Zurück   Trojaner-Board > Malware entfernen > Antiviren-, Firewall- und andere Schutzprogramme

Antiviren-, Firewall- und andere Schutzprogramme: Pc gibt Applaus

Windows 7 Sämtliche Fragen zur Bedienung von Firewalls, Anti-Viren Programmen, Anti Malware und Anti Trojaner Software sind hier richtig. Dies ist ein Diskussionsforum für Sicherheitslösungen für Windows Rechner. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen.

Antwort
Alt 10.03.2015, 12:27   #1
Gucky28
 
Pc gibt Applaus - Standard

Pc gibt Applaus



Hallo,

mein Name ist Andreas und bin neu hier habe gleich mal 3 Probleme mit gebracht denke das es ein Virus ist.

Ich habe mir einen neuen Pc gebaut soweit bin ich auch zufrieden.
aber nach dem er jetzt fertig ist und alles soweit läuft macht er komische dinge und mein Viren Programm hat nichts gefunden.

Also hier mal die dinge die er macht:
er gibt hin und wieder Applaus
er spricht oft das DVD Laufwerk an wo keine CD drin ist
und wenn er nach dem man ihn nicht mehr benutzt in den Schlaf Modus geht schaltet er sich ohne das jemand am Pc war ein und aus soll heißen rauf und runterfahren dabei macht er keine Updates.

übrigens habe ich win8.1 64bit drauf.

für eure Hilfe wäre ich echt dankbar.

hoffe habe hier an der richtigen stelle geschrieben.

Gruß Andreas

Alt 10.03.2015, 12:29   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Pc gibt Applaus - Standard

Pc gibt Applaus



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!




Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 10.03.2015, 12:42   #3
Gucky28
 
Pc gibt Applaus - Standard

Pc gibt Applaus



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-03-2015 01
Ran by Andreas (administrator) on ENGEL-PC on 10-03-2015 12:36:46
Running from C:\Users\Andreas\AppData\Local\Microsoft\Windows\INetCache\IE\VE7K6965
Loaded Profiles: Andreas (Available profiles: Andreas)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASPFSVS64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [547984 2012-08-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [RunDAOD] => C:\WINDOWS\DAOD.exe [49152 2009-03-02] ()
HKU\S-1-5-21-4198911014-4155679233-859511686-1001\...\Run: [Google Update] => C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2015-03-07] (Google Inc.)
HKU\S-1-5-21-4198911014-4155679233-859511686-1001\...\Run: [GoogleChromeAutoLaunch_46A172103AF55F16E10754CCD32BD34E] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288 2015-02-28] (Google Inc.)
HKU\S-1-5-21-4198911014-4155679233-859511686-1001\...\MountPoints2: {53b951ed-c651-11e4-be6e-806e6f6e6963} - "D:\Bin\ASSETUP.exe" 
Startup: C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files\Logitech\Logitech WebCam Software\eReg.exe (Leader Technologies/Logitech)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4198911014-4155679233-859511686-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-4198911014-4155679233-859511686-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-4198911014-4155679233-859511686-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://de-de.facebook.com/
https://www.ksk-koeln.de/
hxxp://www.unserententeich.de/index.php?sid=19bcd4e5abc6b416ed53597e0da98bc4
hxxp://www.android-hilfe.de/login.php?do=login
hxxp://fritz.box/
hxxp://192.168.178.21/
hxxp://192.168.178.22/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_secureddownload_15_10&cd=2XzuyEtN2Y1L1QzutAzztB0CyE0A0ByDtAzyzztByEyDyE0CtN0D0Tzu0StCtCyCtCtN1L2XzutAtFzztFtAtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0B0F0ByDzzyEtCtG0E0E0FyEtG0F0E0CyBtG0AtAtAtCtGtC0EzzzzyEyDyC0FtD0F0E0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtA0AyCzzyEtBtCtGtA0AzzzytGyE0C0EyCtG0A0C0EyCtGyC0E0EtC0BtA0C0BtAtAyD0B2QtN1B2Z1V1T1S1NzuyDyByD&cr=927284105&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_secureddownload_15_10&cd=2XzuyEtN2Y1L1QzutAzztB0CyE0A0ByDtAzyzztByEyDyE0CtN0D0Tzu0StCtCyCtCtN1L2XzutAtFzztFtAtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0B0F0ByDzzyEtCtG0E0E0FyEtG0F0E0CyBtG0AtAtAtCtGtC0EzzzzyEyDyC0FtD0F0E0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtA0AyCzzyEtBtCtGtA0AzzzytGyE0C0EyCtG0A0C0EyCtGyC0E0EtC0BtA0C0BtAtAyD0B2QtN1B2Z1V1T1S1NzuyDyByD&cr=927284105&ir=
SearchScopes: HKU\S-1-5-21-4198911014-4155679233-859511686-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_secureddownload_15_10&cd=2XzuyEtN2Y1L1QzutAzztB0CyE0A0ByDtAzyzztByEyDyE0CtN0D0Tzu0StCtCyCtCtN1L2XzutAtFzztFtAtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0B0F0ByDzzyEtCtG0E0E0FyEtG0F0E0CyBtG0AtAtAtCtGtC0EzzzzyEyDyC0FtD0F0E0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtA0AyCzzyEtBtCtGtA0AzzzytGyE0C0EyCtG0A0C0EyCtGyC0E0EtC0BtA0C0BtAtAyD0B2QtN1B2Z1V1T1S1NzuyDyByD&cr=927284105&ir=
SearchScopes: HKU\S-1-5-21-4198911014-4155679233-859511686-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_secureddownload_15_10&cd=2XzuyEtN2Y1L1QzutAzztB0CyE0A0ByDtAzyzztByEyDyE0CtN0D0Tzu0StCtCyCtCtN1L2XzutAtFzztFtAtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0B0F0ByDzzyEtCtG0E0E0FyEtG0F0E0CyBtG0AtAtAtCtGtC0EzzzzyEyDyC0FtD0F0E0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDtA0AyCzzyEtBtCtGtA0AzzzytGyE0C0EyCtG0A0C0EyCtGyC0E0EtC0BtA0C0BtAtAyD0B2QtN1B2Z1V1T1S1NzuyDyByD&cr=927284105&ir=
SearchScopes: HKU\S-1-5-21-4198911014-4155679233-859511686-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={21DDB5C9-37CD-4D3A-9B21-7AE70706DF71}&mid=d6873f4afaf647cda1f5e9650c51d071-1018167c7a2b5cec5525f3fb7b70c6437e1c3bb3&lang=de&ds=AVG&coid=avgtbavg&cmpid=0215pit&pr=fr&d=2015-03-07 19:50:12&v=4.1.0.411&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-01-21] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll [2013-10-06] (Symantec Corporation)
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} ->  No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-01-21] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll [2013-10-06] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\IPS\IPSBHO.DLL [2013-09-29] (Symantec Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.1.0.18\coIEPlg.dll [2013-10-06] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\coIEPlg.dll [2013-10-06] (Symantec Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-01-21] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-07] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-04-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4198911014-4155679233-859511686-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-07] (Google Inc.)
FF Plugin HKU\S-1-5-21-4198911014-4155679233-859511686-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-07] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-01-21] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2015-03-10]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2015-03-10]

Chrome: 
=======
CHR HomePage: Default -> hxxp://isearch.omiga-plus.com/?type=hp&ts=1419620893&from=ild&uid=MaxtorX6L160P0_L403QCSH
CHR StartupUrls: Default -> "https://www.google.de/", "hxxp://de-de.facebook.com/", "hxxp://www.xn--ksk-kln-e1a.de/", "hxxp://fritz.box/", "hxxp://192.168.178.21/", "hxxp://192.168.178.22/", "hxxp://www.unserententeich.de/index.php", "hxxp://istart.webssearches.com/?type=hp&ts=1423922829&from=cvs2&uid=ST3000DM001-1CH166_W1F2GM7VXXXXW1F2GM7V", "hxxp://www.google.com"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-07]
CHR Extension: (Google Cast) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-03-07]
CHR Extension: (Google Search) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-07]
CHR Extension: (1Password) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdmbinomkfhmgknkoicejolfdfjeajmk [2015-03-07]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-07]
CHR Extension: (Skype Click to Call) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-03-10]
CHR Extension: (Google Wallet) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-07]
CHR Extension: (Gmail) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-07]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\Exts\Chrome.crx [2015-03-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-11-01] (Advanced Micro Devices, Inc.) [File not signed]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-14] ()
R2 ASDiskUnlocker; C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASPFSVS64.exe [262816 2012-06-18] (ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2013-07-29] (ASUSTeK Computer Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe [275696 2013-10-08] (Symantec Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R3 ASFLTDrv.sys; C:\Program Files (x86)\ASUSTek Computer Inc\Disk Unlocker\ASFLTDrv64.sys [16512 2010-09-16] (ASUSTeK Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-04-06] ()
S3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )
R3 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20131002.001\BHDrvx64.sys [1525848 2013-09-26] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R3 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20130930.001\IDSVia64.sys [520280 2013-09-24] (Symantec Corporation)
R3 LVPr2M64; C:\Windows\system32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20131004.035\ENG64.SYS [126040 2013-10-04] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20131004.035\EX64.SYS [2099288 2013-10-04] (Symantec Corporation)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSP64.SYS [858200 2013-09-27] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1501000.012\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1501000.012\SYMEFA64.SYS [1147480 2013-09-27] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1501000.012\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2015-03-10] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R3 SymNetS; C:\Windows\system32\drivers\NISx64\1501000.012\SYMNETS.SYS [590936 2013-09-26] (Symantec Corporation)
R1 VDiskBus; C:\Windows\System32\drivers\VDiskBus64.sys [42656 2012-06-01] (ASUSTeK Computer Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-10 12:35 - 2015-03-10 12:36 - 00000000 ____D () C:\FRST
2015-03-10 12:33 - 2015-03-10 12:33 - 02095104 _____ (Farbar) C:\Users\Andreas\Desktop\FRST64.exe
2015-03-10 12:19 - 2015-03-10 12:19 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2015-03-10 12:17 - 2015-03-10 12:17 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2015-03-10 12:17 - 2015-03-10 12:17 - 00008222 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2015-03-10 12:17 - 2015-03-10 12:17 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2015-03-10 12:17 - 2015-03-10 12:17 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2015-03-10 12:16 - 2015-03-10 12:16 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2015-03-10 12:15 - 2015-03-10 12:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2015-03-10 12:15 - 2015-03-10 12:16 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security
2015-03-10 12:15 - 2015-03-10 12:15 - 00000000 ____D () C:\ProgramData\PCSettings
2015-03-10 12:13 - 2015-03-03 14:17 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-03-10 11:58 - 2015-03-10 11:58 - 00125763 _____ () C:\Users\Andreas\AppData\Local\census.cache
2015-03-10 11:57 - 2015-03-10 11:57 - 00075596 _____ () C:\Users\Andreas\AppData\Local\ars.cache
2015-03-10 11:42 - 2015-03-10 11:42 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2015-03-10 11:31 - 2012-06-05 08:37 - 00256904 _____ (Trend Micro Inc.) C:\WINDOWS\SysWOW64\Drivers\tmcomm.sys
2015-03-10 04:13 - 2015-03-10 04:13 - 00496832 _____ () C:\WINDOWS\Minidump\031015-29234-01.dmp
2015-03-10 02:31 - 2015-03-10 02:31 - 00496336 _____ () C:\WINDOWS\Minidump\031015-32671-01.dmp
2015-03-10 01:22 - 2015-03-10 04:13 - 309120940 _____ () C:\WINDOWS\MEMORY.DMP
2015-03-10 01:22 - 2015-03-10 04:13 - 00000000 ____D () C:\WINDOWS\Minidump
2015-03-10 01:22 - 2015-03-10 01:22 - 00496368 _____ () C:\WINDOWS\Minidump\031015-32875-01.dmp
2015-03-09 23:33 - 2015-03-09 23:33 - 00000000 ____D () C:\Users\Andreas\Tracing
2015-03-09 23:32 - 2015-03-10 11:06 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\Skype
2015-03-09 23:32 - 2015-03-09 23:32 - 00002715 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-03-09 23:32 - 2015-03-09 23:32 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-09 23:32 - 2015-03-09 23:32 - 00000000 ____D () C:\Users\Andreas\AppData\Local\Skype
2015-03-09 23:32 - 2015-03-09 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-09 23:31 - 2015-03-09 23:32 - 00000000 ____D () C:\ProgramData\Skype
2015-03-09 23:25 - 2015-03-09 23:25 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-03-09 23:16 - 2015-03-09 23:16 - 00000000 ____D () C:\Users\Andreas\Desktop\lollipop
2015-03-09 22:49 - 2015-03-09 22:49 - 00003846 _____ () C:\WINDOWS\System32\Tasks\Google Update
2015-03-09 22:49 - 2015-03-09 22:49 - 00003694 _____ () C:\WINDOWS\System32\Tasks\Adobe Reader and Acrobat Manager
2015-03-09 22:42 - 2015-03-09 22:42 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\AVG
2015-03-09 22:41 - 2015-03-09 22:41 - 00000000 ____D () C:\Users\Andreas\AppData\Local\Avg
2015-03-09 22:40 - 2015-03-09 22:43 - 00000000 ____D () C:\ProgramData\AVG
2015-03-09 22:14 - 2015-03-09 22:19 - 00000000 ____D () C:\Users\Andreas\Desktop\Camera
2015-03-09 22:12 - 2015-03-09 22:12 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2015-03-09 22:09 - 2015-03-09 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2015-03-09 22:07 - 2015-03-09 22:07 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-03-09 22:03 - 2015-03-09 22:03 - 00000000 ____D () C:\ProgramData\Samsung
2015-03-09 05:22 - 2015-03-09 05:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2015-03-09 05:16 - 2015-03-09 05:16 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2015-03-09 05:16 - 2015-03-09 05:16 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2015-03-09 05:08 - 2015-03-09 05:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-08 21:20 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-03-08 21:20 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-03-08 21:20 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-03-08 21:19 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-03-08 21:19 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-03-08 21:19 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-03-08 21:19 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-03-08 21:16 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-03-08 21:16 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-03-08 21:16 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-03-08 21:16 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-03-08 21:13 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-03-08 21:13 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-03-08 21:05 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-03-08 21:05 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-03-08 21:04 - 2015-02-04 00:38 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-03-08 21:04 - 2015-02-04 00:08 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-03-08 21:04 - 2015-02-04 00:08 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-03-08 21:04 - 2015-02-03 00:11 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-03-08 21:04 - 2015-02-03 00:11 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-03-08 21:04 - 2015-02-03 00:11 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-03-08 21:04 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-03-08 21:04 - 2014-12-03 00:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-03-08 16:50 - 2015-03-08 16:51 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\Nero
2015-03-08 16:49 - 2015-03-08 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-03-08 16:49 - 2015-03-08 16:49 - 00002742 _____ () C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
2015-03-08 16:49 - 2015-03-08 16:49 - 00000000 ____D () C:\ProgramData\Nero
2015-03-08 16:49 - 2015-03-08 16:49 - 00000000 ____D () C:\Program Files (x86)\Nero
2015-03-08 12:35 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2015-03-08 12:35 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2015-03-08 12:35 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2015-03-08 12:35 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2015-03-08 12:35 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2015-03-08 12:25 - 2015-03-08 12:25 - 00000000 ____D () C:\Users\Andreas\Desktop\VA-Bravo_Hits_Vol.88-2CD-2015-VOiCE
2015-03-08 12:18 - 2015-03-08 12:18 - 00000000 ____D () C:\Users\Andreas\Desktop\Kelly_Clarkson_-_Piece_By_Piece-2015-MOD
2015-03-08 12:17 - 2015-03-08 12:17 - 00000000 ____D () C:\Users\Andreas\Desktop\VA-Fifty_Shades_Of_Grey-OST-(Deluxe_Edition)-2015-C4
2015-03-07 20:46 - 2015-03-07 20:46 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-03-07 20:46 - 2015-03-07 20:46 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-03-07 20:46 - 2015-03-07 20:46 - 00000000 ____D () C:\Program Files\MSBuild
2015-03-07 20:46 - 2015-03-07 20:46 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-03-07 20:46 - 2015-03-07 20:46 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-03-07 20:44 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-03-07 20:44 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-03-07 20:44 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-03-07 20:44 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-03-07 20:42 - 2015-03-10 11:52 - 00001146 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4198911014-4155679233-859511686-1001UA.job
2015-03-07 20:42 - 2015-03-08 20:52 - 00001094 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4198911014-4155679233-859511686-1001Core.job
2015-03-07 20:42 - 2015-03-07 20:47 - 00004096 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4198911014-4155679233-859511686-1001UA
2015-03-07 20:42 - 2015-03-07 20:47 - 00003716 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4198911014-4155679233-859511686-1001Core
2015-03-07 20:42 - 2015-03-07 20:42 - 00001262 _____ () C:\Users\Andreas\Desktop\Chromecast.lnk
2015-03-07 20:42 - 2015-03-07 20:42 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2015-03-07 20:28 - 2015-03-07 20:28 - 00003610 _____ () C:\WINDOWS\System32\Tasks\HPCustParticipation HP Officejet 6600
2015-03-07 20:28 - 2015-03-07 20:28 - 00000984 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2015-03-07 20:28 - 2015-03-07 20:28 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\HpUpdate
2015-03-07 20:27 - 2015-03-07 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-03-07 20:27 - 2015-03-07 20:27 - 00002172 _____ () C:\Users\Public\Desktop\HP Officejet 6600.lnk
2015-03-07 20:27 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPM5D12.dll
2015-03-07 20:25 - 2015-03-07 20:28 - 00000000 ____D () C:\Program Files (x86)\HP
2015-03-07 20:25 - 2015-03-07 20:25 - 00000057 _____ () C:\ProgramData\Ament.ini
2015-03-07 20:25 - 2015-03-07 20:25 - 00000000 ____D () C:\Program Files\HP
2015-03-07 20:24 - 2015-03-07 20:28 - 00000000 ____D () C:\Users\Andreas\AppData\Local\HP
2015-03-07 20:24 - 2015-03-07 20:24 - 00000000 ____D () C:\Users\Andreas\Desktop\HoWa15DIUZ320DE
2015-03-07 19:58 - 2015-03-07 19:58 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\Leadertech
2015-03-07 19:58 - 2015-03-07 19:58 - 00000000 ____D () C:\Users\Andreas\AppData\Local\LogiShrd
2015-03-07 19:57 - 2015-03-10 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-03-07 19:57 - 2015-03-07 19:57 - 00000000 ____D () C:\ProgramData\LogiShrd
2015-03-07 19:57 - 2015-03-07 19:57 - 00000000 ____D () C:\Program Files\Logitech
2015-03-07 19:57 - 2009-05-01 00:02 - 00764952 _____ (Logitech Inc.) C:\WINDOWS\system32\LVUI64.dll
2015-03-07 19:57 - 2009-05-01 00:02 - 00559640 _____ (Logitech Inc.) C:\WINDOWS\system32\LVUIRC64.dll
2015-03-07 19:57 - 2009-05-01 00:02 - 00539160 _____ (Logitech Inc.) C:\WINDOWS\SysWOW64\LVUI2RC.dll
2015-03-07 19:57 - 2009-05-01 00:02 - 00539160 _____ (Logitech Inc.) C:\WINDOWS\SysWOW64\LVUI2.dll
2015-03-07 19:57 - 2009-05-01 00:01 - 00327576 _____ (Logitech Inc.) C:\WINDOWS\system32\Drivers\lvrs64.sys
2015-03-07 19:57 - 2009-04-30 23:57 - 00416280 _____ (Logitech Inc.) C:\WINDOWS\SysWOW64\lvcodec2.dll
2015-03-07 19:57 - 2009-04-30 23:57 - 00398360 _____ (Logitech Inc.) C:\WINDOWS\system32\lvcod64.dll
2015-03-07 19:57 - 2009-04-30 23:57 - 00266776 _____ (Logitech Inc.) C:\WINDOWS\system32\lvco1201278.dll
2015-03-07 19:57 - 2009-04-30 23:55 - 02755096 _____ (Logitech Inc.) C:\WINDOWS\system32\Drivers\LV302V64.SYS
2015-03-07 19:57 - 2009-04-30 23:55 - 00015896 _____ (Logitech Inc.) C:\WINDOWS\system32\Drivers\lv302a64.sys
2015-03-07 19:57 - 2009-04-30 23:39 - 00082289 _____ () C:\WINDOWS\system32\lvcoin64.ini
2015-03-07 19:57 - 2009-04-30 23:39 - 00034068 _____ () C:\WINDOWS\system32\Repository.reg
2015-03-07 19:53 - 2015-03-09 05:38 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-03-07 19:53 - 2015-03-07 19:53 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-03-07 19:53 - 2015-03-07 19:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-03-07 19:52 - 2015-03-07 19:53 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2015-03-07 19:50 - 2015-03-09 23:48 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2015-03-07 19:49 - 2015-03-09 22:58 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2015-03-07 19:49 - 2015-03-07 19:52 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-03-07 19:49 - 2015-03-07 19:49 - 00000000 __RHD () C:\MSOCache
2015-03-07 19:49 - 2015-03-07 19:49 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2015-03-07 19:49 - 2015-03-07 19:49 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2015-03-07 19:40 - 2015-03-07 19:40 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-03-07 19:31 - 2015-03-10 11:02 - 00000000 ____D () C:\Program Files\KMSnano
2015-03-07 19:31 - 2015-03-07 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSnano
2015-03-07 19:31 - 2015-03-07 19:31 - 00003494 _____ () C:\WINDOWS\System32\Tasks\Trigger KMS Activation
2015-03-07 19:25 - 2015-03-07 19:25 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\Logitech
2015-03-07 19:25 - 2015-03-07 19:25 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\Logishrd
2015-03-07 19:18 - 2015-03-09 05:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-07 19:18 - 2015-03-07 19:18 - 00000000 ____D () C:\Users\Andreas\AppData\Local\Microsoft Help
2015-03-07 19:13 - 2015-03-07 19:13 - 00000400 _____ () C:\WINDOWS\ODBC.INI
2015-03-07 19:09 - 2015-03-07 19:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-03-07 19:09 - 2015-03-07 19:09 - 00001091 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk
2015-03-07 19:09 - 2015-03-07 19:09 - 00001071 _____ () C:\Users\Public\Desktop\PDF24 Fax.lnk
2015-03-07 19:09 - 2015-03-07 19:09 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2015-03-07 19:09 - 2015-03-07 19:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-03-07 19:08 - 2015-03-07 19:09 - 00000000 ____D () C:\Program Files (x86)\PDF24
2015-03-07 19:07 - 2015-03-07 19:07 - 16342352 _____ (Geek Software GmbH ) C:\Users\Andreas\Desktop\pdf24-creator-6.9.2.exe
2015-03-07 18:57 - 2015-03-07 18:57 - 00000000 ____D () C:\Users\Andreas\Desktop\Zeugnise in PDF
2015-03-07 18:57 - 2015-03-07 18:57 - 00000000 ____D () C:\Users\Andreas\Desktop\Verschickte Bewerbungen
2015-03-07 18:34 - 2015-03-07 18:35 - 00002141 _____ () C:\Users\Andreas\Desktop\Private-Cloud.lnk
2015-03-07 18:31 - 2015-03-08 17:13 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-07 18:31 - 2015-03-08 17:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-03-07 18:31 - 2015-03-07 18:51 - 00000000 ____D () C:\Program Files\WinRAR
2015-03-07 18:31 - 2015-03-07 18:31 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\WinRAR
2015-03-07 18:08 - 2015-03-10 11:21 - 00003938 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{890EEEF5-7037-4878-A483-2D5820B36396}
2015-03-07 18:08 - 2015-03-07 18:08 - 00000000 __SHD () C:\Users\Andreas\AppData\Local\EmieUserList
2015-03-07 18:08 - 2015-03-07 18:08 - 00000000 __SHD () C:\Users\Andreas\AppData\Local\EmieSiteList
2015-03-07 18:08 - 2015-03-07 18:08 - 00000000 __SHD () C:\Users\Andreas\AppData\Local\EmieBrowserModeList
2015-03-07 18:07 - 2015-03-07 18:07 - 00000000 ____D () C:\ProgramData\ATI
2015-03-07 18:04 - 2015-03-10 12:03 - 00000000 ____D () C:\Users\Andreas\OneDrive
2015-03-07 18:04 - 2015-03-07 18:04 - 00060817 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201503071804323038.log
2015-03-07 18:04 - 2015-03-07 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-03-07 17:59 - 2015-03-07 17:59 - 00065722 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201503071759066468.log
2015-03-07 17:58 - 2015-03-07 17:58 - 00001450 _____ () C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-07 17:57 - 2015-03-07 17:57 - 00000020 ___SH () C:\Users\Andreas\ntuser.ini
2015-03-07 17:55 - 2015-03-10 12:31 - 01294811 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-07 17:55 - 2015-03-07 17:55 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-03-07 17:55 - 2015-03-07 17:55 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-03-07 17:55 - 2015-03-07 17:55 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-03-07 17:55 - 2015-03-07 17:55 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-03-07 17:55 - 2015-03-07 17:55 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-03-07 17:55 - 2015-03-07 17:55 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-03-07 17:55 - 2015-03-07 17:55 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-03-07 17:55 - 2015-03-07 17:55 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-03-07 17:55 - 2015-03-07 17:55 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-03-07 17:55 - 2015-03-07 17:55 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-03-07 17:55 - 2015-03-07 17:55 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-03-07 17:55 - 2015-03-07 17:55 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-03-07 17:55 - 2015-03-07 17:55 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-03-07 17:55 - 2015-03-07 17:55 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-03-07 17:55 - 2015-03-07 17:55 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-03-07 17:55 - 2015-03-07 17:55 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-03-07 17:55 - 2015-03-07 17:55 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-03-07 17:54 - 2015-03-07 17:54 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-03-07 17:50 - 2015-03-07 17:50 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2015-03-07 17:50 - 2015-03-07 17:50 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2015-03-07 17:46 - 2015-03-07 17:46 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-07 17:42 - 2015-03-07 17:42 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-03-07 17:41 - 2015-03-10 01:27 - 00000000 ____D () C:\Users\Andreas
2015-03-07 17:41 - 2015-03-07 17:54 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2015-03-07 17:41 - 2015-03-07 17:54 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2015-03-07 17:41 - 2015-03-07 17:41 - 00000000 _SHDL () C:\Users\Andreas\Vorlagen
2015-03-07 17:41 - 2015-03-07 17:41 - 00000000 _SHDL () C:\Users\Andreas\Startmenü
2015-03-07 17:41 - 2015-03-07 17:41 - 00000000 _SHDL () C:\Users\Andreas\Netzwerkumgebung
2015-03-07 17:41 - 2015-03-07 17:41 - 00000000 _SHDL () C:\Users\Andreas\Lokale Einstellungen
2015-03-07 17:41 - 2015-03-07 17:41 - 00000000 _SHDL () C:\Users\Andreas\Eigene Dateien
2015-03-07 17:41 - 2015-03-07 17:41 - 00000000 _SHDL () C:\Users\Andreas\Druckumgebung
2015-03-07 17:41 - 2015-03-07 17:41 - 00000000 _SHDL () C:\Users\Andreas\Documents\Eigene Musik
2015-03-07 17:41 - 2015-03-07 17:41 - 00000000 _SHDL () C:\Users\Andreas\Documents\Eigene Bilder
2015-03-07 17:41 - 2015-03-07 17:41 - 00000000 _SHDL () C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-03-07 17:41 - 2015-03-07 17:41 - 00000000 _SHDL () C:\Users\Andreas\AppData\Local\Verlauf
2015-03-07 17:41 - 2015-03-07 17:41 - 00000000 _SHDL () C:\Users\Andreas\AppData\Local\Anwendungsdaten
2015-03-07 17:41 - 2015-03-07 17:41 - 00000000 _SHDL () C:\Users\Andreas\Anwendungsdaten
2015-03-07 17:41 - 2015-03-07 17:41 - 00000000 ___RD () C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-07 17:41 - 2014-11-21 12:08 - 00000000 ___RD () C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-07 17:41 - 2014-11-21 12:08 - 00000000 ___RD () C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-07 17:41 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-03-07 17:41 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-03-07 17:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-07 17:36 - 2015-03-10 12:11 - 00083151 _____ () C:\WINDOWS\system32\lvcoinst.log
2015-03-07 17:36 - 2015-03-07 20:25 - 00000000 ____D () C:\ProgramData\HP
2015-03-07 17:36 - 2015-03-07 19:57 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2015-03-07 17:36 - 2015-03-07 17:36 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-03-07 17:36 - 2015-03-07 17:36 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
2015-03-07 17:36 - 2015-03-07 17:36 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-07 17:36 - 2015-03-07 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-03-07 17:36 - 2015-03-07 17:36 - 00000000 ____D () C:\Program Files\Realtek
2015-03-07 17:36 - 2015-03-07 17:36 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-03-07 17:36 - 2015-03-07 17:36 - 00000000 ____D () C:\Program Files\AMD
2015-03-07 17:36 - 2015-03-07 17:36 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2015-03-07 17:34 - 2015-03-09 00:00 - 00000000 ___DC () C:\WINDOWS\Panther
2015-03-07 17:33 - 2015-03-07 17:33 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-03-07 17:33 - 2015-03-07 17:33 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-03-07 17:33 - 2015-03-07 17:33 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-03-07 17:33 - 2015-03-07 17:33 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-03-07 17:33 - 2015-03-07 17:33 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-03-07 17:33 - 2015-03-07 17:33 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-03-07 17:33 - 2015-03-07 17:33 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-03-07 17:33 - 2015-03-07 17:33 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-03-07 17:33 - 2015-03-07 17:33 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-03-07 17:32 - 2015-03-07 17:32 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-03-07 17:32 - 2015-03-07 17:32 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-03-07 17:32 - 2015-03-07 17:32 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-03-07 17:32 - 2015-03-07 17:32 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-03-07 17:32 - 2015-03-07 17:32 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-03-07 17:32 - 2015-03-07 17:32 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-03-07 17:32 - 2015-03-07 17:32 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-03-07 17:32 - 2015-03-07 17:32 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-03-07 17:32 - 2015-03-07 17:32 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-03-07 17:32 - 2015-03-07 17:32 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-03-07 17:32 - 2015-03-07 17:32 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-03-07 17:32 - 2015-03-07 17:32 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-03-07 17:32 - 2015-03-07 17:32 - 00563504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-03-07 17:32 - 2015-03-07 17:32 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-03-07 17:32 - 2015-03-07 17:32 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-03-07 17:32 - 2015-03-07 17:32 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-03-07 17:32 - 2015-03-07 17:32 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-03-07 17:32 - 2015-03-07 17:32 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-03-07 17:32 - 2015-03-07 17:32 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-03-07 17:32 - 2015-03-07 17:32 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-03-07 17:32 - 2015-03-07 17:32 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-03-07 17:32 - 2015-03-07 17:32 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-03-07 17:32 - 2015-03-07 17:32 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-03-07 17:32 - 2015-03-07 17:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-03-07 17:32 - 2015-03-07 17:32 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-03-07 17:32 - 2015-03-07 17:32 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-03-07 17:32 - 2015-03-07 17:32 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-03-07 17:32 - 2015-03-07 17:32 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 25056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 19740160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 14401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 12829184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-03-07 17:31 - 2015-03-07 17:31 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-03-07 17:31 - 2015-03-07 17:31 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-03-07 17:31 - 2015-03-07 17:31 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-03-07 17:31 - 2015-03-07 17:31 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00391526 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-03-07 17:31 - 2015-03-07 17:31 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-03-07 17:31 - 2015-03-07 17:31 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-03-07 17:31 - 2015-03-07 17:31 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-03-07 17:30 - 2015-03-07 17:30 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-03-07 17:30 - 2015-03-07 17:30 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-03-07 17:30 - 2015-03-07 17:30 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-03-07 17:30 - 2015-03-07 17:30 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-03-07 17:30 - 2015-03-07 17:30 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-03-07 17:30 - 2015-03-07 17:30 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-03-07 17:30 - 2015-03-07 17:30 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-03-07 17:30 - 2015-03-07 17:30 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-03-07 17:30 - 2015-03-07 17:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-03-07 17:30 - 2015-03-07 17:30 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-03-07 17:30 - 2015-03-07 17:30 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-03-07 17:30 - 2015-03-07 17:30 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-03-07 17:30 - 2015-03-07 17:30 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-03-07 17:30 - 2015-03-07 17:30 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-03-07 17:30 - 2015-03-07 17:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-03-07 17:23 - 2015-03-07 17:45 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-03-07 16:32 - 2015-03-07 17:54 - 00006611 _____ () C:\WINDOWS\comsetup.log
2015-03-07 16:30 - 2015-03-10 12:01 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-03-07 16:30 - 2015-03-07 16:30 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\TuneUp Software
2015-03-07 16:28 - 2015-03-10 12:01 - 00000000 ____D () C:\ProgramData\MFAData
2015-03-07 16:28 - 2015-03-07 16:28 - 00000000 ____D () C:\Users\Andreas\AppData\Local\MFAData
2015-03-07 16:19 - 2015-01-29 09:30 - 00593408 ____N (Microsoft Corporation) C:\WINDOWS\system32\AutoUpdate.exe
2015-03-07 16:19 - 2015-01-29 09:30 - 00011056 ____N () C:\WINDOWS\system32\AutoconfigV2.cab
2015-03-07 16:12 - 2015-03-07 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-03-07 16:12 - 2015-03-07 16:12 - 00000000 ____D () C:\Program Files (x86)\ASUSTek Computer Inc
2015-03-07 16:11 - 2015-03-07 16:11 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-03-07 16:11 - 2015-03-07 16:11 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-07 16:11 - 2015-03-07 16:11 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-07 16:11 - 2012-03-22 16:10 - 00014848 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\Drivers\AiCharger.sys
2015-03-07 16:05 - 2015-03-07 16:05 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\ATI
2015-03-07 16:05 - 2015-03-07 16:05 - 00000000 ____D () C:\Users\Andreas\AppData\Local\ATI
2015-03-07 16:05 - 2015-03-07 16:05 - 00000000 ____D () C:\Users\Andreas\AppData\Local\AMD
2015-03-07 16:04 - 2013-12-18 12:35 - 00839896 _____ (Realtek ) C:\WINDOWS\system32\Drivers\Rt630x64.sys
2015-03-07 16:04 - 2013-12-18 12:35 - 00073800 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2015-03-07 16:03 - 2015-03-07 16:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-07 16:03 - 2015-03-07 16:04 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-03-07 16:03 - 2015-03-07 16:04 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-03-07 16:03 - 2013-10-22 21:38 - 03692632 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-03-07 16:03 - 2013-10-22 18:40 - 00673037 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-03-07 16:03 - 2013-10-22 18:11 - 00151256 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-03-07 16:03 - 2013-10-22 10:42 - 37850112 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2015-03-07 16:03 - 2013-10-21 11:46 - 02587352 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkAPO64.dll
2015-03-07 16:03 - 2013-10-18 17:41 - 01286360 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2015-03-07 16:03 - 2013-10-16 04:43 - 00209096 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2015-03-07 16:03 - 2013-10-11 13:47 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2015-03-07 16:03 - 2013-10-11 12:31 - 00947760 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2015-03-07 16:03 - 2013-10-07 12:05 - 02810072 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2015-03-07 16:03 - 2013-10-07 01:26 - 00501184 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2015-03-07 16:03 - 2013-10-07 01:26 - 00487360 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2015-03-07 16:03 - 2013-10-07 01:26 - 00415680 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2015-03-07 16:03 - 2013-10-02 18:10 - 00617176 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2015-03-07 16:03 - 2013-10-02 10:43 - 00754488 _____ (ASUSTeKcomputer.Inc Inc) C:\WINDOWS\system32\RTKSMSettingsIPC.dll
2015-03-07 16:03 - 2013-10-02 10:39 - 05538072 _____ (ASUSTeKcomputer.Inc Inc) C:\WINDOWS\system32\RTKSMlfx.dll
2015-03-07 16:03 - 2013-09-26 17:11 - 01021656 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2015-03-07 16:03 - 2013-09-13 19:44 - 02080472 ____R (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2015-03-07 16:03 - 2013-09-10 05:02 - 06217904 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2015-03-07 16:03 - 2013-09-10 05:02 - 00313520 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2015-03-07 16:03 - 2013-09-10 05:01 - 01938608 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2015-03-07 16:03 - 2013-09-10 05:01 - 00260272 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2015-03-07 16:03 - 2013-09-09 16:32 - 05681192 _____ () C:\WINDOWS\system32\Drivers\rtvienna.dat
2015-03-07 16:03 - 2013-08-24 04:14 - 01014016 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2015-03-07 16:03 - 2013-08-24 04:14 - 00897792 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2015-03-07 16:03 - 2013-08-24 04:14 - 00722688 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2015-03-07 16:03 - 2013-08-24 04:14 - 00244480 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2015-03-07 16:03 - 2013-08-20 18:37 - 00605496 _____ () C:\WINDOWS\system32\audioLibVc.dll
2015-03-07 16:03 - 2013-08-14 17:36 - 01325312 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2015-03-07 16:03 - 2013-08-14 17:36 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2015-03-07 16:03 - 2013-08-14 17:35 - 01084160 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2015-03-07 16:03 - 2013-08-14 17:35 - 00907008 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2015-03-07 16:03 - 2013-08-14 17:35 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2015-03-07 16:03 - 2013-08-07 18:34 - 00765184 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2015-03-07 16:03 - 2013-08-05 19:11 - 02743328 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2015-03-07 16:03 - 2013-07-28 11:48 - 27518208 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioVnA64.dll
2015-03-07 16:03 - 2013-07-24 11:07 - 02032896 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2015-03-07 16:03 - 2013-07-23 16:40 - 03610880 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioVnN64.dll
2015-03-07 16:03 - 2013-07-23 16:40 - 02103040 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2015-03-07 16:03 - 2013-07-23 16:39 - 14048512 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2015-03-07 16:03 - 2013-07-23 16:39 - 01916672 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek264.dll
2015-03-07 16:03 - 2013-07-23 16:39 - 00922880 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2015-03-07 16:03 - 2013-07-23 16:39 - 00790272 _____ (Waves Audio Ltd.) C:\WINDOWS\SysWOW64\MaxxAudioAPOShell.dll
2015-03-07 16:03 - 2013-06-25 13:47 - 00871856 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2015-03-07 16:03 - 2013-06-25 13:47 - 00162224 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2015-03-07 16:03 - 2013-06-25 13:46 - 00582056 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2015-03-07 16:03 - 2013-06-21 12:01 - 00109848 _____ () C:\WINDOWS\system32\AcpiServiceVnA64.dll
2015-03-07 16:03 - 2013-04-24 18:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-03-07 16:03 - 2013-04-03 15:13 - 00906800 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2015-03-07 16:03 - 2012-08-31 20:18 - 07164176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2015-03-07 16:03 - 2012-08-31 20:17 - 00434960 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2015-03-07 16:03 - 2012-08-31 20:17 - 00141584 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2015-03-07 16:03 - 2012-08-31 20:17 - 00124176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2015-03-07 16:03 - 2012-08-31 20:17 - 00075024 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2015-03-07 16:03 - 2012-03-08 12:47 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2015-03-07 16:03 - 2012-01-30 12:43 - 00836544 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2015-03-07 16:03 - 2012-01-10 11:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2015-03-07 16:03 - 2011-12-20 16:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2015-03-07 16:03 - 2011-11-22 17:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2015-03-07 16:03 - 2011-09-02 15:21 - 00221024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2015-03-07 16:03 - 2011-09-02 15:21 - 00081248 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2015-03-07 16:03 - 2011-09-02 15:21 - 00078688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2015-03-07 16:03 - 2011-08-23 18:00 - 00603984 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2015-03-07 16:03 - 2011-05-31 10:42 - 01756264 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2015-03-07 16:03 - 2011-05-31 10:42 - 01568360 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2015-03-07 16:03 - 2011-05-31 10:42 - 01486952 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2015-03-07 16:03 - 2011-05-31 10:42 - 00728680 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2015-03-07 16:03 - 2011-05-31 10:42 - 00712296 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2015-03-07 16:03 - 2011-05-31 10:42 - 00693352 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2015-03-07 16:03 - 2011-05-31 10:42 - 00491112 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2015-03-07 16:03 - 2011-05-31 10:42 - 00432744 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2015-03-07 16:03 - 2011-05-31 10:42 - 00428648 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2015-03-07 16:03 - 2011-05-31 10:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2015-03-07 16:03 - 2011-05-31 10:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2015-03-07 16:03 - 2011-05-31 10:42 - 00241768 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2015-03-07 16:03 - 2011-03-17 13:17 - 01361336 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2015-03-07 16:03 - 2011-03-07 18:11 - 00148416 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2015-03-07 16:03 - 2010-11-08 08:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2015-03-07 16:03 - 2010-11-08 08:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2015-03-07 16:03 - 2010-11-08 08:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2015-03-07 16:03 - 2010-11-08 08:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2015-03-07 16:03 - 2010-11-08 08:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2015-03-07 16:03 - 2010-11-08 08:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2015-03-07 16:03 - 2010-11-03 19:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2015-03-07 16:03 - 2010-09-27 10:34 - 00318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2015-03-07 16:03 - 2010-07-22 17:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2015-03-07 16:03 - 2009-11-24 10:55 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2015-03-07 16:03 - 2009-11-24 10:55 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2015-03-07 16:03 - 2009-11-24 10:55 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2015-03-07 16:03 - 2009-11-24 10:55 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2015-03-07 16:02 - 2015-03-07 16:02 - 00066567 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201503071602515044.log
2015-03-07 16:02 - 2015-03-07 16:02 - 00000000 ____D () C:\ProgramData\AMD
2015-03-07 16:01 - 2015-03-07 17:07 - 00000000 ____D () C:\Users\Andreas\AppData\Local\CrashDumps
2015-03-07 16:01 - 2013-06-28 03:16 - 00080640 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amd_sata.sys
2015-03-07 16:01 - 2013-06-28 03:16 - 00025344 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amd_xata.sys
2015-03-07 16:01 - 2012-08-28 13:27 - 00058536 ____R (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\usbfilter.sys
2015-03-07 16:00 - 2015-03-07 18:04 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2015-03-07 15:59 - 2015-03-08 12:35 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-07 15:58 - 2015-03-07 16:02 - 00000000 ____D () C:\Program Files\ATI Technologies
2015-03-07 15:58 - 2015-03-07 15:58 - 00016896 _____ (ASUS) C:\WINDOWS\AsTaskSched.dll
2015-03-07 15:58 - 2015-03-07 15:58 - 00000000 ____D () C:\Program Files\ATI
2015-03-07 15:52 - 2015-03-10 12:03 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-07 15:52 - 2015-03-10 12:02 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-07 15:52 - 2015-03-07 20:42 - 00000000 ____D () C:\Users\Andreas\AppData\Local\Google
2015-03-07 15:52 - 2015-03-07 17:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-07 15:52 - 2015-03-07 15:57 - 00004108 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-03-07 15:52 - 2015-03-07 15:57 - 00003872 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-03-07 15:52 - 2015-03-07 15:52 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-07 15:00 - 2015-03-09 12:35 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-03-07 14:12 - 2015-03-07 16:11 - 00000000 ____D () C:\Program Files (x86)\ASUS
2015-03-07 14:12 - 2015-03-07 14:12 - 00000000 ____D () C:\ProgramData\ASUS
2015-03-07 14:12 - 2013-04-06 21:28 - 00028672 ____R (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2015-03-07 14:12 - 2013-04-06 21:28 - 00015232 ____R () C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2015-03-07 14:11 - 2015-03-10 12:03 - 00031021 _____ () C:\WINDOWS\Ascd_tmp.ini
2015-03-07 14:11 - 2015-03-10 12:03 - 00001769 _____ () C:\WINDOWS\Language_trs.ini
2015-03-07 14:11 - 2015-03-10 12:03 - 00000384 _____ () C:\WINDOWS\As_Utilities.log
2015-03-07 14:11 - 2009-04-03 13:30 - 00010296 _____ () C:\WINDOWS\SysWOW64\Drivers\ASUSHWIO.SYS
2015-03-07 14:11 - 2009-03-02 04:35 - 00049152 ____R () C:\WINDOWS\DAOD.exe
2015-03-07 12:34 - 2015-03-07 12:34 - 00000117 _____ () C:\WINDOWS\system32\netcfg-4016557.txt
2015-03-07 12:34 - 2015-03-07 12:34 - 00000117 _____ () C:\WINDOWS\system32\netcfg-4013344.txt
2015-03-07 12:34 - 2015-03-07 12:34 - 00000088 _____ () C:\WINDOWS\system32\netcfg-4016729.txt
2015-03-07 12:34 - 2015-03-07 12:34 - 00000000 ____D () C:\Program Files\ASUS
2015-03-07 12:13 - 2013-05-04 05:51 - 00014848 ____N (Microsoft) C:\WINDOWS\system32\rars.rs
2015-03-07 12:13 - 2013-05-04 05:10 - 00014848 ____N (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2015-03-07 11:42 - 2015-03-07 11:42 - 00000000 ____D () C:\Users\Andreas\Documents\PC Speed Maximizer
2015-03-07 11:39 - 2015-03-07 11:39 - 00001203 _____ () C:\WINDOWS\system32\netcfg-689321.txt
2015-03-07 11:39 - 2015-03-07 11:39 - 00001098 _____ () C:\WINDOWS\system32\netcfg-707620.txt
2015-03-07 11:39 - 2015-03-07 11:39 - 00000264 _____ () C:\WINDOWS\system32\netcfg-702066.txt
2015-03-07 11:38 - 2015-03-10 12:15 - 00000000 ____D () C:\ProgramData\Norton
2015-03-07 11:38 - 2015-03-07 14:05 - 00000000 ____D () C:\Users\Andreas\AppData\Local\Binkiland
2015-03-07 11:38 - 2015-03-07 11:40 - 00000165 _____ () C:\WINDOWS\Reimage.ini
2015-03-07 11:38 - 2015-03-07 11:38 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\Wse_binkiland
2015-03-07 11:37 - 2015-03-10 12:07 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4198911014-4155679233-859511686-1001
2015-03-07 11:37 - 2015-03-07 11:37 - 09883024 _____ (Innovative Solutions ) C:\Users\Andreas\Downloads\asus_treiber_update.exe
2015-03-07 11:32 - 2015-03-07 11:32 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\Macromedia
2015-03-07 11:31 - 2015-03-07 11:31 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-03-07 11:31 - 2015-03-07 11:31 - 00000000 ____D () C:\WINDOWS\CSC
2015-03-07 11:31 - 2015-03-07 11:31 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\Adobe
2015-03-07 11:31 - 2015-03-07 11:31 - 00000000 ____D () C:\Users\Andreas\AppData\Local\VirtualStore
2015-03-07 11:30 - 2015-03-08 17:12 - 00000000 ____D () C:\Users\Andreas\AppData\Local\Packages
2015-03-07 11:30 - 2015-03-07 17:45 - 00000000 ____D () C:\ProgramData\PRICache
2015-03-07 11:30 - 2015-03-07 17:21 - 01313683 _____ () C:\WINDOWS\WindowsUpdate (1).log
2015-03-07 11:29 - 2015-03-07 11:29 - 00000117 _____ () C:\WINDOWS\system32\netcfg-105035.txt
2015-03-07 11:29 - 2015-03-07 11:29 - 00000117 _____ () C:\WINDOWS\system32\netcfg-102789.txt
2015-03-07 11:28 - 2015-03-07 17:39 - 00000000 __SHD () C:\Recovery
2015-03-07 11:28 - 2015-03-07 11:28 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-03-07 11:28 - 2015-03-07 11:28 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-03-07 11:28 - 2015-03-07 11:28 - 00000000 _SHDL () C:\Users\Default.migrated\Vorlagen
2015-03-07 11:28 - 2015-03-07 11:28 - 00000000 _SHDL () C:\Users\Default.migrated\Startmenü
2015-03-07 11:28 - 2015-03-07 11:28 - 00000000 _SHDL () C:\Users\Default.migrated\Netzwerkumgebung
2015-03-07 11:28 - 2015-03-07 11:28 - 00000000 _SHDL () C:\Users\Default.migrated\Lokale Einstellungen
2015-03-07 11:28 - 2015-03-07 11:28 - 00000000 _SHDL () C:\Users\Default.migrated\Eigene Dateien
2015-03-07 11:28 - 2015-03-07 11:28 - 00000000 _SHDL () C:\Users\Default.migrated\Druckumgebung
2015-03-07 11:28 - 2015-03-07 11:28 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Musik
2015-03-07 11:28 - 2015-03-07 11:28 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Bilder
2015-03-07 11:28 - 2015-03-07 11:28 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-03-07 11:28 - 2015-03-07 11:28 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Verlauf
2015-03-07 11:28 - 2015-03-07 11:28 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2015-03-07 11:28 - 2015-03-07 11:28 - 00000000 _SHDL () C:\Users\Default.migrated\Anwendungsdaten
2015-03-07 11:28 - 2015-03-07 11:28 - 00000000 _SHDL () C:\Programme
2015-03-07 11:28 - 2015-03-07 11:28 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-03-07 11:28 - 2015-03-07 11:28 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-03-07 11:28 - 2015-03-07 11:28 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-03-07 11:28 - 2015-03-07 11:28 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-03-07 11:28 - 2015-03-07 11:28 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-03-07 11:28 - 2015-03-07 11:28 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-03-07 11:28 - 2015-03-07 11:28 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2015-03-07 11:26 - 2015-03-07 11:26 - 00001135 _____ () C:\WINDOWS\system32\netcfg-77704.txt
2015-03-07 11:26 - 2015-03-07 11:26 - 00000185 _____ () C:\WINDOWS\system32\netcfg-75005.txt
2015-03-07 11:26 - 2015-03-07 11:26 - 00000164 _____ () C:\WINDOWS\system32\netcfg-73320.txt
2015-03-07 11:26 - 2015-03-07 11:26 - 00000161 _____ () C:\WINDOWS\system32\netcfg-74802.txt
2015-03-07 11:26 - 2015-03-07 11:26 - 00000160 _____ () C:\WINDOWS\system32\netcfg-74615.txt
2015-03-07 11:26 - 2015-03-07 11:26 - 00000160 _____ () C:\WINDOWS\system32\netcfg-74178.txt
2015-03-07 11:26 - 2015-03-07 11:26 - 00000160 _____ () C:\WINDOWS\system32\netcfg-69576.txt
2015-03-07 11:26 - 2015-03-07 11:26 - 00000159 _____ () C:\WINDOWS\system32\netcfg-73788.txt
2015-03-07 11:26 - 2015-03-07 11:26 - 00000157 _____ () C:\WINDOWS\system32\netcfg-74381.txt
2015-03-07 11:26 - 2015-03-07 11:26 - 00000157 _____ () C:\WINDOWS\system32\netcfg-69248.txt
2015-03-07 11:26 - 2015-03-07 11:26 - 00000150 _____ () C:\WINDOWS\system32\netcfg-73570.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-10 12:18 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-03-10 12:17 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-03-10 12:05 - 2014-11-21 04:35 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-10 12:05 - 2014-11-21 03:45 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2015-03-10 12:05 - 2014-11-21 03:45 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2015-03-10 12:01 - 2014-11-20 19:24 - 00036876 _____ () C:\WINDOWS\PFRO.log
2015-03-10 12:01 - 2013-08-22 15:46 - 00304372 _____ () C:\WINDOWS\setupact.log
2015-03-10 12:01 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-10 12:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-03-09 22:09 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-03-09 12:42 - 2013-08-22 15:44 - 00478768 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-09 12:36 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-03-09 12:35 - 2014-11-21 12:07 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-03-09 12:35 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-09 12:35 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-09 12:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-03-09 12:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-03-09 12:35 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-09 12:35 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-09 05:41 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-03-09 05:37 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-03-09 05:37 - 2013-08-22 14:25 - 00000188 _____ () C:\WINDOWS\win.ini
2015-03-09 05:34 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-03-07 19:53 - 2014-11-21 04:13 - 00000000 ____D () C:\WINDOWS\ShellNew
2015-03-07 19:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\System
2015-03-07 17:59 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-03-07 17:55 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-03-07 17:55 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-03-07 17:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-03-07 17:52 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-03-07 17:51 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-03-07 17:47 - 2013-08-22 16:37 - 00005217 _____ () C:\WINDOWS\DtcInstall.log
2015-03-07 17:47 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-03-07 17:46 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-03-07 17:46 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-03-07 17:46 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-03-07 17:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-03-07 17:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-03-07 17:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-03-07 17:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-03-07 17:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-03-07 17:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-03-07 17:46 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-03-07 17:46 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-03-07 17:45 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-03-07 17:45 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-03-07 17:45 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-03-07 17:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2015-03-07 17:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-03-07 17:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-03-07 17:42 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-03-07 17:39 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-03-07 17:33 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-03-07 17:32 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-03-07 17:31 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-03-07 15:58 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent

==================== Files in the root of some directories =======

2015-03-10 11:57 - 2015-03-10 11:57 - 0075596 _____ () C:\Users\Andreas\AppData\Local\ars.cache
2015-03-10 11:58 - 2015-03-10 11:58 - 0125763 _____ () C:\Users\Andreas\AppData\Local\census.cache
2015-03-07 20:25 - 2015-03-07 20:25 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-03-07 17:36 - 2015-03-07 17:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Andreas\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Andreas\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Andreas\AppData\Local\Temp\GURD9C1.exe
C:\Users\Andreas\AppData\Local\Temp\ose00000.exe
C:\Users\Andreas\AppData\Local\Temp\ose00002.exe
C:\Users\Andreas\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Andreas\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Andreas\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Andreas\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_N360_10326.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-07 17:35

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-03-2015 01
Ran by Andreas at 2015-03-10 12:37:57
Running from C:\Users\Andreas\AppData\Local\Microsoft\Windows\INetCache\IE\VE7K6965
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader X (10.1.3) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
AMD Catalyst Install Manager (HKLM\...\{82DEBC0B-5BAD-5918-2EDB-7C78BE01BA59}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
ASUS Ai Charger (HKLM-x32\...\{7FB64E72-9B0E-4460-A821-040C341E414A}) (Version: 1.03.00 - ASUSTeK Computer Inc.)
ChromecastApp (HKU\S-1-5-21-4198911014-4155679233-859511686-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)
Disk Unlocker (HKLM-x32\...\{AE4DB5AB-CD91-4D63-8AD5-33EBADCCC4F2}) (Version: 2.1.3 - ASUSTek Computer Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.76 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HP Officejet 6600 - Grundlegende Software für das Gerät (HKLM\...\{F58934BD-F483-43EB-B307-CFFD88B18455}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
KMSnano 24 (HKLM\...\KMSnano 24_is1) (Version: KMSnano 24 - )
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{d0450839-5396-4ca4-867c-39945dec7eaf}) (Version:  - Nero AG)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.1.0.18 - Symantec Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Studie zur Verbesserung von HP Officejet 6600 Produkten (HKLM\...\{E1A11879-5771-4E52-BA2E-CD5DD65BF970}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4198911014-4155679233-859511686-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4198911014-4155679233-859511686-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Andreas\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)

==================== Restore Points  =========================

09-03-2015 04:56:52 Windows Update
10-03-2015 11:32:30 Removed Logitech Vid.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02E8E840-493B-4CBF-BA6D-C1D062C77633} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {0479711D-AC46-4215-A2F8-FE0AC677A801} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4198911014-4155679233-859511686-1001UA => C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)
Task: {069A4315-EBA3-4355-AFB0-A606C941B6B8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)
Task: {1A0E97F9-BED0-4709-B066-979370B85C65} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {2B34520B-04FB-457D-AC91-1836CCAD1866} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano\TriggerKMS.exe [2013-01-26] ()
Task: {326E7E24-1C62-4F18-9B7D-9450FDA271C3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4198911014-4155679233-859511686-1001Core => C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)
Task: {355C5A8B-506D-4970-B3D8-C49C9E543E62} - System32\Tasks\Google Update => C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)
Task: {5BAB14D5-4A63-4FFA-A74B-D1E5657E5D5C} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {605558B1-44F1-4514-9A6C-6517173A6006} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-07] (Google Inc.)
Task: {8836F2D5-8F87-4AF9-B28A-BEA0E1455D2F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {8BF541B5-CF18-4A78-B2E9-950A9691DFCF} - System32\Tasks\HPCustParticipation HP Officejet 6600 => C:\Program Files\HP\HP Officejet 6600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {C8A0E92C-F91F-4967-B07F-C8DE20C4F2B6} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {D31411FC-A3EF-4A29-94C9-0AB0C07E6CCC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {EB9D6357-623A-4138-BB35-CF3740287968} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4198911014-4155679233-859511686-1001Core.job => C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4198911014-4155679233-859511686-1001UA.job => C:\Users\Andreas\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2013-11-01 11:46 - 2013-11-01 11:46 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 00814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-11-01 11:46 - 2013-11-01 11:46 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-03-07 14:12 - 2013-05-14 15:45 - 00936728 ____R () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2009-10-14 13:36 - 2009-10-14 13:36 - 02793304 _____ () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
2009-10-14 13:34 - 2009-10-14 13:34 - 00560472 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2013-11-01 11:46 - 2013-11-01 11:46 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-03-07 14:12 - 2015-03-10 12:01 - 00026112 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-03-07 14:12 - 2013-04-06 21:28 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-03-07 16:06 - 2015-02-28 02:56 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.76\libglesv2.dll
2015-03-07 16:06 - 2015-02-28 02:56 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.76\libegl.dll
2015-03-07 16:06 - 2015-02-28 02:56 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.76\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Andreas\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4198911014-4155679233-859511686-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Andreas\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\20140928_173606.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKU\S-1-5-21-4198911014-4155679233-859511686-1001\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKU\S-1-5-21-4198911014-4155679233-859511686-1001\...\StartupApproved\Run: => "Google Update"

==================== Accounts: =============================

Administrator (S-1-5-21-4198911014-4155679233-859511686-500 - Administrator - Disabled)
Andreas (S-1-5-21-4198911014-4155679233-859511686-1001 - Administrator - Enabled) => C:\Users\Andreas
Gast (S-1-5-21-4198911014-4155679233-859511686-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4198911014-4155679233-859511686-1006 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/10/2015 00:00:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17416, Zeitstempel: 0x5452eed9
Name des fehlerhaften Moduls: combase.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54503d84
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0009b39f
ID des fehlerhaften Prozesses: 0xfbc
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (03/10/2015 11:32:35 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/09/2015 11:27:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ENGEL-PC)
Description: Das Paket „Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c+App“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (03/09/2015 11:23:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 31f8

Startzeit: 01d05ab7170a5357

Endzeit: 60000

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: b4fad02d-c6aa-11e4-be73-382c4ab53982

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (03/09/2015 10:27:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AiChargerAP.exe, Version: 2.0.0.0, Zeitstempel: 0x50285912
Name des fehlerhaften Moduls: AiChargerAP.exe, Version: 2.0.0.0, Zeitstempel: 0x50285912
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00001393
ID des fehlerhaften Prozesses: 0x12c8
Startzeit der fehlerhaften Anwendung: 0xAiChargerAP.exe0
Pfad der fehlerhaften Anwendung: AiChargerAP.exe1
Pfad des fehlerhaften Moduls: AiChargerAP.exe2
Berichtskennung: AiChargerAP.exe3
Vollständiger Name des fehlerhaften Pakets: AiChargerAP.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AiChargerAP.exe5

Error: (03/09/2015 04:57:00 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/08/2015 05:17:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ENGEL-PC)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/08/2015 05:17:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ENGEL-PC)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/08/2015 05:17:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ENGEL-PC)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (03/08/2015 05:17:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1108

Startzeit: 01d0590586a5a149

Endzeit: 140

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: 9b7ef318-c5ae-11e4-be6d-382c4ab53982

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App


System errors:
=============
Error: (03/10/2015 00:00:21 PM) (Source: DCOM) (EventID: 10010) (User: ENGEL-PC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (03/10/2015 00:00:21 PM) (Source: DCOM) (EventID: 10010) (User: ENGEL-PC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}

Error: (03/10/2015 11:40:34 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "ASDiskUnlocker" hat einen ungültigen aktuellen Status gemeldet: 11

Error: (03/10/2015 11:25:27 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (03/10/2015 11:25:24 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (03/10/2015 11:25:24 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (03/10/2015 11:25:24 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (03/10/2015 11:25:24 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (03/10/2015 11:25:24 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (03/10/2015 11:25:24 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.


Microsoft Office Sessions:
=========================
Error: (03/10/2015 00:00:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.174165452eed9combase.dll6.3.9600.1741554503d84c00000050009b39ffbc01d05b1da4e04fa5C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\WINDOWS\SYSTEM32\combase.dlla311c7aa-c714-11e4-be78-382c4ab53982

Error: (03/10/2015 11:32:35 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (03/09/2015 11:27:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ENGEL-PC)
Description: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c+App

Error: (03/09/2015 11:23:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.1741531f801d05ab7170a535760000C:\WINDOWS\syswow64\wwahost.exeb4fad02d-c6aa-11e4-be73-382c4ab53982Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp

Error: (03/09/2015 10:27:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AiChargerAP.exe2.0.0.050285912AiChargerAP.exe2.0.0.050285912c00004090000139312c801d05aafd4f816f8C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exeC:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe13769727-c6a3-11e4-be73-382c4ab53982

Error: (03/09/2015 04:57:00 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert

Error: (03/08/2015 05:17:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ENGEL-PC)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141

Error: (03/08/2015 05:17:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ENGEL-PC)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141

Error: (03/08/2015 05:17:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ENGEL-PC)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927142

Error: (03/08/2015 05:17:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.17415110801d0590586a5a149140C:\WINDOWS\syswow64\wwahost.exe9b7ef318-c5ae-11e4-be6d-382c4ab53982Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5cApp


==================== Memory info =========================== 

Processor: AMD A10-5800K APU with Radeon(tm) HD Graphics 
Percentage of memory in use: 60%
Total physical RAM: 3264.39 MB
Available physical RAM: 1280.07 MB
Total Pagefile: 6592.39 MB
Available Pagefile: 4032.53 MB
Total Virtual: 131072 MB
Available Virtual: 131071.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:87.89 GB) (Free:47.12 GB) NTFS
Drive d: (MB Support CD) (CDROM) (Total:4.6 GB) (Free:0 GB) CDFS
Drive f: (Volume) (Fixed) (Total:1960.01 GB) (Free:1959.77 GB) NTFS
Drive g: (Volume) (Fixed) (Total:746.39 GB) (Free:746.19 GB) NTFS
Drive h: (32_00_00) (Fixed) (Total:596.17 GB) (Free:105.76 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 790B8307)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=87.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1960 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 746.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 596.2 GB) (Disk ID: 32331E79)
Partition 1: (Active) - (Size=596.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
hoffe habe das richtig gemacht.

Danke Andreas
__________________

Alt 10.03.2015, 12:46   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Pc gibt Applaus - Standard

Pc gibt Applaus



Was ist mit meiner Frage nach bisherigen Virenscannerfunden und wenn es welche gab den entsprechenden Logs dazu?

Außerdem noch ein paar weitere Anmerkungen:

Zitat:
Running from C:\Users\Andreas\AppData\Local\Microsoft\Windows\INetCache\IE\VE7K6965
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.


Und:
Zitat:
C:\Program Files\KMSnano
KMSnano/KMSpico bzw AutoKMS ist ein bekannter Crack für MS-Office.

Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Pc gibt Applaus
64bit, andreas, dinge, dvd, dvd laufwerk, fertig, gefunde, hilfe, komische, laufwerk, modus, neu, neue, neuen, nicht mehr, nichts, probleme, programm, runterfahren, schaltet, schlaf, stelle, viren, virus, win




Ähnliche Themen: Pc gibt Applaus


  1. Applaus dem Schrauber - alle Trojaner weg...
    Lob, Kritik und Wünsche - 05.06.2014 (0)
  2. Ich bin so froh, daß es Euch gibt!
    Lob, Kritik und Wünsche - 08.04.2014 (2)
  3. Genial das es Euch gibt!
    Lob, Kritik und Wünsche - 14.02.2014 (0)
  4. an meinem PC „Applaus“
    Alles rund um Windows - 04.02.2014 (2)
  5. Tausend Dank und noch mehr Applaus: Schrauber :)
    Lob, Kritik und Wünsche - 30.01.2014 (0)
  6. Apple gibt Mac OS X 10.7.3 frei
    Nachrichten - 02.02.2012 (0)
  7. RSA gibt wieder Sicherheitstipps
    Nachrichten - 06.08.2011 (0)
  8. gibt es denn ...
    Diskussionsforum - 13.12.2008 (3)
  9. Gibt's hier Hilfe?
    Mülltonne - 24.10.2008 (1)
  10. Dropper gibt mir Rätsel auf!!
    Log-Analyse und Auswertung - 30.07.2008 (2)
  11. Trojaner gibt Buchstaben ein
    Plagegeister aller Art und deren Bekämpfung - 07.03.2007 (10)
  12. Applaus Für Dieses Tolle Forum!
    Lob, Kritik und Wünsche - 21.05.2006 (36)
  13. antivir gibt warnungen
    Antiviren-, Firewall- und andere Schutzprogramme - 15.01.2006 (2)
  14. gibt bei mir trojan??
    Log-Analyse und Auswertung - 09.12.2005 (3)
  15. Leute gibt's!!
    Antiviren-, Firewall- und andere Schutzprogramme - 25.01.2003 (8)

Zum Thema Pc gibt Applaus - Hallo, mein Name ist Andreas und bin neu hier habe gleich mal 3 Probleme mit gebracht denke das es ein Virus ist. Ich habe mir einen neuen Pc gebaut soweit - Pc gibt Applaus...
Archiv
Du betrachtest: Pc gibt Applaus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.