFE49-F062-4AD3-AB56-461B94005334}] => (Allow) C:\Games\Star Wars-The Old Republic\launcher.exe

FirewallRules: [{C9743769-58DD-44AD-8DA8-8E428C220E9F}] => (Allow) C:\Games\Star Wars-The Old Republic\launcher.exe

FirewallRules: [{C0532531-BE56-4F45-9B99-57FA8AC595AF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe

FirewallRules: [{30A3C6C8-34AD-4492-A188-0C3B5F13B325}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe

FirewallRules: [{B08553F2-F6B8-4992-975F-03EE8E64748B}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe

FirewallRules: [{8874789B-09EB-45D4-90E4-012CB361A025}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe

FirewallRules: [{8B95B3F2-AFBE-4236-9935-473CFA96CD4E}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe

FirewallRules: [{30D73ECC-83A0-47BD-A911-83522A759DFC}] => (Allow) LPort=9089

FirewallRules: [{B84FC4E8-746C-4FB2-9934-008FF66CF37E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{1678EDFB-7D52-4150-BC2E-EE54DF44511C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{5458CD84-4420-401D-8BB5-33459C8ED665}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{DBD79EB3-49D8-4238-9FE3-D066D090CECB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{824963FD-CF18-4870-A825-A155D442B215}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe

FirewallRules: [{7D0CF10D-6EE8-4BEE-8CBE-7D8C930262DD}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe

FirewallRules: [{D5C5BAFB-564B-44BF-835E-C20C13AEBFE8}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe

FirewallRules: [{F736B10C-777E-4B8E-90CB-EEDAD893CB59}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe

FirewallRules: [{1BFF3870-7FD1-4675-A477-ECFA2274BADE}] => (Allow) C:\Program Files\Waterfox\waterfox.exe

FirewallRules: [{3C2527EA-F5C1-4662-9354-DCB3ED0E806F}] => (Allow) C:\Program Files\Waterfox\waterfox.exe

FirewallRules: [{E1F839E9-ECDE-4B15-9CB7-4F4B48FFB841}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe

FirewallRules: [{26E31931-A431-44A0-A5AF-7F1673E97D9B}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe

FirewallRules: [{0D76BAF4-14EE-410F-B3E3-44412C156F88}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{3B5269C7-08BD-491F-9209-5B9670BB534E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe

FirewallRules: [{50B9CDFD-648E-444C-A394-1509789D7FC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Space\spacegame\Binaries\Win64\Fractured Space.exe
 

==================== Wiederherstellungspunkte =========================
 

02-03-2016 18:00:21 Windows Update

02-03-2016 18:00:32 Windows Update

07-03-2016 20:39:44 Installed Banished v1.0.4 64-bit

10-03-2016 20:58:04 Windows Update

16-03-2016 23:53:30 JRT Pre-Junkware Removal
 

==================== Fehlerhafte Geräte im Gerätemanager =============
 
 

==================== Fehlereinträge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (03/16/2016 11:53:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
 

System Error:

Zugriff verweigert

.
 

Error: (03/16/2016 11:49:48 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: waterfox.exe, Version: 44.0.3.5892, Zeitstempel: 0x56c5f716

Name des fehlerhaften Moduls: xul.dll, Version: 44.0.3.5892, Zeitstempel: 0x56c5f983

Ausnahmecode: 0x80000003

Fehleroffset: 0x0000000004dbf484

ID des fehlerhaften Prozesses: 0x2af0

Startzeit der fehlerhaften Anwendung: 0xwaterfox.exe0

Pfad der fehlerhaften Anwendung: waterfox.exe1

Pfad des fehlerhaften Moduls: waterfox.exe2

Berichtskennung: waterfox.exe3

Vollständiger Name des fehlerhaften Pakets: waterfox.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: waterfox.exe5
 

Error: (03/16/2016 09:14:14 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: ClipboardHistory.exe, Version: 3.11.0.0, Zeitstempel: 0x00000000

Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.162, Zeitstempel: 0x56cd55ab

Ausnahmecode: 0xc0000005

Fehleroffset: 0x000b7938

ID des fehlerhaften Prozesses: 0x1fb0

Startzeit der fehlerhaften Anwendung: 0xClipboardHistory.exe0

Pfad der fehlerhaften Anwendung: ClipboardHistory.exe1

Pfad des fehlerhaften Moduls: ClipboardHistory.exe2

Berichtskennung: ClipboardHistory.exe3

Vollständiger Name des fehlerhaften Pakets: ClipboardHistory.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ClipboardHistory.exe5
 

Error: (03/16/2016 06:38:18 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 10.1.2123.10, Zeitstempel: 0x569054dc

Name des fehlerhaften Moduls: SkyWrap.dll, Version: 10.1.2123.10, Zeitstempel: 0x569054c9

Ausnahmecode: 0xc0000005

Fehleroffset: 0x00ac6197

ID des fehlerhaften Prozesses: 0x1860

Startzeit der fehlerhaften Anwendung: 0xSkypeHost.exe0

Pfad der fehlerhaften Anwendung: SkypeHost.exe1

Pfad des fehlerhaften Moduls: SkypeHost.exe2

Berichtskennung: SkypeHost.exe3

Vollständiger Name des fehlerhaften Pakets: SkypeHost.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkypeHost.exe5
 

Error: (03/16/2016 04:03:37 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )

Description: Subscription licensing service failed: -1073418220
 

Error: (03/15/2016 04:26:43 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: TA-PC)

Description: Die Anwendung oder der Dienst "Microsoft Office Document Cache Sync Client Interface" konnte nicht heruntergefahren werden.
 

Error: (03/15/2016 04:24:40 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )

Description: Subscription licensing service failed: -1073418220
 

Error: (03/14/2016 08:15:26 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm ScrapMechanic.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 2540
 

Startzeit: 01d17e256a600299
 

Beendigungszeit: 52
 

Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Scrap Mechanic\Release\ScrapMechanic.exe
 

Berichts-ID: 198fd31a-ea19-11e5-8d9a-d850e6bda1ae
 

Vollständiger Name des fehlerhaften Pakets: 
 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:
 

Error: (03/14/2016 08:12:01 PM) (Source: BugSplat) (EventID: 1) (User: )

Description: scrap_mechanicScrapMechanic89539
 

Error: (03/14/2016 02:47:07 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )

Description: Subscription licensing service failed: -1073418220
 
 

Systemfehler:

=============

Error: (03/16/2016 11:51:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "PDF Architect 4 Manager" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%2
 

Error: (03/16/2016 11:51:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Benutzerdatenzugriff_5c5f6" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (03/16/2016 11:51:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Benutzerdatenspeicher _5c5f6" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (03/16/2016 11:51:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Kontaktdaten_5c5f6" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (03/16/2016 11:51:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Synchronisierungshost_5c5f6" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (03/16/2016 11:51:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
 

Error: (03/16/2016 11:50:56 PM) (Source: Service Control Manager) (EventID: 7032) (User: )

Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 

%%1056
 

Error: (03/16/2016 11:50:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "VMware Workstation Server" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
 

Error: (03/16/2016 11:50:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "VMware Authorization Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (03/16/2016 11:50:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "VMware USB Arbitration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
 
 

CodeIntegrity:

===================================

  Date: 2016-03-16 18:23:28.500

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-03-15 16:27:18.456

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-03-11 14:50:48.457

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-03-09 19:15:21.854

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-03-03 03:33:18.527

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-03-02 18:05:30.988

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-02-23 16:00:42.361

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-02-22 16:35:52.286

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-02-19 13:55:27.949

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 

  Date: 2016-02-18 18:06:25.330

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: Intel(R) Xeon(R) CPU E3-1230 v3 @ 3.30GHz

Prozentuale Nutzung des RAM: 13%

Installierter physikalischer RAM: 16321.93 MB

Verfügbarer physikalischer RAM: 14063.39 MB

Summe virtueller Speicher: 18753.93 MB

Verfügbarer virtueller Speicher: 16453.42 MB
 

==================== Laufwerke ================================
 

Drive c: (Samsung_Evo_850_Win10) (Fixed) (Total:465.27 GB) (Free:392.57 GB) NTFS

Drive d: (Daten) (Fixed) (Total:1647.79 GB) (Free:803.2 GB) NTFS

Drive e: (Ubuntu) (Fixed) (Total:215.22 GB) (Free:215.1 GB) NTFS
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 1167D80A)

Partition 1: (Not Active) - (Size=1863 GB) - (Type=42)
 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7B839F81)

Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=465.3 GB) - (Type=07 NTFS)
 

==================== Ende von Addition.txt ============================

Ich versuche das ganze gerade etwas zu analysieren.

Bitte korrigiere mich wenn ich falsch liege.

Malwarebytes Anti-Rootkit:
Scannt Treiber, MBR, Laufwerke, Speicher, Systemstart und die registry nach eventuellen Rootkits und beseitigt diese bei einem neustart des Systems. (Eventuell noch bevor das System an Windows übergeben wird???)

adwCleaner:
Wie der Name sagt entfernt es Adware.
Es setzt die IE und Chrome Richtlinien auf Standard zurück sowie alle Proxy Einstellungen.
Winsock ist ja eine Ansammlung an Funktionen die für Netzwerkverbindungen benötigt werden, oder?
Was sind "Tracing" Schlüssel?

JRT
Hierzu habe ich keine Ahnung.
Es löschte einen Ordner meine FF Profils und drei Reg-key.

Und FRST gibt eine Detailauswertung des Systems mit Einträgen aus der Registry, installierten Programmen, Firewall Regeln usw...

ist das soweit korrekt?
Ich will bei der Sache natürlich auch etwas lernen, soweit es deine Zeit möglich macht.

Gruß

Hallo,

muss ich noch etwas unternehmen?

Gruß
DerT