| Quassel Lp | 25.08.2016 18:23 |
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
durchgeführt von Carl Küschall (Administrator) auf DESKTOP-MI3IQ6B (25-08-2016 19:20:37)
Gestartet von C:\Users\Carl Küschall\Desktop
Geladene Profile: Carl Küschall (Verfügbare Profile: Carl Küschall & Fritz der Hase)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Spotify Ltd) C:\Users\Carl Küschall\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Carl Küschall\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Carl Küschall\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Carl Küschall\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Carl Küschall\AppData\Roaming\Spotify\Spotify.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Carl Küschall\Desktop\FRST64 (1).exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6613896 2016-06-24] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8520448 2015-07-30] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-07-16] (Microsoft Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\Run: [Spotify Web Helper] => C:\Users\Carl Küschall\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1523312 2016-08-23] (Spotify Ltd)
HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\Run: [Spotify] => C:\Users\Carl Küschall\AppData\Roaming\Spotify\Spotify.exe [6930544 2016-08-23] (Spotify Ltd)
HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\Run: [Steam] => D:\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\RunOnce: [Uninstall C:\Users\Carl K�schall\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Carl Küschall\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\RunOnce: [Uninstall C:\Users\Carl K�schall\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Carl Küschall\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1"
Startup: C:\Users\Carl Küschall\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk [2016-08-17]
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{bb6f8066-d2d8-4dce-9a91-cbe6a1cd43cf}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
FireFox:
========
FF ProfilePath: C:\Users\Carl Küschall\AppData\Roaming\Mozilla\Firefox\Profiles\75zu49fy.default
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Extension: (Video DownloadHelper) - C:\Users\Carl Küschall\AppData\Roaming\Mozilla\Firefox\Profiles\75zu49fy.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-08-06]
Chrome:
=======
CHR Profile: C:\Users\Carl Küschall\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Carl Küschall\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-13]
CHR Extension: (Google Docs) - C:\Users\Carl Küschall\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-13]
CHR Extension: (Google Drive) - C:\Users\Carl Küschall\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-13]
CHR Extension: (YouTube) - C:\Users\Carl Küschall\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-13]
CHR Extension: (Tampermonkey) - C:\Users\Carl Küschall\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-07-23]
CHR Extension: (Google Tabellen) - C:\Users\Carl Küschall\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-13]
CHR Extension: (Google Docs Offline) - C:\Users\Carl Küschall\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-13]
CHR Extension: (AdBlock) - C:\Users\Carl Küschall\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-24]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Carl Küschall\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-13]
CHR Extension: (Google Mail) - C:\Users\Carl Küschall\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-13]
CHR Extension: (Chrome Media Router) - C:\Users\Carl Küschall\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-19]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-06-24] () [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1362464 2016-04-30] ()
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [237328 2016-04-30] (EasyAntiCheat Ltd)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
R3 iaLPSS2_UART2; C:\Windows\System32\drivers\iaLPSS2_UART2.sys [281400 2016-01-23] (Intel Corporation)
S3 LGJoyHidFilter; C:\Windows\system32\drivers\LGJoyHidFilter.sys [58144 2015-06-11] (Logitech Inc.)
S3 LGJoyHidLo; C:\Windows\system32\drivers\LGJoyHidLo.sys [47656 2015-06-11] (Logitech Inc.)
S3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 LGSHidFilt; C:\Windows\System32\drivers\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-25] (Malwarebytes)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-08-25 19:20 - 2016-08-25 19:20 - 00012825 _____ C:\Users\Carl Küschall\Desktop\FRST.txt
2016-08-25 19:18 - 2016-08-25 19:19 - 02396160 _____ (Farbar) C:\Users\Carl Küschall\Desktop\FRST64 (1).exe
2016-08-25 18:22 - 2016-08-25 18:22 - 00001198 _____ C:\Users\Carl Küschall\Desktop\h.txt
2016-08-25 18:21 - 2016-08-25 18:21 - 00001846 _____ C:\Users\Carl Küschall\Desktop\hah.txt
2016-08-25 18:21 - 2016-08-25 18:21 - 00000000 _____ C:\Users\Carl Küschall\Desktop\Neues Textdokument (2).txt
2016-08-25 18:20 - 2016-08-25 18:21 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-25 18:20 - 2016-08-25 18:20 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-08-25 18:20 - 2016-08-25 18:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-25 18:20 - 2016-08-25 18:20 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-08-25 18:20 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-08-25 18:20 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-08-25 18:20 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-08-25 18:19 - 2016-08-25 18:19 - 22851472 _____ (Malwarebytes ) C:\Users\Carl Küschall\Downloads\mbam-setup-SEMFD.100SEM-2.2.1.1043.exe
2016-08-21 19:42 - 2016-08-21 19:42 - 00000202 _____ C:\Users\Carl Küschall\Desktop\Gunman Clive 2.url
2016-08-20 23:50 - 2016-08-20 23:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-08-20 20:46 - 2016-08-20 20:46 - 00000000 ____D C:\Users\Carl Küschall\Documents\Games
2016-08-20 20:40 - 2016-08-20 20:40 - 00000202 _____ C:\Users\Carl Küschall\Desktop\Gunman Clive.url
2016-08-18 23:23 - 2016-08-18 23:38 - 140714305 _____ C:\Users\Carl Küschall\Desktop\Dödel.mp4
2016-08-18 21:39 - 2016-08-18 21:39 - 00003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-08-17 22:29 - 2016-08-17 21:36 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-17 22:28 - 2016-08-17 22:28 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 22572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 22219328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 09125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 07623168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-08-17 22:28 - 2016-08-17 22:28 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-08-17 22:28 - 2016-08-17 22:28 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 05511168 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 03617280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-17 22:28 - 2016-08-17 22:28 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-08-17 22:28 - 2016-08-17 22:28 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-08-17 22:28 - 2016-08-17 22:28 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-08-17 22:28 - 2016-08-17 22:28 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 02251440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-17 22:28 - 2016-08-17 22:28 - 01785856 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-17 22:28 - 2016-08-17 22:28 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 01260384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00843104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-17 22:28 - 2016-08-17 22:28 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-17 22:28 - 2016-08-17 22:28 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-17 22:28 - 2016-08-17 22:28 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-17 22:28 - 2016-08-17 22:28 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-17 22:28 - 2016-08-17 22:28 - 00151232 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-08-17 22:28 - 2016-08-17 22:28 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-17 22:28 - 2016-08-17 22:28 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-17 22:28 - 2016-08-17 22:28 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-08-17 22:28 - 2016-08-17 22:28 - 00000000 ____D C:\Windows.old
2016-08-17 22:27 - 2016-08-17 22:27 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-17 22:27 - 2016-08-17 22:27 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-08-17 22:27 - 2016-08-17 22:27 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-17 22:27 - 2016-08-17 22:27 - 00000000 ____D C:\Program Files\MSBuild
2016-08-17 22:27 - 2016-08-17 22:27 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-17 22:27 - 2016-08-17 22:27 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-17 22:27 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-17 22:27 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-17 22:27 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-17 22:27 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-08-17 22:27 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-17 22:27 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-08-17 21:37 - 2016-08-17 21:37 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-17 21:36 - 2016-08-17 21:36 - 00000020 ___SH C:\Users\Carl Küschall\ntuser.ini
2016-08-17 21:36 - 2016-08-17 21:36 - 00000000 ____D C:\ProgramData\USOShared
2016-08-17 21:35 - 2016-08-17 21:35 - 00011433 _____ C:\WINDOWS\diagwrn.xml
2016-08-17 21:35 - 2016-08-17 21:35 - 00011433 _____ C:\WINDOWS\diagerr.xml
2016-08-17 21:35 - 2016-08-17 21:35 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-08-17 21:35 - 2016-08-17 21:35 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-08-17 21:35 - 2016-08-17 21:35 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-08-17 21:35 - 2016-08-17 21:35 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-08-17 21:35 - 2016-08-17 21:35 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-08-17 21:35 - 2016-08-17 21:35 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-08-17 21:35 - 2016-08-17 21:35 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-08-17 21:35 - 2016-08-17 21:35 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-08-17 21:35 - 2016-08-17 21:35 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-08-17 21:35 - 2016-08-17 21:35 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-17 21:35 - 2016-08-17 21:35 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-08-17 21:35 - 2016-08-17 21:35 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-08-17 21:35 - 2016-08-17 21:35 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-08-17 21:35 - 2016-08-17 21:35 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-08-17 21:35 - 2016-08-17 21:35 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-08-17 21:35 - 2016-08-17 21:35 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-08-17 21:35 - 2016-08-17 21:35 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-17 21:35 - 2016-08-17 21:35 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-08-17 21:35 - 2016-08-17 21:35 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-08-17 21:34 - 2016-08-25 19:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-17 21:34 - 2016-08-17 21:34 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-17 21:34 - 2016-08-17 21:34 - 00003662 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-17 21:34 - 2016-08-17 21:34 - 00003438 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-17 21:34 - 2016-08-17 21:34 - 00002300 _____ C:\WINDOWS\System32\Tasks\{6DE6F861-D61A-4898-A1F7-F5F5977CE52B}
2016-08-17 21:34 - 2016-08-17 21:34 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-08-17 21:32 - 2016-08-17 21:33 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-08-17 21:32 - 2016-08-17 21:32 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-17 21:32 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-17 21:31 - 2016-08-25 19:19 - 00000000 ____D C:\Users\Carl Küschall
2016-08-17 21:31 - 2016-08-17 21:34 - 00000000 ____D C:\Users\Fritz der Hase
2016-08-17 21:31 - 2016-08-17 21:32 - 00000000 ____D C:\Program Files\Common Files\logishrd
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Fritz der Hase\Vorlagen
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Fritz der Hase\Startmenü
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Fritz der Hase\Netzwerkumgebung
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Fritz der Hase\Lokale Einstellungen
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Fritz der Hase\Eigene Dateien
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Fritz der Hase\Druckumgebung
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Fritz der Hase\Documents\Eigene Videos
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Fritz der Hase\Documents\Eigene Musik
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Fritz der Hase\Documents\Eigene Bilder
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Fritz der Hase\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Fritz der Hase\AppData\Local\Verlauf
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Fritz der Hase\AppData\Local\Anwendungsdaten
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Fritz der Hase\Anwendungsdaten
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Carl Küschall\Vorlagen
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Carl Küschall\Startmenü
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Carl Küschall\Netzwerkumgebung
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Carl Küschall\Lokale Einstellungen
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Carl Küschall\Eigene Dateien
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Carl Küschall\Druckumgebung
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Carl Küschall\Documents\Eigene Videos
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Carl Küschall\Documents\Eigene Musik
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Carl Küschall\Documents\Eigene Bilder
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Carl Küschall\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Carl Küschall\AppData\Local\Verlauf
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Carl Küschall\AppData\Local\Anwendungsdaten
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 _SHDL C:\Users\Carl Küschall\Anwendungsdaten
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-08-17 21:31 - 2016-08-17 21:31 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-08-17 21:30 - 2016-08-25 19:15 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-08-17 21:30 - 2016-08-25 17:58 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-17 21:30 - 2016-08-20 11:07 - 00311488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-17 21:30 - 2016-08-17 21:32 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-17 21:30 - 2016-08-17 21:30 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-08-17 21:30 - 2016-08-17 21:30 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-08-17 21:30 - 2016-08-17 21:30 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-17 21:30 - 2016-08-17 21:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-08-17 21:30 - 2016-08-17 21:30 - 00000000 ____D C:\Program Files\Realtek
2016-08-17 21:30 - 2016-08-17 21:30 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-08-17 21:30 - 2016-08-17 21:30 - 00000000 ____D C:\Program Files\ATI Technologies
2016-08-17 21:30 - 2016-08-17 21:30 - 00000000 ____D C:\Program Files\AMD
2016-08-17 21:30 - 2016-08-17 21:30 - 00000000 ____D C:\Program Files (x86)\AMD
2016-08-14 12:35 - 2016-08-14 12:39 - 00370424 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2016-08-14 12:35 - 2016-08-14 12:35 - 00000000 ____D C:\Users\Carl Küschall\AppData\Local\Victory
2016-08-14 12:35 - 2016-08-14 12:35 - 00000000 ____D C:\Users\Carl Küschall\AppData\Local\UnrealEngine
2016-08-14 12:34 - 2016-04-30 11:45 - 00237328 _____ (EasyAntiCheat Ltd) C:\WINDOWS\SysWOW64\EasyAntiCheat.exe
2016-08-13 15:15 - 2016-08-13 15:15 - 00012237 _____ C:\Users\Carl Küschall\AppData\Local\recently-used.xbel
2016-08-13 14:34 - 2016-08-13 14:34 - 00000000 ____D C:\Users\Carl Küschall\AppData\Local\Logitech® Webcam-Software
2016-08-13 14:32 - 2016-08-13 14:32 - 00000000 ____D C:\Users\Carl Küschall\AppData\Roaming\Leadertech
2016-08-13 14:32 - 2016-08-13 14:32 - 00000000 ____D C:\ProgramData\LogiShrd
2016-08-13 14:31 - 2016-08-17 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-08-13 14:31 - 2016-08-13 14:32 - 00000000 ____D C:\Program Files (x86)\Logitech
2016-08-13 14:31 - 2016-08-13 14:31 - 00001713 _____ C:\Users\Public\Desktop\Logitech Webcam Software .lnk
2016-08-13 14:10 - 2016-08-13 14:30 - 74520472 _____ (Logitech, Inc.) C:\Users\Carl Küschall\Downloads\lws280.exe
2016-08-13 14:03 - 2016-08-13 14:03 - 00073907 _____ C:\Users\Carl Küschall\Desktop\^DB4747EFA0DA505ECF2108AA1E85E8279E81F84248A922CEA6^pimgpsh_fullsize_distr.jpg
2016-08-13 13:17 - 2016-08-13 13:17 - 02276795 _____ C:\Users\Carl Küschall\Downloads\Banner-Vorlage-by-Hydriks.rar
2016-08-12 22:45 - 2016-08-12 22:45 - 01352718 _____ C:\Users\Carl Küschall\Documents\Unbenannt.xcf
2016-08-12 22:31 - 2016-08-12 22:31 - 00000000 ____D C:\Users\Carl Küschall\.thumbnails
2016-08-12 22:30 - 2016-08-13 15:15 - 00000000 ____D C:\Users\Carl Küschall\AppData\Local\gtk-2.0
2016-08-12 22:04 - 2016-08-13 16:16 - 00000000 ____D C:\Users\Carl Küschall\.gimp-2.8
2016-08-12 22:04 - 2016-08-12 22:04 - 00000000 ____D C:\Users\Carl Küschall\AppData\Local\gegl-0.2
2016-08-12 22:04 - 2016-08-12 22:04 - 00000000 ____D C:\Users\Carl Küschall\AppData\Local\fontconfig
2016-08-12 22:02 - 2016-08-12 22:02 - 00000939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-08-12 22:02 - 2016-08-12 22:02 - 00000927 _____ C:\Users\Public\Desktop\GIMP 2.lnk
2016-08-12 22:02 - 2016-08-12 22:02 - 00000000 ____D C:\Program Files\GIMP 2
2016-08-12 21:58 - 2016-08-12 22:00 - 77404656 _____ (The GIMP Team ) C:\Users\Carl Küschall\Downloads\gimp-2.8.18-setup.exe
2016-08-12 21:41 - 2016-08-12 21:41 - 00000259 _____ C:\Users\Carl Küschall\Desktop\Intro mit C4d (2).mp4
2016-08-12 21:20 - 2016-08-12 21:25 - 101690961 _____ C:\Users\Carl Küschall\Desktop\2016-08-12 21-20-41.mp4
2016-08-12 20:24 - 2016-08-12 20:24 - 00000000 ____D C:\Users\Carl Küschall\.MCTranscodingSDK
2016-08-12 20:13 - 2016-08-12 20:13 - 13496334 _____ C:\Users\Carl Küschall\Downloads\Facecam-Rahmen-Template-KBDESIGNZ.zip
2016-08-12 19:55 - 2016-08-17 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks
2016-08-12 19:55 - 2016-08-12 20:30 - 00000000 ____D C:\Users\Public\Documents\Lightworks
2016-08-12 19:55 - 2016-08-12 19:55 - 00001835 _____ C:\Users\Public\Desktop\Lightworks x64 (12.6).lnk
2016-08-12 19:55 - 2016-08-12 19:55 - 00000000 ____D C:\ProgramData\Geevs
2016-08-12 19:55 - 2016-08-12 19:55 - 00000000 ____D C:\Program Files\Lightworks
2016-08-12 19:49 - 2016-08-12 19:53 - 73511992 _____ (Lightworks) C:\Users\Carl Küschall\Downloads\lightworks_v12.6.0_full_64bit_setup.exe
2016-08-12 18:59 - 2016-08-12 18:59 - 00000000 ____D C:\Users\Fritz der Hase\AppData\Local\Comms
2016-08-12 18:44 - 2016-08-12 18:44 - 00000000 ____D C:\Users\Fritz der Hase\AppData\Local\ActiveSync
2016-08-12 18:42 - 2016-08-17 21:31 - 00000000 ____D C:\Users\Fritz der Hase\AppData\Local\Packages
2016-08-12 18:42 - 2016-08-12 18:43 - 00002414 _____ C:\Users\Fritz der Hase\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-12 18:42 - 2016-08-12 18:43 - 00000000 ___RD C:\Users\Fritz der Hase\OneDrive
2016-08-12 18:42 - 2016-08-12 18:42 - 00000000 ____D C:\Users\Fritz der Hase\AppData\Roaming\Adobe
2016-08-12 18:42 - 2016-08-12 18:42 - 00000000 ____D C:\Users\Fritz der Hase\AppData\Local\VirtualStore
2016-08-12 18:42 - 2016-08-12 18:42 - 00000000 ____D C:\Users\Fritz der Hase\AppData\Local\TileDataLayer
2016-08-12 18:42 - 2016-08-12 18:42 - 00000000 ____D C:\Users\Fritz der Hase\AppData\Local\Publishers
2016-08-12 18:42 - 2016-08-12 18:42 - 00000000 ____D C:\Users\Fritz der Hase\AppData\Local\Google
2016-08-12 18:42 - 2016-08-12 18:42 - 00000000 ____D C:\Users\Fritz der Hase\AppData\Local\AMD
2016-08-12 17:58 - 2016-08-12 17:58 - 00713112 _____ C:\Users\Carl Küschall\Downloads\NoDefender.zip
2016-08-12 17:46 - 2016-08-12 17:46 - 00002259 _____ C:\WINDOWS\epplauncher.mif
2016-08-12 17:45 - 2016-08-12 18:19 - 00000000 ___HD C:\$GetCurrent
2016-08-12 17:45 - 2016-08-12 18:09 - 00000036 _____ C:\WINDOWS\progress.ini
2016-08-12 17:45 - 2016-08-12 18:08 - 00000000 ____D C:\Windows10Upgrade
2016-08-12 17:45 - 2016-08-12 17:45 - 00000731 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Upgrade-Assistent.lnk
2016-08-12 17:45 - 2016-08-12 17:45 - 00000719 _____ C:\Users\Carl Küschall\Desktop\Windows 10-Upgrade-Assistent.lnk
2016-08-12 17:10 - 2016-08-12 17:38 - 11667288 _____ (Microsoft Corporation) C:\Users\Carl Küschall\Downloads\MSEInstall (1).exe
2016-08-12 17:09 - 2016-08-12 17:45 - 14345408 _____ (Microsoft Corporation) C:\Users\Carl Küschall\Downloads\MSEInstall.exe
2016-08-12 17:09 - 2016-08-12 17:45 - 05790552 _____ (Microsoft Corporation) C:\Users\Carl Küschall\Downloads\Windows10Upgrade28084.exe
2016-08-12 16:44 - 2016-07-13 17:48 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20160812-164437.backup
2016-08-12 16:31 - 2016-08-12 16:32 - 00001502 _____ C:\Users\Carl Küschall\Desktop\Defender.lnk
2016-08-12 15:07 - 2016-08-12 19:46 - 01474568 _____ C:\Users\Carl Küschall\Downloads\Lightworks - CHIP-Installer (1).exe
2016-08-12 01:07 - 2016-08-12 01:07 - 10995344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 10317568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 09340136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 09131736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 08892696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 08738920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 07258160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 07115928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 01547544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 01273928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00479368 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00183952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00164280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00159088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00154920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00152800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00138688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00138176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00137224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00123120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00123104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00105344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-08-12 01:07 - 2016-08-12 01:07 - 00105344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 48819200 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 38266368 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 32555512 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 27489280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 26706432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2016-08-12 01:06 - 2016-08-12 01:06 - 26639360 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 21641216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 15729152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 14320128 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 08830456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 08627704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 07076352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 06956032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 02376704 _____ C:\WINDOWS\system32\amdoclvp9lib64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 02286584 _____ C:\WINDOWS\SysWOW64\amdoclvp9lib32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 02147328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 01837568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 01323008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00991232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00991232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00883192 _____ (AMD) C:\WINDOWS\system32\coinst_16.30.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00751616 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00627192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00521728 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00518656 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2016-08-12 01:06 - 2016-08-12 01:06 - 00459776 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00402944 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00350208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00292352 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00287744 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00287232 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00275968 _____ C:\WINDOWS\system32\GameManager64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00270336 _____ C:\WINDOWS\system32\clinfo.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00268792 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00249336 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00241152 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00234496 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00231424 _____ C:\WINDOWS\system32\atieah64.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00222208 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00209408 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00202744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00201728 _____ C:\WINDOWS\system32\amdhdl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00181760 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00176640 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00159736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00137208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00135168 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00130560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00123896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00118784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00113664 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00111616 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00109568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00108544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00108544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00104448 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00083960 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00079864 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00073216 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00069632 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00068608 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2016-08-12 01:06 - 2016-08-12 01:06 - 00068096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00067584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00066560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00060920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00055800 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2016-08-12 01:06 - 2016-08-12 01:06 - 00021496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2016-08-11 23:13 - 2016-08-11 23:13 - 00000000 ____D C:\Users\Carl Küschall\Documents\FlashIntegro
2016-08-11 23:13 - 2016-08-11 23:13 - 00000000 ____D C:\Users\Carl Küschall\AppData\Roaming\VideoEditor
2016-08-11 23:13 - 2016-08-11 23:13 - 00000000 ____D C:\Users\Carl Küschall\AppData\Roaming\FlashIntegro
2016-08-11 23:12 - 2016-07-25 17:41 - 00071480 _____ (Flash-Integro LLC) C:\WINDOWS\SysWOW64\mslvddsfilter3.ax
2016-08-11 23:12 - 2011-12-07 18:32 - 00216064 _____ ( ) C:\WINDOWS\SysWOW64\Lagarith.dll
2016-08-11 23:12 - 2005-08-01 18:43 - 00245760 _____ () C:\WINDOWS\SysWOW64\lame.ax
2016-08-11 23:12 - 2004-12-10 09:03 - 00438272 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2016-08-11 23:12 - 2004-09-06 15:06 - 00053248 _____ C:\WINDOWS\SysWOW64\xvid.ax
2016-08-11 23:12 - 2004-07-03 20:08 - 00139264 _____ C:\WINDOWS\SysWOW64\xvidvfw.dll
2016-08-11 23:12 - 2004-07-03 19:59 - 00524288 _____ C:\WINDOWS\SysWOW64\xvidcore.dll
2016-08-11 23:12 - 2004-02-04 20:11 - 00081920 _____ (fccHandler) C:\WINDOWS\SysWOW64\AC3ACM.acm
2016-08-11 23:12 - 2003-05-22 11:26 - 00638976 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divx.dll
2016-08-11 23:12 - 2003-05-22 11:26 - 00221215 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divxdec.ax
2016-08-11 23:12 - 2003-05-21 22:50 - 00261632 _____ (MainConcept) C:\WINDOWS\SysWOW64\mcdvd_32.dll
2016-08-11 23:12 - 2003-05-21 22:50 - 00156910 _____ C:\WINDOWS\WMSysPr8.prx
2016-08-11 23:12 - 2003-05-21 22:50 - 00082944 _____ (Voxware, Inc.) C:\WINDOWS\SysWOW64\vct3216.acm
2016-08-11 23:12 - 2003-05-21 22:50 - 00038912 _____ (NCT Company) C:\WINDOWS\SysWOW64\alf2cd.acm
2016-08-11 23:12 - 2003-05-21 22:50 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2016-08-11 23:12 - 2003-03-25 04:49 - 00098304 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\SysWOW64\L3CODECX.AX
2016-08-11 23:12 - 2002-08-19 23:41 - 00413760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg4c32.dll
2016-08-11 23:12 - 2000-03-14 19:55 - 00013239 _____ (SHARP Corporation) C:\WINDOWS\SysWOW64\Scg726.acm
2016-08-11 23:09 - 2016-08-11 23:09 - 01474568 _____ C:\Users\Carl Küschall\Downloads\VSDC Free Video Editor - CHIP-Installer.exe
2016-08-11 23:09 - 2016-08-11 23:09 - 01474568 _____ C:\Users\Carl Küschall\Downloads\VSDC Free Video Editor - CHIP-Installer (1).exe
2016-08-11 23:05 - 2016-08-17 21:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2016-08-11 23:05 - 2016-08-11 23:05 - 00000000 ____D C:\Users\Public\Documents\MAGIX
2016-08-11 22:28 - 2016-08-11 22:29 - 66841058 _____ C:\Users\Carl Küschall\Desktop\Miza & Seum Dero - Paradise [FSTU Release].wav
2016-08-11 11:21 - 2016-08-11 12:18 - 622662562 _____ C:\Users\Carl Küschall\Desktop\Warcraft.mp4
2016-08-06 19:45 - 2016-08-06 22:13 - 00000000 ____D C:\Users\Carl Küschall\Documents\Assassin's Creed Syndicate
2016-08-06 17:54 - 2016-08-06 17:54 - 00000234 _____ C:\Users\Carl Küschall\Desktop\Assassin's Creed Syndicate.url
2016-08-06 17:54 - 2016-08-06 17:54 - 00000234 _____ C:\Users\Carl Küschall\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Assassin's Creed Syndicate.url
2016-08-06 17:52 - 2016-08-13 16:22 - 00000183 _____ C:\Users\Carl Küschall\Desktop\Passwörter (2).txt
2016-08-06 17:47 - 2016-08-24 20:02 - 00000000 ____D C:\Users\Carl Küschall\AppData\Local\Ubisoft Game Launcher
2016-08-06 17:47 - 2016-08-17 21:32 - 00000000 ____D C:\Users\Carl Küschall\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-08-06 17:47 - 2016-08-06 17:47 - 00001278 _____ C:\Users\Carl Küschall\Desktop\Uplay.lnk
2016-08-06 17:47 - 2016-08-06 17:47 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-08-03 10:54 - 2016-08-03 10:54 - 00000000 ____D C:\Users\Carl Küschall\AppData\Local\ElevatedDiagnostics
2016-08-01 22:00 - 2016-08-01 22:08 - 287602782 _____ C:\Users\Carl Küschall\Desktop\2016-08-01-2200-43.mp4
2016-08-01 13:24 - 2016-08-01 13:24 - 06188127 _____ C:\Users\Carl Küschall\Downloads\12304.mp4.crdownload
2016-07-30 13:05 - 2016-07-30 13:14 - 322900677 _____ C:\Users\Carl Küschall\Desktop\2016-07-30-1305-22.mp4
2016-07-30 10:16 - 2016-07-30 10:17 - 00000141 _____ C:\Users\Carl Küschall\Desktop\Neues Textdokument.txt
2016-07-26 14:18 - 2016-08-17 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2016-07-26 14:18 - 2016-07-26 14:19 - 00000000 ____D C:\Users\Carl Küschall\Documents\Nexus Mod Manager
2016-07-26 14:18 - 2016-07-26 14:18 - 00000655 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2016-07-26 14:18 - 2016-07-26 14:18 - 00000000 ____D C:\Users\Carl Küschall\AppData\Local\Black_Tree_Gaming
2016-07-26 14:13 - 2016-07-26 14:14 - 06359496 _____ (Black Tree Gaming ) C:\Users\Carl Küschall\Downloads\Nexus Mod Manager-0.61.23.exe
2016-07-26 13:54 - 2016-07-26 14:55 - 00000000 ____D C:\Users\Carl Küschall\AppData\Local\Skyrim
2016-07-26 09:00 - 2016-07-26 09:00 - 00000000 ____D C:\Users\Carl Küschall\Documents\My Games
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-08-25 19:20 - 2016-07-21 17:49 - 00000000 ____D C:\FRST
2016-08-25 19:20 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-25 19:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-25 19:17 - 2016-07-13 17:35 - 00000000 ____D C:\Users\Carl Küschall\AppData\Roaming\Skype
2016-08-25 19:16 - 2016-07-13 17:35 - 00000000 ____D C:\Users\Carl Küschall\AppData\Local\Spotify
2016-08-25 19:15 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-08-25 18:25 - 2016-07-13 17:33 - 00000000 ____D C:\Users\Carl Küschall\AppData\Roaming\Spotify
2016-08-25 17:25 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-24 22:12 - 2016-07-17 00:51 - 00590168 _____ C:\WINDOWS\system32\perfh007.dat
2016-08-24 22:12 - 2016-07-17 00:51 - 00115110 _____ C:\WINDOWS\system32\perfc007.dat
2016-08-24 22:12 - 2016-07-13 17:12 - 01642148 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-22 20:20 - 2016-07-19 15:36 - 00000000 ____D C:\Users\Carl Küschall\AppData\Roaming\obs-studio
2016-08-22 20:18 - 2016-07-19 16:03 - 00000000 ____D C:\Users\Carl Küschall\AppData\Roaming\OBS
2016-08-21 19:42 - 2016-07-13 17:51 - 00000000 ____D C:\Users\Carl Küschall\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-21 18:11 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-08-21 17:20 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-08-18 23:23 - 2016-07-20 14:48 - 00000000 ____D C:\Users\Carl Küschall\AppData\Roaming\HandBrake
2016-08-18 21:39 - 2016-07-13 17:17 - 00002411 _____ C:\Users\Carl Küschall\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-18 21:39 - 2016-07-13 17:17 - 00000000 ___RD C:\Users\Carl Küschall\OneDrive
2016-08-18 09:55 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-17 22:29 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-17 22:28 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-08-17 22:28 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-08-17 22:28 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-08-17 22:28 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-08-17 22:28 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-08-17 22:28 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-17 22:28 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-08-17 22:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-08-17 22:27 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-08-17 21:52 - 2016-07-13 17:15 - 00000000 ____D C:\Users\Carl Küschall\AppData\Local\Packages
2016-08-17 21:36 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-17 21:36 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-17 21:36 - 2016-07-13 17:15 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-17 21:35 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-17 21:35 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-08-17 21:35 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-08-17 21:35 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-08-17 21:35 - 2016-07-13 17:49 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-17 21:34 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-17 21:33 - 2016-07-22 21:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-08-17 21:33 - 2016-07-21 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-08-17 21:33 - 2016-07-20 14:47 - 00000000 ____D C:\Users\Carl Küschall\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2016-08-17 21:33 - 2016-07-19 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-08-17 21:33 - 2016-07-19 16:03 - 00000000 ____D C:\Users\Carl Küschall\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2016-08-17 21:33 - 2016-07-19 15:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2016-08-17 21:33 - 2016-07-13 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2016-08-17 21:33 - 2016-07-13 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
2016-08-17 21:33 - 2016-07-13 17:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-17 21:32 - 2016-07-23 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2016-08-17 21:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-17 21:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-17 21:32 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-17 21:32 - 2016-07-13 17:44 - 00000000 ____D C:\Users\Default.migrated
2016-08-17 21:32 - 2016-07-13 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-08-17 21:31 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-17 21:31 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-08-17 21:31 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-17 21:31 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-17 21:30 - 2016-07-14 02:06 - 00000000 ____D C:\AMD
2016-08-14 22:27 - 2016-07-17 01:55 - 00000000 ___HD C:\$WINDOWS.~BT
2016-08-14 21:40 - 2016-07-13 17:18 - 00001150 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-14 21:32 - 2016-07-13 17:35 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-14 21:32 - 2016-07-13 17:35 - 00000000 ____D C:\ProgramData\Skype
2016-08-14 11:56 - 2016-07-17 08:52 - 00000000 ____D C:\ProgramData\AMD
2016-08-14 11:56 - 2016-07-13 17:18 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-12 18:43 - 2016-07-13 17:16 - 00000000 ____D C:\Users\Carl Küschall\AppData\Local\AMD
2016-08-12 17:52 - 2016-07-21 16:46 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-08-12 15:22 - 2016-07-13 17:21 - 00001247 _____ C:\Users\Carl Küschall\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CNext.lnk
2016-08-10 23:06 - 2016-07-24 08:03 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 23:05 - 2016-07-24 08:03 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-10 19:42 - 2016-07-13 17:20 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-10 19:42 - 2016-07-13 17:20 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-04 20:13 - 2016-07-22 21:15 - 00000000 ____D C:\Users\Carl Küschall\AppData\Roaming\.minecraft
2016-07-30 13:02 - 2016-07-19 16:03 - 00000000 ____D C:\Program Files (x86)\OBS
2016-07-27 21:25 - 2016-07-14 21:28 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-27 13:11 - 2016-07-23 16:54 - 00000000 ____D C:\Users\Carl Küschall\AppData\Local\Mozilla
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-08-13 15:15 - 2016-08-13 15:15 - 0012237 _____ () C:\Users\Carl Küschall\AppData\Local\recently-used.xbel
2016-07-14 20:55 - 2016-07-14 20:55 - 0000017 _____ () C:\Users\Carl Küschall\AppData\Local\resmon.resmoncfg
2016-08-17 21:31 - 2016-08-17 21:31 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-08-17 21:30
==================== Ende von FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
durchgeführt von Carl Küschall (25-08-2016 19:20:57)
Gestartet von C:\Users\Carl Küschall\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-17 19:36:00)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1264686632-1428422705-2060577652-500 - Administrator - Disabled)
Carl Küschall (S-1-5-21-1264686632-1428422705-2060577652-1001 - Administrator - Enabled) => C:\Users\Carl Küschall
DefaultAccount (S-1-5-21-1264686632-1428422705-2060577652-503 - Limited - Disabled)
Fritz der Hase (S-1-5-21-1264686632-1428422705-2060577652-1003 - Limited - Enabled) => C:\Users\Fritz der Hase
Gast (S-1-5-21-1264686632-1428422705-2060577652-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version: - Studio Wildcard)
Assassin's Creed Syndicate (HKLM-x32\...\Uplay Install 1875) (Version: 1.50 - Ubisoft)
Call of Duty: Black Ops III (HKLM\...\Steam App 311210) (Version: - Treyarch)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Gunman Clive (HKLM\...\Steam App 262550) (Version: - Hörberg Productions)
Gunman Clive 2 (HKLM\...\Steam App 394550) (Version: - Hörberg Productions)
HandBrake 0.10.5 (HKLM-x32\...\HandBrake) (Version: 0.10.5 - )
Iron Snout (HKLM\...\Steam App 424280) (Version: - SnoutUp)
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 12.6.0.0 - Lightworks)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{E0E6D1E1-32D6-427D-9696-4090DA2C5743}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video deluxe 2013 Premium (HKLM-x32\...\MAGIX_{47E960B1-A285-4D31-87BA-4D2936FC8FF1}) (Version: 12.0.3.4 - MAGIX AG)
MAGIX Video deluxe 2013 Premium (Version: 12.0.3.4 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 47.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 de)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.23 - Black Tree Gaming)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.15.2 - OBS Project)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Portal 2 (HKLM\...\Steam App 620) (Version: - Valve)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\Spotify) (Version: 1.0.36.124.g1cba1920 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Binding of Isaac (HKLM\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Culling (HKLM\...\Steam App 437220) (Version: - Xaviant)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios)
TrackMania² Stadium (HKLM\...\Steam App 232910) (Version: - Nadeo)
UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 9.0 - Ubisoft)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17349 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1264686632-1428422705-2060577652-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Carl Küschall\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {21B99591-DF1F-4EA9-8859-5E52CB7A5B51} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-13] (Google Inc.)
Task: {3BF68FAD-538E-449E-8750-70E66BFAB722} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {3DC072FF-3B63-4303-B79B-0310AEF12A06} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {B0198930-8B77-425E-A3D8-02813293175B} - System32\Tasks\{6DE6F861-D61A-4898-A1F7-F5F5977CE52B} => pcalua.exe -a "C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe"
Task: {CD215E49-8A22-4859-B314-0ADE2361F394} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {E4308B7B-35CE-4AC6-BF98-E520B23BDE7E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-13] (Google Inc.)
Task: {F5CD557E-43B4-4EAE-810C-CC5D7E3C9FDC} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Carl Küschall\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-18] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-18 21:38 - 2016-08-18 21:38 - 01864384 _____ () C:\Users\Carl Küschall\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 01033728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-08-17 22:28 - 2016-08-17 22:28 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-17 22:10 - 2016-08-17 22:12 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-08-17 22:10 - 2016-08-17 22:12 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-08-17 22:10 - 2016-08-17 22:12 - 35290624 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2016-08-10 19:42 - 2016-08-03 01:41 - 02366280 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-10 19:42 - 2016-08-03 01:40 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2016-08-10 19:42 - 2016-08-03 01:04 - 31541952 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\PepperFlash\pepflashplayer.dll
2016-06-24 12:51 - 2016-06-24 12:51 - 00138752 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2016-07-21 16:46 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-07-21 16:46 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-07-21 16:46 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-07-21 16:46 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-07-21 16:46 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-08-18 21:38 - 2016-08-18 21:38 - 01383616 _____ () C:\Users\Carl Küschall\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-08-18 21:38 - 2016-08-18 21:38 - 00118976 _____ () C:\Users\Carl Küschall\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2016-07-13 17:35 - 2016-08-23 12:47 - 51330160 _____ () C:\Users\Carl Küschall\AppData\Roaming\Spotify\libcef.dll
2016-07-13 17:35 - 2016-08-23 12:47 - 01763952 _____ () C:\Users\Carl Küschall\AppData\Roaming\Spotify\libglesv2.dll
2016-07-13 17:35 - 2016-08-23 12:47 - 00088176 _____ () C:\Users\Carl Küschall\AppData\Roaming\Spotify\libegl.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\...\123simsen.com -> www.123simsen.com
Da befinden sich 7914 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-07-13 17:49 - 2016-08-12 16:44 - 00453264 ___RA C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15554 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1264686632-1428422705-2060577652-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{3EE290A5-CB1E-4618-BA17-714E876A78CA}D:\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) D:\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe
FirewallRules: [TCP Query User{36A63E54-45B1-44AF-B757-CDC3804052E6}D:\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) D:\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe
FirewallRules: [{A99695A5-2C3B-4BB4-86F4-57D9E50281DE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{56D31F46-475F-4DC8-8E50-FF60CC7AA196}] => (Allow) D:\Neuer Ordner\Assassin's Creed Syndicate\ACS.exe
FirewallRules: [{253C00E8-8BD0-46DF-B7F9-39B857EB0B3A}] => (Allow) D:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{93169CED-D066-49ED-AAB8-4BD0A78352F7}] => (Allow) D:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{4735BDFA-2564-4081-AE03-00A5C779D682}] => (Block) D:\gta 5\gta5.exe
FirewallRules: [{E84B65EC-0E33-488A-A614-AE382024CADE}] => (Block) D:\gta 5\gta5.exe
FirewallRules: [UDP Query User{18453C7B-3C95-4A01-BD33-A23690A640CA}D:\gta 5\gta5.exe] => (Allow) D:\gta 5\gta5.exe
FirewallRules: [TCP Query User{A9BB1CEE-ADB2-4FD6-A493-A378522CA676}D:\gta 5\gta5.exe] => (Allow) D:\gta 5\gta5.exe
FirewallRules: [{DA15DF21-C025-471A-992D-6CE0D6F5659A}] => (Allow) D:\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{F563B27A-52A7-4F22-931F-72A58616EA9C}] => (Allow) D:\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{49465D43-1A57-4D1B-9A39-C27DCC97E6A7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{61F84E79-D2B5-4B4C-A143-34FB6E144AF5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E5696C3F-6538-469E-8079-35982CB86BDE}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{EDB5841C-1815-450D-B6B0-18507C500F5E}] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{6171BF6C-D7C8-458C-8926-94E563379FA6}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{6F41B892-60A2-4D34-8D3A-2248430E09B8}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{2410F30D-E6B5-4E57-B7C5-D6689817FA0E}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{C1BA4A88-BFA7-4C91-8B79-F7BC518C3BAD}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{014D67DE-BE6C-4389-B18B-69F98803DBED}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{02FC0F94-9DF9-4D59-9B41-4FC141CDBE72}] => (Allow) D:\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{1AEB1139-90A7-4280-8514-4973FEB5FBBF}] => (Allow) D:\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{E8D3DC2C-157E-489B-A30B-0E905FF54B71}] => (Allow) D:\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{A020518D-FFA2-4B8D-863C-D1C19F3FD22F}] => (Allow) D:\Steam\steamapps\common\TheCulling\TheCulling_Launcher.exe
FirewallRules: [{DB714281-498C-46B1-83AE-1CB5988250AB}] => (Allow) D:\Steam\steamapps\common\TheCulling\TheCulling_Launcher.exe
FirewallRules: [{5145CF45-DD57-4361-9891-72877A057D41}] => (Allow) D:\Steam\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{06A12933-958A-4B4B-892C-231EA8DAF87D}] => (Allow) D:\Steam\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{79528024-194B-4F85-84CF-CCFB70F20FBA}] => (Allow) D:\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{B8B3EFEC-4C28-483E-B1A0-D5EFEF173B8F}] => (Allow) D:\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{E3ECD3DF-0CFE-46C8-AE46-FA431726EAA3}] => (Allow) D:\Steam\steamapps\common\Iron Snout\IronSnout.exe
FirewallRules: [{232D3718-85BC-4736-9E0F-95EE4913C88C}] => (Allow) D:\Steam\steamapps\common\Iron Snout\IronSnout.exe
FirewallRules: [{3F73066E-AAB5-41AB-90C3-E7F5CB87E237}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{9C139A78-D1AC-4346-B6C4-1FAD3A53FD5E}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{1B178AA6-B20E-41DF-A9EC-16C25DD4FE04}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{A23EA7AA-62BB-489F-85A0-BD5CD5FA7382}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{5D79CEF3-18C1-4BA2-B8A8-2FE3557B34C2}] => (Block) C:\users\carl küschall\appdata\roaming\spotify\spotify.exe
FirewallRules: [{381CA4C3-9457-400C-9E75-D07CBC9A3218}] => (Block) C:\users\carl küschall\appdata\roaming\spotify\spotify.exe
FirewallRules: [{F9ABA968-7B64-4F6F-9888-355C35EE4F1B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{6E309596-9910-4DA8-8868-0E50C82716B8}C:\users\carl küschall\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\carl küschall\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{808D0F58-75AF-4D87-B5F2-847014567647}C:\users\carl küschall\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\carl küschall\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E8A5061E-BCA9-4C3C-8ADD-EC31C843A5DD}] => (Allow) D:\Steam\steamapps\common\GunmanClive\GunmanClive.exe
FirewallRules: [{7FE405B6-2CD8-4D24-9C1B-BAA3597CBAB7}] => (Allow) D:\Steam\steamapps\common\GunmanClive\GunmanClive.exe
FirewallRules: [{6E688531-082E-49C9-9636-8C68FC3C188E}] => (Allow) D:\Steam\steamapps\common\Gunman Clive 2\gc2.exe
FirewallRules: [{BDC90EC7-B804-41D4-A2B5-A240A508F471}] => (Allow) D:\Steam\steamapps\common\Gunman Clive 2\gc2.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
21-08-2016 17:20:40 Geplanter Prüfpunkt
24-08-2016 21:35:56 Windows Modules Installer
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/25/2016 07:16:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: XBoxStat.exe, Version: 1.20.146.0, Zeitstempel: 0x4ac3f515
Name des fehlerhaften Moduls: XBoxStat.exe, Version: 1.20.146.0, Zeitstempel: 0x4ac3f515
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000002385e
ID des fehlerhaften Prozesses: 0xc7c
Startzeit der fehlerhaften Anwendung: 0xXBoxStat.exe0
Pfad der fehlerhaften Anwendung: XBoxStat.exe1
Pfad des fehlerhaften Moduls: XBoxStat.exe2
Berichtskennung: XBoxStat.exe3
Vollständiger Name des fehlerhaften Pakets: XBoxStat.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: XBoxStat.exe5
Error: (08/25/2016 06:21:28 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_74bc87d3d22d9abe.manifest.
Error: (08/25/2016 05:58:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Die Daten sind unzulässig.
.
Error: (08/25/2016 05:53:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Die Daten sind unzulässig.
.
Error: (08/25/2016 05:42:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Die Daten sind unzulässig.
.
Error: (08/25/2016 05:06:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm explorer.exe, Version 10.0.14393.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1898
Startzeit: 01d1fee2108d0bde
Beendigungszeit: 0
Anwendungspfad: C:\Windows\explorer.exe
Berichts-ID: 6ef8b4fa-6ad5-11e6-93b6-d8cb8ac531e2
Vollständiger Name des fehlerhaften Pakets:
Auf das fehlerhafte Paket bezogene Anwendungs-ID:
Error: (08/25/2016 05:05:29 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.
Details:
(HRESULT : 0x80040210) (0x80040210)
Error: (08/25/2016 05:05:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: XBoxStat.exe, Version: 1.20.146.0, Zeitstempel: 0x4ac3f515
Name des fehlerhaften Moduls: XBoxStat.exe, Version: 1.20.146.0, Zeitstempel: 0x4ac3f515
Ausnahmecode: 0x40000015
Fehleroffset: 0x000000000002385e
ID des fehlerhaften Prozesses: 0x930
Startzeit der fehlerhaften Anwendung: 0xXBoxStat.exe0
Pfad der fehlerhaften Anwendung: XBoxStat.exe1
Pfad des fehlerhaften Moduls: XBoxStat.exe2
Berichtskennung: XBoxStat.exe3
Vollständiger Name des fehlerhaften Pakets: XBoxStat.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: XBoxStat.exe5
Error: (08/25/2016 05:05:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Die Daten sind unzulässig.
.
Error: (08/25/2016 05:05:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Die Daten sind unzulässig.
.
Systemfehler:
=============
Error: (08/25/2016 07:16:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "CDPUserSvc_3e1a6" wurde mit folgendem Fehler beendet:
%%2147500037 = Unbekannter Fehler
Error: (08/25/2016 05:05:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "CDPUserSvc_764e97" wurde mit folgendem Fehler beendet:
%%2147500037 = Unbekannter Fehler
Error: (08/24/2016 10:05:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "CDPUserSvc_42596" wurde mit folgendem Fehler beendet:
%%2147500037 = Unbekannter Fehler
Error: (08/24/2016 06:44:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (08/24/2016 06:44:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (08/24/2016 06:43:26 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Intelligenter Hintergrundübertragungsdienst" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%2147500053 = Die Klasse wurde so konfiguriert, dass sie unter einer anderen Sicherheitskennung als der Aufrufer ausgeführt werden kann.
Error: (08/24/2016 06:43:26 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT-AUTORITÄT)
Description: Fehler beim Starten des BITS-Dienstes. Fehler: 2147500053.
Error: (08/24/2016 06:41:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "CDPUserSvc_3ad17" wurde mit folgendem Fehler beendet:
%%2147500037 = Unbekannter Fehler
Error: (08/24/2016 06:41:16 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 23.08.2016 um 21:00:24 unerwartet heruntergefahren.
Error: (08/23/2016 09:00:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "CDPUserSvc_3cd4f" wurde mit folgendem Fehler beendet:
%%2147500037 = Unbekannter Fehler
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 16%
Installierter physikalischer RAM: 16336.93 MB
Verfügbarer physikalischer RAM: 13628.81 MB
Summe virtueller Speicher: 19280.93 MB
Verfügbarer virtueller Speicher: 16272.54 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.35 GB) (Free:161.31 GB) NTFS
Drive d: (Gaming HDD) (Fixed) (Total:833.85 GB) (Free:518.78 GB) NTFS
Drive e: (Bilder Filme Dokumente) (Fixed) (Total:97.66 GB) (Free:97.5 GB) NTFS
Drive g: () (Removable) (Total:7.4 GB) (Free:3.94 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 35C1AB5D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 5E415D85)
Partition 1: (Not Active) - (Size=833.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 7.4 GB) (Disk ID: 6F20736B)
No partition Table on disk 2.
Disk 2 is a removable device.
==================== Ende von Addition.txt ============================
|
Lesestoff:
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.