Firefox Popup + Werbung

NBX · 18.03.2016, 20:58

Guten Abend!

Und zwar hab ich folgendes Problem bzw ob mir hier von euch jemand helfen kann den PC zu untersuchen. Wie ich heute im Firefox war hab ich die Meldung bekommen das Popups geblockt wurden und wenn ich auf einer Seite war hatte ich rechts einen Balken mit unseriöser Werbung. Habe dann mal den Verlauf + Cookies gelöscht und einen Scan mit Panda Antivirus und Malewarebytes Anti-Malware gemacht. Beide Scans waren aber ergebnislos bzw ohne Funde. Nun weiß ich nicht ob ich mir was eingefangen habe und wäre dankbar wenn mir jemand helfen könnte bzw mit welchen Programm ich eventuell noch scannen könnte.

Danke. LG Pascal (NBX)

M-K-D-B · 18.03.2016, 21:31

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

NBX · 18.03.2016, 21:48

Vielen Dank für die schnelle Antwort! Anbei die Logs:

FRST.txt

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Pascal Weger (Administrator) auf DESKTOP-MKUL2BH (18-03-2016 21:37:12)
Gestartet von C:\Users\Pascal Weger\Downloads
Geladene Profile: Pascal Weger (Verfügbare Profile: Pascal Weger)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\FreedomeService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Spotify Ltd) C:\Users\Pascal Weger\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\Freedome.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4835\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.6890\Battle.net.exe
(Valve Corporation) E:\Steam\Steam.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(TeamSpeak Systems GmbH) E:\Programme\Teamspeak 3\ts3client_win64.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-20] (Logitech Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [5006024 2016-03-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [99064 2015-12-07] (Panda Security, S.L.)
HKLM-x32\...\Run: [FreedomeAutoStart] => C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\Freedome.exe [5397976 2016-03-07] (F-Secure Corporation)
HKU\S-1-5-21-3473851266-2326088663-4233973066-1002\...\Run: [Spotify Web Helper] => C:\Users\Pascal Weger\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524848 2016-03-04] (Spotify Ltd)
HKU\S-1-5-21-3473851266-2326088663-4233973066-1002\...\RunOnce: [Uninstall C:\Users\Pascal Weger\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Pascal Weger\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-3473851266-2326088663-4233973066-1002\...\RunOnce: [Uninstall C:\Users\Pascal Weger\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Pascal Weger\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2fc182b6-9684-482a-803a-dcfca6885bf6}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================

FireFox:
========
FF ProfilePath: C:\Users\Pascal Weger\AppData\Roaming\Mozilla\Firefox\Profiles\51xz7td4.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-10] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> E:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> E:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-10] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> E:\Programme\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Pascal Weger\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> E:\Programme\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3473851266-2326088663-4233973066-1002: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> E:\Programme\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Extension: Adblock Plus - C:\Users\Pascal Weger\AppData\Roaming\Mozilla\Firefox\Profiles\51xz7td4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-08] [ist nicht signiert]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 Freedome Service; C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\FreedomeService.exe [434648 2016-03-07] (F-Secure Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-11-20] (Logitech Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-12-07] (Panda Security, S.L.)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2104840 2016-03-03] (Electronic Arts)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73176 2016-02-22] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-12-07] (Panda Security, S.L.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [23240 2016-02-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102400 2016-02-23] (Advanced Micro Devices)
R3 fsfreedometap; C:\Windows\System32\drivers\fsfreedometap.sys [34344 2016-02-05] (The OpenVPN Project)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2016-01-04] (Intel Corporation)
R1 NNSALPC; C:\Windows\system32\DRIVERS\NNSALPC.sys [103856 2015-12-10] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\system32\DRIVERS\NNSHTTP.sys [210864 2015-12-10] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\system32\DRIVERS\NNSHTTPS.sys [120240 2015-12-10] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\system32\DRIVERS\NNSIDS.sys [120240 2015-12-10] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\system32\DRIVERS\NNSPICC.sys [112560 2015-12-10] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\system32\DRIVERS\NNSPIHSW.sys [87984 2015-12-10] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\system32\DRIVERS\NNSPOP3.sys [133552 2015-12-10] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\system32\DRIVERS\NNSPROT.sys [309680 2015-12-10] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\system32\DRIVERS\NNSPRV.sys [179632 2015-12-10] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\system32\DRIVERS\NNSSMTP.sys [122800 2015-12-10] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\system32\DRIVERS\NNSSTRM.sys [267184 2015-12-10] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\system32\DRIVERS\NNSTLSC.sys [115632 2015-12-10] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [173488 2015-12-10] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [129456 2015-12-10] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\system32\DRIVERS\PSINKNC.sys [207280 2015-12-10] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [133552 2015-12-10] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [146352 2015-12-10] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [117168 2015-12-10] (Panda Security, S.L.)
U3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-18 21:37 - 2016-03-18 21:37 - 00013244 _____ C:\Users\Pascal Weger\Downloads\FRST.txt
2016-03-18 21:37 - 2016-03-18 21:37 - 00000000 ____D C:\FRST
2016-03-18 21:36 - 2016-03-18 21:36 - 02374144 _____ (Farbar) C:\Users\Pascal Weger\Downloads\FRST64.exe
2016-03-18 21:12 - 2016-03-18 21:12 - 00001195 _____ C:\Users\Pascal Weger\Desktop\18.03.txt
2016-03-18 20:16 - 2016-03-18 20:16 - 01527296 _____ C:\Users\Pascal Weger\Downloads\adwcleaner_5.102.exe
2016-03-17 11:46 - 2016-03-17 11:46 - 00032587 _____ C:\Users\Pascal Weger\Downloads\tarifeat-kuendigung-a1-17-3-2016.pdf
2016-03-17 11:45 - 2016-03-17 11:45 - 00010651 _____ C:\Users\Pascal Weger\Downloads\Kndigung_A1_Nadine_Weger_.pdf
2016-03-17 11:42 - 2016-03-17 11:42 - 00010707 _____ C:\Users\Pascal Weger\Downloads\Kndigung_A1_Nadine_Weger_107974641_.pdf
2016-03-16 02:53 - 2016-03-16 02:53 - 00000202 _____ C:\Users\Pascal Weger\Desktop\Subnautica.url
2016-03-15 16:06 - 2016-03-15 16:06 - 00045418 _____ C:\Users\Pascal Weger\Downloads\AllPortraits(1).zip
2016-03-15 15:58 - 2016-03-15 16:03 - 301869848 _____ C:\Users\Pascal Weger\Downloads\More Music V5-85-5.zip
2016-03-14 03:37 - 2016-03-14 03:37 - 00000202 _____ C:\Users\Pascal Weger\Desktop\Stardew Valley.url
2016-03-13 14:09 - 2016-03-13 14:05 - 00295976 _____ C:\Users\Pascal Weger\Desktop\Stardew Valley - The Spreadsheet_update4.xlsx
2016-03-13 14:04 - 2016-03-13 14:05 - 00295976 _____ C:\Users\Pascal Weger\Downloads\Stardew Valley - The Spreadsheet_update4.xlsx
2016-03-12 17:08 - 2016-03-12 17:08 - 08110628 _____ C:\Users\Pascal Weger\Downloads\dict-de_at-frami_2015-12-28.oxt
2016-03-12 15:05 - 2016-03-12 15:05 - 00000000 ____D C:\Users\Pascal Weger\AppData\Roaming\Ubisoft
2016-03-12 15:02 - 2016-03-12 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2016-03-12 15:02 - 2016-03-12 15:02 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-03-12 15:02 - 2016-02-16 00:27 - 00125720 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-03-12 15:02 - 2016-02-16 00:26 - 00126232 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-03-12 15:02 - 2016-02-16 00:25 - 00045848 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-03-12 15:02 - 2016-02-16 00:25 - 00042264 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-03-12 15:02 - 2015-06-16 15:41 - 00062080 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2016-03-12 15:00 - 2016-03-12 15:00 - 00000000 ____D C:\Program Files (x86)\AMD
2016-03-12 14:55 - 2016-03-12 14:57 - 343030120 _____ (AMD Inc.) C:\Users\Pascal Weger\Downloads\non-whql-64bit-radeon-software-crimson-16.3-win10-win8.1-win7-march9.exe
2016-03-11 13:35 - 2016-03-11 13:35 - 00001564 _____ C:\Users\Pascal Weger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OnlineScannerApp.lnk
2016-03-11 02:05 - 2016-03-11 02:05 - 00000000 ____D C:\Program Files (x86)\ESET
2016-03-10 23:05 - 2016-03-12 15:02 - 00000630 _____ C:\WINDOWS\Tasks\TrackerAutoUpdate.job
2016-03-10 23:05 - 2016-03-10 23:05 - 00003222 _____ C:\WINDOWS\System32\Tasks\TrackerAutoUpdate
2016-03-10 23:05 - 2016-03-10 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2016-03-10 23:03 - 2016-03-10 23:04 - 17765360 _____ (Tracker Software Products Ltd ) C:\Users\Pascal Weger\Downloads\PDFXVwer3161.exe
2016-03-10 23:02 - 2016-03-10 23:02 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-03-10 20:17 - 2016-03-10 20:17 - 00001960 _____ C:\Users\Pascal Weger\Documents\panda.txt
2016-03-10 16:52 - 2016-03-10 16:52 - 284640110 _____ C:\Users\Pascal Weger\Downloads\More-Music-Modv1(1).zip
2016-03-10 16:45 - 2016-03-10 16:45 - 00001604 _____ C:\Users\Pascal Weger\Downloads\Fish(2).xnb
2016-03-10 16:44 - 2016-03-10 16:45 - 00001604 _____ C:\Users\Pascal Weger\Downloads\Fish(1).xnb
2016-03-10 15:10 - 2016-03-10 15:10 - 00001799 _____ C:\Users\Pascal Weger\Desktop\Audible.lnk
2016-03-10 14:59 - 2016-03-18 20:01 - 00000000 ___RD C:\Users\Pascal Weger\Desktop\Neuer Ordner
2016-03-10 14:58 - 2016-03-10 14:58 - 36216008 _____ (Panda Security ) C:\Users\Pascal Weger\Downloads\PandaCloudCleaner(1).exe
2016-03-10 14:58 - 2016-03-10 14:58 - 00001359 _____ C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2016-03-09 16:34 - 2016-03-18 16:02 - 00000000 ____D C:\Users\Pascal Weger\AppData\Roaming\StardewValley
2016-03-09 15:16 - 2016-03-01 06:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-09 15:16 - 2016-03-01 06:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-09 15:16 - 2016-02-24 10:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-03-09 15:16 - 2016-02-24 10:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 15:16 - 2016-02-24 10:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-09 15:16 - 2016-02-24 10:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 15:16 - 2016-02-24 10:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-09 15:16 - 2016-02-24 10:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-09 15:16 - 2016-02-24 10:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-09 15:16 - 2016-02-24 10:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-03-09 15:16 - 2016-02-24 09:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-09 15:16 - 2016-02-24 09:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-09 15:16 - 2016-02-24 09:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-09 15:16 - 2016-02-24 09:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-09 15:16 - 2016-02-24 09:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-09 15:16 - 2016-02-24 09:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-09 15:16 - 2016-02-24 09:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-03-09 15:16 - 2016-02-24 09:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-09 15:16 - 2016-02-24 09:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-09 15:16 - 2016-02-24 09:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-09 15:16 - 2016-02-24 09:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-09 15:16 - 2016-02-24 09:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-09 15:16 - 2016-02-24 09:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-03-09 15:16 - 2016-02-24 09:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-03-09 15:16 - 2016-02-24 09:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-09 15:16 - 2016-02-24 09:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-09 15:16 - 2016-02-24 09:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 15:16 - 2016-02-24 09:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-09 15:16 - 2016-02-24 09:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-09 15:16 - 2016-02-24 09:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-09 15:16 - 2016-02-24 09:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-09 15:16 - 2016-02-24 08:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-03-09 15:16 - 2016-02-24 08:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-09 15:16 - 2016-02-24 08:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-09 15:16 - 2016-02-24 08:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-09 15:16 - 2016-02-24 08:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-09 15:16 - 2016-02-24 08:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-09 15:16 - 2016-02-24 08:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-09 15:16 - 2016-02-24 08:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-09 15:16 - 2016-02-24 08:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-03-09 15:16 - 2016-02-24 08:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-09 15:16 - 2016-02-24 08:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-09 15:16 - 2016-02-24 08:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-09 15:16 - 2016-02-24 08:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-09 15:16 - 2016-02-24 08:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-03-09 15:16 - 2016-02-24 08:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-09 15:16 - 2016-02-24 08:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-09 15:16 - 2016-02-24 08:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-09 15:16 - 2016-02-24 08:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-09 15:16 - 2016-02-24 08:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-09 15:16 - 2016-02-24 08:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-09 15:16 - 2016-02-24 08:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-03-09 15:16 - 2016-02-24 08:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 15:16 - 2016-02-24 08:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-09 15:16 - 2016-02-24 08:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-09 15:16 - 2016-02-24 08:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-09 15:16 - 2016-02-24 08:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-09 15:16 - 2016-02-24 08:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-09 15:16 - 2016-02-24 08:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-09 15:16 - 2016-02-24 08:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-09 15:16 - 2016-02-24 08:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-09 15:16 - 2016-02-24 08:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-09 15:16 - 2016-02-24 08:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-09 15:16 - 2016-02-24 08:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-09 15:16 - 2016-02-24 08:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-03-09 15:16 - 2016-02-24 08:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-09 15:16 - 2016-02-24 08:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-09 15:16 - 2016-02-24 08:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-09 15:16 - 2016-02-24 08:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-09 15:16 - 2016-02-24 08:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-09 15:16 - 2016-02-24 08:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-09 15:16 - 2016-02-24 07:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-09 15:16 - 2016-02-24 07:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-09 15:16 - 2016-02-24 07:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-09 15:16 - 2016-02-24 07:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-09 15:16 - 2016-02-24 07:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-09 15:16 - 2016-02-24 07:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-09 15:16 - 2016-02-24 07:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-03-09 15:16 - 2016-02-24 07:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-09 15:16 - 2016-02-24 07:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-09 15:16 - 2016-02-24 07:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 15:16 - 2016-02-24 07:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-09 15:16 - 2016-02-24 07:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-03-09 15:16 - 2016-02-24 07:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-03-09 15:16 - 2016-02-24 07:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-09 15:16 - 2016-02-24 07:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-09 15:16 - 2016-02-24 07:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-09 15:16 - 2016-02-24 07:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-09 15:16 - 2016-02-24 07:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-03-09 15:16 - 2016-02-24 07:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-03-09 15:16 - 2016-02-24 07:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-03-09 15:16 - 2016-02-24 07:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-09 15:16 - 2016-02-24 07:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-09 15:16 - 2016-02-24 07:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-03-09 15:16 - 2016-02-24 07:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-03-09 15:16 - 2016-02-24 07:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-09 15:16 - 2016-02-24 07:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-09 15:16 - 2016-02-24 07:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-09 15:16 - 2016-02-24 07:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-09 15:16 - 2016-02-24 07:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-09 15:16 - 2016-02-24 07:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-09 15:16 - 2016-02-24 07:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-09 15:16 - 2016-02-24 07:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-03-09 15:16 - 2016-02-24 07:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-03-09 15:16 - 2016-02-24 07:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 15:16 - 2016-02-24 07:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-09 15:16 - 2016-02-24 07:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-09 15:16 - 2016-02-24 07:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-03-09 15:16 - 2016-02-24 07:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-03-09 15:16 - 2016-02-24 07:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-03-09 15:16 - 2016-02-24 07:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-03-09 15:16 - 2016-02-24 07:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-03-09 15:16 - 2016-02-24 07:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-03-09 15:16 - 2016-02-24 07:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-03-09 15:16 - 2016-02-24 07:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 15:16 - 2016-02-24 07:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-03-09 15:16 - 2016-02-24 07:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-03-09 15:16 - 2016-02-24 07:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-09 15:16 - 2016-02-24 07:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-03-09 15:16 - 2016-02-24 07:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-09 15:16 - 2016-02-24 07:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-03-09 15:16 - 2016-02-24 07:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-03-09 15:16 - 2016-02-24 07:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-03-09 15:16 - 2016-02-24 07:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-09 15:16 - 2016-02-24 07:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-03-09 15:16 - 2016-02-24 07:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-09 15:16 - 2016-02-24 07:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-03-09 15:16 - 2016-02-24 07:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-03-09 15:16 - 2016-02-24 07:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-03-09 15:16 - 2016-02-24 07:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-09 15:16 - 2016-02-24 07:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-09 15:16 - 2016-02-24 07:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-03-09 15:16 - 2016-02-24 07:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-03-09 15:16 - 2016-02-24 07:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-09 15:16 - 2016-02-24 07:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-03-09 15:16 - 2016-02-24 07:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-09 15:16 - 2016-02-24 07:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 15:16 - 2016-02-24 07:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-03-09 15:16 - 2016-02-24 06:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-09 15:16 - 2016-02-24 06:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-09 15:16 - 2016-02-24 06:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-09 15:16 - 2016-02-24 06:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-09 15:16 - 2016-02-24 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-03-09 15:16 - 2016-02-24 06:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-09 15:16 - 2016-02-24 06:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-09 15:16 - 2016-02-24 06:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-09 15:16 - 2016-02-24 06:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 15:16 - 2016-02-24 06:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 15:16 - 2016-02-24 06:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 15:16 - 2016-02-24 06:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 15:16 - 2016-02-24 06:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 15:16 - 2016-02-24 05:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-09 15:16 - 2016-02-24 05:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-09 03:37 - 2016-03-09 03:39 - 329341208 _____ (AMD Inc.) C:\Users\Pascal Weger\Downloads\non-whql-64bit-radeon-software-crimson-16.2.1-win10-win8.1-win7-feb27.exe
2016-03-09 03:37 - 2016-03-09 03:37 - 04952336 _____ (Advanced Micro Devices, Inc.) C:\Users\Pascal Weger\Downloads\autodetectutility(1).exe
2016-03-09 03:29 - 2016-03-09 03:29 - 00271766 _____ C:\Users\Pascal Weger\Downloads\Cursors.xnb
2016-03-09 03:25 - 2016-03-09 03:25 - 00032170 _____ C:\Users\Pascal Weger\Downloads\AllPortraits.zip
2016-03-09 03:21 - 2016-03-09 03:21 - 284640110 _____ C:\Users\Pascal Weger\Downloads\More-Music-Modv1.zip
2016-03-09 03:19 - 2016-03-15 16:01 - 00000000 ____D C:\Users\Pascal Weger\Documents\Stardew Valley alte Dateien
2016-03-08 22:28 - 2016-03-10 23:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-08 21:32 - 2016-03-08 21:35 - 345750267 _____ C:\Users\Pascal Weger\Downloads\oceanhorn-pc-2016-january-01.zip
2016-03-08 21:17 - 2016-03-08 21:17 - 00001604 _____ C:\Users\Pascal Weger\Downloads\Fish.xnb
2016-03-08 00:30 - 2016-03-08 00:30 - 00458472 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-03-08 00:30 - 2016-03-08 00:30 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-03-08 00:30 - 2016-03-08 00:30 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-03-08 00:30 - 2016-03-08 00:30 - 00110880 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-03-08 00:30 - 2016-03-08 00:30 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-03-08 00:30 - 2016-03-08 00:30 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-03-08 00:30 - 2016-03-08 00:30 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-03-08 00:29 - 2016-03-08 00:29 - 00120656 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2016-03-08 00:29 - 2016-03-08 00:29 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-03-08 00:29 - 2016-03-08 00:29 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-03-08 00:28 - 2016-03-08 00:28 - 08843208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2016-03-08 00:26 - 2016-03-08 00:26 - 00296648 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdacpksd.sys
2016-03-08 00:17 - 2016-03-08 00:17 - 06956032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-03-08 00:14 - 2016-03-08 00:14 - 48212480 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2016-03-08 00:14 - 2016-03-08 00:14 - 00235008 _____ C:\WINDOWS\system32\clinfo.exe
2016-03-08 00:13 - 2016-03-08 00:13 - 40126464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2016-03-08 00:13 - 2016-03-08 00:13 - 05420032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-03-08 00:12 - 2016-03-08 00:12 - 00065024 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-03-08 00:12 - 2016-03-08 00:12 - 00059392 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-03-08 00:10 - 2016-03-08 00:10 - 26886656 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2016-03-08 00:10 - 2016-03-08 00:10 - 21730304 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2016-03-07 23:58 - 2016-03-07 23:58 - 06591488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2016-03-07 23:49 - 2016-03-07 23:49 - 00134656 _____ C:\WINDOWS\system32\amdhdl64.dll
2016-03-07 23:49 - 2016-03-07 23:49 - 00123392 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2016-03-07 23:48 - 2016-03-07 23:48 - 30377984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2016-03-07 23:48 - 2016-03-07 23:48 - 06883840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2016-03-07 23:48 - 2016-03-07 23:48 - 00701440 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-03-07 23:48 - 2016-03-07 23:48 - 00580096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-03-07 23:48 - 2016-03-07 23:48 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2016-03-07 23:48 - 2016-03-07 23:48 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2016-03-07 23:46 - 2016-03-07 23:46 - 00865280 _____ (AMD) C:\WINDOWS\system32\coinst_16.15.dll
2016-03-07 23:45 - 2016-03-07 23:45 - 15711744 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2016-03-07 23:45 - 2016-03-07 23:45 - 00697320 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2016-03-07 23:45 - 2016-03-07 23:45 - 00697320 _____ C:\WINDOWS\system32\atiapfxx.blb
2016-03-07 23:45 - 2016-03-07 23:45 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-03-07 23:45 - 2016-03-07 23:45 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2016-03-07 23:45 - 2016-03-07 23:45 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2016-03-07 23:45 - 2016-03-07 23:45 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2016-03-07 23:45 - 2016-03-07 23:45 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2016-03-07 23:44 - 2016-03-07 23:44 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2016-03-07 23:44 - 2016-03-07 23:44 - 05396992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2016-03-07 23:44 - 2016-03-07 23:44 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2016-03-07 23:44 - 2016-03-07 23:44 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2016-03-07 23:42 - 2016-03-07 23:42 - 25069056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2016-03-07 23:42 - 2016-03-07 23:42 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2016-03-07 23:40 - 2016-03-07 23:40 - 00097280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2016-03-07 23:40 - 2016-03-07 23:40 - 00089600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-03-07 23:39 - 2016-03-07 23:39 - 08385024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2016-03-07 23:38 - 2016-03-07 23:38 - 00560128 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-03-07 23:38 - 2016-03-07 23:38 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-03-07 23:38 - 2016-03-07 23:38 - 00251392 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2016-03-07 23:38 - 2016-03-07 23:38 - 00224256 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-03-07 23:38 - 2016-03-07 23:38 - 00209920 _____ C:\WINDOWS\system32\GameManager64.dll
2016-03-07 23:38 - 2016-03-07 23:38 - 00204800 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-03-07 23:38 - 2016-03-07 23:38 - 00189952 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-03-07 23:38 - 2016-03-07 23:38 - 00162304 _____ C:\WINDOWS\system32\atieah64.exe
2016-03-07 23:38 - 2016-03-07 23:38 - 00145408 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-03-07 23:38 - 2016-03-07 23:38 - 00078336 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-03-07 23:37 - 2016-03-07 23:37 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2016-03-07 23:37 - 2016-03-07 23:37 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 01276416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00944640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00944640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00157696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00142336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00075776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2016-03-07 23:32 - 2016-03-07 23:32 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2016-03-07 23:30 - 2016-03-07 23:30 - 00195072 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-03-07 23:30 - 2016-03-07 23:30 - 00174592 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-03-07 16:18 - 2016-03-07 16:18 - 00000423 _____ C:\Users\Pascal Weger\Downloads\admhelper
2016-03-07 16:15 - 2016-03-07 17:46 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\Audible
2016-03-07 16:15 - 2016-03-07 16:15 - 00255352 _____ (Audible, Inc.) C:\WINDOWS\SysWOW64\awrdscdc.ax
2016-03-07 16:14 - 2016-03-07 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager
2016-03-07 16:14 - 2016-03-07 16:14 - 00000000 ____D C:\Users\Pascal Weger\Documents\Audible
2016-03-07 16:14 - 2003-03-18 21:20 - 01060864 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2016-03-07 16:14 - 2003-03-18 20:14 - 00499712 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2016-03-07 16:14 - 2003-02-21 04:42 - 00348160 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2016-03-07 16:14 - 2001-08-17 22:43 - 00024576 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2016-03-07 16:11 - 2016-03-07 16:12 - 01730272 _____ (Audible Inc.) C:\Users\Pascal Weger\Downloads\ActiveSetupN.exe
2016-03-07 16:11 - 2016-03-07 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freedome
2016-03-07 01:34 - 2016-03-18 20:16 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-07 01:25 - 2016-03-07 01:25 - 35816720 _____ (Panda Security ) C:\Users\Pascal Weger\Downloads\PandaCloudCleaner.exe
2016-03-04 03:48 - 2016-03-04 03:48 - 00000898 _____ C:\Users\Public\Desktop\Unravel™.lnk
2016-03-04 03:05 - 2016-03-17 21:14 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\Spotify
2016-03-04 03:05 - 2016-03-17 21:08 - 00000000 ____D C:\Users\Pascal Weger\AppData\Roaming\Spotify
2016-03-04 03:05 - 2016-03-04 03:05 - 00236248 _____ (Spotify Ltd) C:\Users\Pascal Weger\Downloads\SpotifySetup.exe
2016-03-04 03:05 - 2016-03-04 03:05 - 00001885 _____ C:\Users\Pascal Weger\Desktop\Spotify.lnk
2016-03-04 03:05 - 2016-03-04 03:05 - 00001871 _____ C:\Users\Pascal Weger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-03-03 23:59 - 2016-03-04 14:50 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\Origin
2016-03-03 23:59 - 2016-03-04 02:25 - 00000000 ____D C:\Users\Pascal Weger\AppData\Roaming\Origin
2016-03-03 23:58 - 2016-03-04 23:57 - 00000000 ____D C:\ProgramData\Origin
2016-03-03 23:58 - 2016-03-03 23:58 - 00000567 _____ C:\Users\Public\Desktop\Origin.lnk
2016-03-03 23:58 - 2016-03-03 23:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-03-03 23:58 - 2016-03-03 23:58 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-03-03 23:56 - 2016-03-03 23:57 - 31334856 _____ (Electronic Arts, Inc.) C:\Users\Pascal Weger\Downloads\OriginThinSetup.exe
2016-03-02 13:52 - 2016-03-02 13:52 - 00006504 _____ C:\Users\Pascal Weger\AppData\Local\recently-used.xbel
2016-03-02 02:21 - 2016-03-02 02:21 - 00000000 ____D C:\Users\Pascal Weger\AppData\Roaming\OpenOffice
2016-03-01 20:31 - 2016-02-23 12:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-01 20:31 - 2016-02-23 12:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-01 20:31 - 2016-02-23 12:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-01 20:31 - 2016-02-23 12:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-01 20:31 - 2016-02-23 12:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-01 20:31 - 2016-02-23 12:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-01 20:31 - 2016-02-23 12:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-01 20:31 - 2016-02-23 12:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-01 20:31 - 2016-02-23 12:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-01 20:31 - 2016-02-23 12:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-01 20:31 - 2016-02-23 11:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-01 20:31 - 2016-02-23 11:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-01 20:31 - 2016-02-23 11:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-01 20:31 - 2016-02-23 11:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-01 20:31 - 2016-02-23 11:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-01 20:31 - 2016-02-23 11:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-01 20:31 - 2016-02-23 11:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-01 20:31 - 2016-02-23 11:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-01 20:31 - 2016-02-23 11:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-01 20:31 - 2016-02-23 11:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-01 20:31 - 2016-02-23 11:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-01 20:31 - 2016-02-23 11:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-01 20:31 - 2016-02-23 11:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-01 20:31 - 2016-02-23 11:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-01 20:31 - 2016-02-23 11:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-01 20:31 - 2016-02-23 11:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-01 20:31 - 2016-02-23 11:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-01 20:31 - 2016-02-23 11:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-01 20:31 - 2016-02-23 11:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-01 20:31 - 2016-02-23 10:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-01 20:31 - 2016-02-23 10:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-01 20:31 - 2016-02-23 10:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-01 20:31 - 2016-02-23 10:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-01 20:31 - 2016-02-23 10:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-01 20:31 - 2016-02-23 10:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-01 20:31 - 2016-02-23 10:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-01 20:31 - 2016-02-23 10:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-01 20:31 - 2016-02-23 10:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-01 20:31 - 2016-02-23 10:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-01 20:31 - 2016-02-23 10:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-01 20:31 - 2016-02-23 10:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-01 20:31 - 2016-02-23 10:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-01 20:31 - 2016-02-23 10:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-01 20:31 - 2016-02-23 10:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-01 20:31 - 2016-02-23 10:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-01 20:31 - 2016-02-23 10:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-01 20:31 - 2016-02-23 10:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-01 20:31 - 2016-02-23 10:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-01 20:31 - 2016-02-23 10:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-01 20:31 - 2016-02-23 10:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-01 20:31 - 2016-02-23 10:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-01 20:31 - 2016-02-23 10:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-01 20:31 - 2016-02-23 10:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-01 20:31 - 2016-02-23 10:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-01 20:31 - 2016-02-23 10:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-01 20:31 - 2016-02-23 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-01 20:31 - 2016-02-23 10:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-01 20:31 - 2016-02-23 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-01 20:31 - 2016-02-23 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-01 20:31 - 2016-02-23 09:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-01 20:31 - 2016-02-23 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-01 20:31 - 2016-02-23 09:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-01 20:31 - 2016-02-23 09:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-01 20:31 - 2016-02-23 09:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-01 20:31 - 2016-02-23 09:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-01 20:31 - 2016-02-23 09:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-01 20:31 - 2016-02-23 09:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-01 20:31 - 2016-02-23 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-01 20:31 - 2016-02-23 09:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-01 20:31 - 2016-02-23 09:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-01 20:31 - 2016-02-23 09:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-01 20:31 - 2016-02-23 09:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-01 20:31 - 2016-02-23 09:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-01 20:31 - 2016-02-23 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-01 20:31 - 2016-02-23 09:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-01 20:31 - 2016-02-23 09:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-01 20:31 - 2016-02-23 09:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-01 20:31 - 2016-02-23 09:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-01 20:31 - 2016-02-23 09:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-01 20:31 - 2016-02-23 09:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-01 20:31 - 2016-02-23 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-01 20:31 - 2016-02-23 09:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-01 20:31 - 2016-02-23 09:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-01 20:31 - 2016-02-23 09:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-01 20:31 - 2016-02-23 09:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-01 20:31 - 2016-02-23 09:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-01 20:31 - 2016-02-23 09:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-01 20:31 - 2016-02-23 09:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-01 20:31 - 2016-02-23 09:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-01 20:31 - 2016-02-23 09:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-01 20:31 - 2016-02-23 09:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-01 20:31 - 2016-02-23 09:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-01 20:31 - 2016-02-23 09:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-01 20:31 - 2016-02-23 09:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-01 20:31 - 2016-02-23 09:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-01 20:31 - 2016-02-23 09:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-01 20:31 - 2016-02-23 09:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-01 20:31 - 2016-02-23 09:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-01 20:31 - 2016-02-23 09:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-01 20:31 - 2016-02-23 09:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-01 20:31 - 2016-02-23 09:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-01 20:31 - 2016-02-23 09:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-01 20:31 - 2016-02-23 09:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-01 20:31 - 2016-02-23 09:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-01 20:31 - 2016-02-23 09:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-01 20:31 - 2016-02-23 09:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-01 20:31 - 2016-02-23 09:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-01 20:31 - 2016-02-23 09:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-01 20:31 - 2016-02-23 09:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-01 20:31 - 2016-02-23 09:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-01 20:31 - 2016-02-23 09:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-01 20:31 - 2016-02-23 09:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-01 20:31 - 2016-02-23 09:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-01 20:31 - 2016-02-23 09:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-01 20:31 - 2016-02-23 09:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-01 20:31 - 2016-02-23 08:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-01 20:31 - 2016-02-23 08:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-01 20:31 - 2016-02-23 08:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-01 20:31 - 2016-02-23 08:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-01 20:31 - 2016-02-23 08:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-01 20:31 - 2016-02-23 08:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-01 20:31 - 2016-02-23 08:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-01 20:31 - 2016-02-23 08:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-01 20:31 - 2016-02-23 08:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-01 20:31 - 2016-02-23 08:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-01 20:31 - 2016-02-23 08:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-01 20:31 - 2016-02-23 08:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-01 20:31 - 2016-02-23 08:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-01 20:31 - 2016-02-23 08:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-01 20:31 - 2016-02-23 08:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-01 20:31 - 2016-02-23 08:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-01 20:31 - 2016-02-23 08:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-01 20:31 - 2016-02-23 08:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-01 20:31 - 2016-02-23 08:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-01 20:31 - 2016-02-23 08:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-01 20:31 - 2016-02-23 08:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-01 20:31 - 2016-02-23 08:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-01 20:31 - 2016-02-23 08:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-01 20:31 - 2016-02-23 08:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-01 20:31 - 2016-02-23 08:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-01 20:31 - 2016-02-23 08:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-01 20:31 - 2016-02-23 08:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-01 20:31 - 2016-02-23 08:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-01 20:31 - 2016-02-23 08:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-01 20:31 - 2016-02-23 08:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-01 20:31 - 2016-02-23 08:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-01 20:31 - 2016-02-23 08:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-01 20:31 - 2016-02-23 08:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-01 20:31 - 2016-02-23 08:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-01 20:31 - 2016-02-23 08:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-01 20:31 - 2016-02-23 08:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-01 20:31 - 2016-02-23 07:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-01 20:31 - 2016-02-23 07:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-01 20:31 - 2016-02-23 07:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-01 20:31 - 2016-02-23 07:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-01 20:31 - 2016-02-23 07:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-01 20:31 - 2016-02-23 07:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-01 20:31 - 2016-02-23 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-01 20:31 - 2016-02-23 07:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-01 20:31 - 2016-02-23 07:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-01 20:31 - 2016-02-23 07:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-01 20:31 - 2016-02-23 07:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-01 20:31 - 2016-02-23 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-01 20:31 - 2016-02-23 07:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-01 20:31 - 2016-02-23 07:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-01 20:31 - 2016-02-23 07:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-01 20:31 - 2016-02-23 07:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-01 20:31 - 2016-02-23 07:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-01 20:31 - 2016-02-23 07:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-01 20:31 - 2016-02-23 07:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-01 20:31 - 2016-02-23 07:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-01 20:31 - 2016-02-09 05:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-01 20:31 - 2016-02-09 05:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-01 20:31 - 2016-02-09 04:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-01 20:31 - 2016-02-09 04:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-01 20:31 - 2016-02-09 04:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-01 20:31 - 2016-02-09 04:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-01 20:31 - 2016-02-09 04:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-01 20:31 - 2016-02-09 04:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-01 15:03 - 2016-03-01 15:03 - 11258944 _____ C:\Users\Pascal Weger\Downloads\FCPRI_Wallpaper.zip
2016-03-01 14:57 - 2016-03-01 14:57 - 00000000 ____D C:\ProgramData\dbdata
2016-02-28 01:23 - 2016-02-28 01:23 - 00000000 ____D C:\Users\Pascal Weger\AppData\LocalLow\E_Line Media
2016-02-28 01:23 - 2016-02-28 01:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters
2016-02-28 01:23 - 2016-02-28 01:23 - 00000000 ____D C:\Program Files (x86)\LAV Filters
2016-02-27 15:33 - 2016-02-27 15:33 - 00000216 _____ C:\Users\Pascal Weger\Desktop\Far Cry Primal.url
2016-02-26 22:00 - 2016-03-08 00:29 - 08585696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2016-02-26 22:00 - 2016-03-08 00:29 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2016-02-26 22:00 - 2016-02-26 22:00 - 08089248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET6CDD.tmp
2016-02-26 22:00 - 2016-02-26 22:00 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET79B6.tmp
2016-02-26 21:59 - 2016-03-08 00:29 - 07392480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2016-02-26 21:59 - 2016-02-26 21:59 - 09176928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET6C5E.tmp
2016-02-26 21:04 - 2016-03-07 23:38 - 00186368 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-02-26 21:04 - 2016-02-26 21:04 - 00186368 _____ C:\WINDOWS\SysWOW64\SET7256.tmp
2016-02-26 16:34 - 2016-03-02 13:53 - 00000000 ____D C:\Users\Pascal Weger\.gimp-2.8
2016-02-26 16:33 - 2016-02-26 16:33 - 00000939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-02-26 16:33 - 2016-02-26 16:33 - 00000927 _____ C:\Users\Public\Desktop\GIMP 2.lnk
2016-02-26 16:33 - 2016-02-26 16:33 - 00000000 ____D C:\Program Files\GIMP 2
2016-02-26 16:30 - 2016-02-26 16:30 - 00050024 _____ C:\Users\Pascal Weger\Downloads\resynthesizer-0.16-win64.zip
2016-02-26 16:30 - 2016-02-26 16:30 - 00004157 _____ C:\Users\Pascal Weger\Downloads\smart-remove(1).scm
2016-02-26 16:27 - 2016-02-26 16:32 - 96823808 _____ (The GIMP Team ) C:\Users\Pascal Weger\Downloads\gimp-2.8.16-setup-1.exe
2016-02-26 16:13 - 2016-02-26 16:13 - 00004157 _____ C:\Users\Pascal Weger\Downloads\smart-remove.scm
2016-02-26 16:07 - 2016-02-26 16:07 - 00043192 _____ C:\Users\Pascal Weger\Downloads\Resynthesizer_v1.0-i686(1).zip
2016-02-25 17:32 - 2016-02-25 17:34 - 329430592 _____ (AMD Inc.) C:\Users\Pascal Weger\Downloads\non-whql-64bit-radeon-software-crimson-16.2-win10-win8.1-win7-feb23.exe
2016-02-25 17:29 - 2016-02-25 17:29 - 04952336 _____ (Advanced Micro Devices, Inc.) C:\Users\Pascal Weger\Downloads\autodetectutility.exe
2016-02-23 20:13 - 2016-02-23 20:13 - 13163744 _____ (Microsoft Corporation) C:\Users\Pascal Weger\Downloads\Silverlight_x64.exe
2016-02-23 20:13 - 2016-02-23 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-23 20:13 - 2016-02-23 20:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-23 20:13 - 2016-02-23 20:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-23 16:54 - 2016-02-23 16:54 - 00023240 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmafd.sys
2016-02-23 16:17 - 2016-02-23 16:17 - 00103424 _____ (Advanced Micro Devices) C:\WINDOWS\system32\DelayAPO.dll
2016-02-23 01:54 - 2016-02-23 01:54 - 00000214 _____ C:\Users\Pascal Weger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anno 2070.url
2016-02-23 01:47 - 2016-03-01 15:18 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\Ubisoft Game Launcher
2016-02-23 01:47 - 2016-02-23 01:47 - 00000773 _____ C:\Users\Pascal Weger\Desktop\Uplay.lnk
2016-02-23 01:47 - 2016-02-23 01:47 - 00000000 ____D C:\Users\Pascal Weger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-02-23 01:46 - 2016-02-23 01:46 - 65201568 _____ (Ubisoft) C:\Users\Pascal Weger\Downloads\UplayInstaller.exe
2016-02-19 15:28 - 2016-02-19 15:29 - 78876410 _____ C:\Users\Pascal Weger\Downloads\RimWorldAlpha12dWin.zip
2016-02-18 02:06 - 2016-03-10 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-18 21:30 - 2016-01-04 19:45 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\Battle.net
2016-03-18 21:07 - 2016-01-04 20:36 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-18 21:05 - 2016-01-05 01:08 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-18 20:17 - 2016-01-04 15:26 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\VirtualStore
2016-03-18 16:57 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-18 16:00 - 2016-01-04 19:44 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-03-18 16:00 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-18 15:59 - 2016-01-20 17:02 - 00004186 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{12938A39-7D46-4B23-850C-FF77D0E5E002}
2016-03-17 14:36 - 2016-01-05 16:47 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\Deployment
2016-03-17 02:06 - 2016-01-04 15:13 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-17 02:06 - 2015-10-30 19:35 - 00775524 _____ C:\WINDOWS\system32\perfh007.dat
2016-03-17 02:06 - 2015-10-30 19:35 - 00155338 _____ C:\WINDOWS\system32\perfc007.dat
2016-03-17 02:06 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-17 02:00 - 2016-01-04 20:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-17 01:59 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-03-17 01:45 - 2016-01-18 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2016-03-12 15:02 - 2016-01-04 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-03-12 14:59 - 2016-01-04 20:18 - 00000000 ____D C:\Program Files\AMD
2016-03-12 14:57 - 2016-01-04 15:18 - 00000000 ____D C:\AMD
2016-03-11 03:22 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-10 23:02 - 2016-01-04 15:48 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-03-10 14:58 - 2016-01-04 16:12 - 00000000 ____D C:\Program Files (x86)\Panda Security
2016-03-09 15:23 - 2016-01-04 20:17 - 00269360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-09 15:22 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-09 15:22 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-09 15:22 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-09 15:22 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-09 15:20 - 2016-01-04 19:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-09 15:18 - 2016-01-04 19:47 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-09 03:44 - 2016-01-10 17:54 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-03-09 03:44 - 2016-01-04 15:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-09 03:43 - 2016-01-05 22:48 - 00001160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2016-03-09 03:43 - 2016-01-05 22:48 - 00000000 ____D C:\Program Files\paint.net
2016-03-09 03:40 - 2016-01-04 19:16 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\AMD
2016-03-08 08:12 - 2015-10-30 08:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:12 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-08 00:29 - 2015-12-16 20:45 - 09526616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2016-03-08 00:29 - 2015-12-16 20:45 - 00152568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2016-03-08 00:29 - 2015-12-16 20:45 - 00133528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2016-03-08 00:29 - 2015-12-16 20:44 - 11623736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2016-03-08 00:29 - 2015-12-16 20:44 - 09581736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2016-03-08 00:29 - 2015-12-16 20:44 - 01514776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-03-08 00:29 - 2015-12-16 20:44 - 01243368 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-03-08 00:23 - 2015-12-16 20:31 - 26342400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2016-03-07 23:32 - 2015-12-16 20:31 - 00676352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2016-03-04 03:48 - 2016-01-04 15:19 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-04 02:46 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-03-02 13:53 - 2016-01-04 20:18 - 00000000 ____D C:\Users\Pascal Weger
2016-03-02 13:53 - 2016-01-04 15:28 - 00002408 _____ C:\Users\Pascal Weger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-02 13:53 - 2016-01-04 15:28 - 00000000 ___RD C:\Users\Pascal Weger\OneDrive
2016-03-02 13:52 - 2016-02-08 01:27 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\gtk-2.0
2016-03-02 02:17 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-02 02:17 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-02 02:17 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-02 02:17 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-02 02:17 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-02 02:17 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-02 02:17 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-02 02:17 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-02 02:17 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-01 14:58 - 2016-01-04 19:35 - 00000000 ____D C:\Users\Pascal Weger\Documents\my games
2016-02-26 22:00 - 2015-12-16 20:45 - 00152056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET72CE.tmp
2016-02-26 22:00 - 2015-12-16 20:45 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET79C8.tmp
2016-02-26 22:00 - 2015-12-16 20:44 - 13408208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET6BB0.tmp
2016-02-26 22:00 - 2015-12-16 20:44 - 11108696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET6F28.tmp
2016-02-26 22:00 - 2015-12-16 20:44 - 01506000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET7301.tmp
2016-02-26 22:00 - 2015-12-16 20:44 - 01237200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET73A1.tmp
2016-02-26 21:59 - 2015-12-16 20:45 - 09017808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET648D.tmp
2016-02-26 21:53 - 2015-12-16 20:31 - 23981568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\SET636F.tmp
2016-02-26 21:11 - 2015-12-16 20:41 - 00865280 _____ (AMD) C:\WINDOWS\system32\coinst_15.30.dll
2016-02-26 20:58 - 2015-12-16 20:31 - 00674816 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\SET72AC.tmp
2016-02-24 00:06 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-02-23 16:18 - 2015-09-18 01:38 - 00102400 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdWT6.sys
2016-02-17 21:59 - 2016-01-04 19:45 - 00000000 ____D C:\Users\Pascal Weger\AppData\Roaming\Battle.net
2016-02-17 21:59 - 2016-01-04 19:43 - 00000000 ____D C:\ProgramData\Battle.net

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-01-06 04:10 - 2016-01-10 23:07 - 0104257 _____ () C:\Users\Pascal Weger\AppData\Local\ars.cache
2016-01-06 04:10 - 2016-01-10 23:07 - 0339196 _____ () C:\Users\Pascal Weger\AppData\Local\census.cache
2016-01-06 03:59 - 2016-01-06 03:59 - 0000036 _____ () C:\Users\Pascal Weger\AppData\Local\housecall.guid.cache
2016-03-02 13:52 - 2016-03-02 13:52 - 0006504 _____ () C:\Users\Pascal Weger\AppData\Local\recently-used.xbel

Einige Dateien in TEMP:
====================
C:\Users\Pascal Weger\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Pascal Weger\AppData\Local\Temp\Nexus Mod Manager-0.61.9.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-03-12 21:08

==================== Ende von FRST.txt ============================

NBX · 18.03.2016, 21:49

Addition.txt

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Pascal Weger (2016-03-18 21:37:32)
Gestartet von C:\Users\Pascal Weger\Downloads
Windows 10 Pro Version 1511 (X64) (2016-01-04 19:21:45)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3473851266-2326088663-4233973066-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3473851266-2326088663-4233973066-503 - Limited - Disabled)
Gast (S-1-5-21-3473851266-2326088663-4233973066-501 - Limited - Disabled)
Pascal Weger (S-1-5-21-3473851266-2326088663-4233973066-1002 - Administrator - Enabled) => C:\Users\Pascal Weger

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Panda Antivirus Pro 2016 (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Antivirus Pro 2016 (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Enabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Anno 2070 (HKLM-x32\...\Uplay Install 22) (Version:  - Ubisoft)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 508.38282512.38273632.38282520 - Audible, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
Catalyst Control Center Next Localization BR (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Curse Client (HKU\S-1-5-21-3473851266-2326088663-4233973066-1002\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Far Cry Primal (HKLM-x32\...\Uplay Install 2010) (Version:  - Ubisoft)
Freedome (HKLM-x32\...\F-Secure Freedome) (Version: 1.3.2906.0 - F-Secure Corporation)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
LAV Filters 0.62.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.62.0 - Hendrik Leppkes)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO® Star Wars™: The Complete Saga (HKLM-x32\...\Steam App 32440) (Version:  - Traveller's Tales)
Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 45.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0 (x86 de)) (Version: 45.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.0.5906 - Mozilla)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
Never Alone (Kisima Ingitchuna) (HKLM-x32\...\Steam App 295790) (Version:  - Upper One Games)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.9 - Black Tree Gaming)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Oceanhorn: Monster of Uncharted Seas (HKLM-x32\...\Steam App 339200) (Version:  - Cornfox &amp; Bros.)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 9.11.6.18139 - Electronic Arts, Inc.)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
Panda Antivirus Pro 2016 (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.1.0 - Panda Security)
Panda Antivirus Pro 2016 (Version: 8.20.00.0000 - Panda Security) Hidden
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.7 - Panda Security)
Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
Password Depot 8 - Panda Secure Vault Edition (HKLM-x32\...\{56EC7B3B-D127-48FC-8EC1-FE93FEA64828}_is1) (Version: 8.1.8 - AceBIT GmbH)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.316.1 - Tracker Software Products Ltd)
Simulationcraft(x64) version 6.2.3.01 (HKLM-x32\...\{AC025546-B7C5-45A7-B16A-80AE482CBB01}_is1) (Version: 6.2.3.01 - Simulationcraft)
Spotify (HKU\S-1-5-21-3473851266-2326088663-4233973066-1002\...\Spotify) (Version: 1.0.24.104.g92a22684 - Spotify AB)
Stardew Valley (HKLM-x32\...\Steam App 413150) (Version:  - ConcernedApe)
Subnautica (HKLM\...\Steam App 264710) (Version:  - Unknown Worlds Entertainment)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1210 - SUPERAntiSpyware.com)
The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version:  - Telltale Games)
Trine 3: The Artifacts of Power (HKLM-x32\...\Steam App 319910) (Version:  - Frozenbyte)
Unravel™ (HKLM-x32\...\{5105E605-9EE7-4050-9CC0-005093BBF89A}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 17.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3473851266-2326088663-4233973066-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Pascal Weger\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {3A6081B1-39C8-40C3-8905-414562F61652} - System32\Tasks\TrackerAutoUpdate => E:\Programme\Tracker Software\Update\TrackerUpdate.exe [2016-01-18] (Tracker Software Products (Canada) Ltd.) <==== ACHTUNG
Task: {74167066-5E8D-48D3-875C-4AC4E75881E9} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-10] (Adobe Systems Incorporated)
Task: {9042417F-374F-48F7-9C55-DA605A7DE981} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
Task: {C03F9C99-CEAD-4D8D-9837-136C3B8FB176} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-07] (Advanced Micro Devices, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => E:\Programme\Tracker Software\Update\TrackerUpdate.exe <==== ACHTUNG

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-01 20:31 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-01 20:31 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-04 20:15 - 2016-01-04 20:15 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-01 20:31 - 2016-02-23 09:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-12 23:18 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-12 23:18 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-27 21:37 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-27 21:37 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-22 17:12 - 2016-01-22 17:13 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-11-20 22:41 - 2015-11-20 22:41 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-11-20 22:41 - 2015-11-20 22:41 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2014-02-28 10:14 - 2015-10-23 17:43 - 00175080 _____ () E:\Programme\Teamspeak 3\quazip.dll
2014-08-04 14:43 - 2015-10-23 17:43 - 00103400 _____ () E:\Programme\Teamspeak 3\soundbackends\directsound_win64.dll
2014-08-04 14:43 - 2015-10-23 17:43 - 00108008 _____ () E:\Programme\Teamspeak 3\soundbackends\windowsaudiosession_win64.dll
2014-08-04 14:46 - 2015-10-23 17:43 - 00312296 _____ () E:\Programme\Teamspeak 3\plugins\clientquery_plugin.dll
2014-08-04 14:46 - 2015-10-23 17:43 - 00483816 _____ () E:\Programme\Teamspeak 3\plugins\teamspeak_control_plugin.dll
2014-06-05 14:48 - 2015-09-24 15:57 - 00317440 _____ () E:\Programme\Teamspeak 3\ssleay32.dll
2014-06-05 14:48 - 2015-09-24 15:57 - 01709056 _____ () E:\Programme\Teamspeak 3\LIBEAY32.dll
2016-03-04 20:02 - 2016-03-04 20:02 - 00016384 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-03-04 20:02 - 2016-03-04 20:02 - 16062976 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-03-04 20:02 - 2016-03-04 20:02 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-01-21 15:18 - 2016-01-21 15:19 - 03746816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
2016-01-04 15:59 - 2016-01-04 16:00 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-12-15 18:17 - 2015-12-15 18:17 - 00618544 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2016-01-22 17:12 - 2016-01-22 17:13 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 17:12 - 2016-01-22 17:13 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-03-07 16:11 - 2016-03-07 16:11 - 00698840 _____ () C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-03-07 16:11 - 2016-03-07 16:11 - 00034776 _____ () C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\QtWebKit\qmlwebkitplugin.dll
2016-03-07 16:11 - 2016-03-07 16:11 - 00019416 _____ () C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\libEGL.dll
2016-03-07 16:11 - 2016-03-07 16:11 - 01610712 _____ () C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\libGLESv2.dll
2016-03-08 16:33 - 2016-03-08 16:33 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6890\libcef.dll
2016-03-08 16:33 - 2016-03-08 16:33 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6890\libGLESv2.dll
2016-03-08 16:33 - 2016-03-08 16:33 - 00293040 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6890\ortp.dll
2016-03-08 16:33 - 2016-03-08 16:33 - 00909312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6890\platforms\qwindows.dll
2016-03-08 16:33 - 2016-03-08 16:33 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6890\libEGL.dll
2016-03-08 16:33 - 2016-03-08 16:33 - 00020992 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6890\imageformats\qgif.dll
2016-03-08 16:33 - 2016-03-08 16:33 - 00021504 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6890\imageformats\qico.dll
2016-03-08 16:33 - 2016-03-08 16:33 - 00205312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6890\imageformats\qjpeg.dll
2016-03-08 16:33 - 2016-03-08 16:33 - 00225792 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6890\imageformats\qmng.dll
2016-03-08 16:33 - 2016-03-08 16:33 - 00015872 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6890\imageformats\qsvg.dll
2016-03-08 16:33 - 2016-03-08 16:33 - 00312832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6890\imageformats\qtiff.dll
2016-03-08 16:33 - 2016-03-08 16:33 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6890\qml\QtQuick.2\qtquick2plugin.dll
2016-03-08 16:33 - 2016-03-08 16:33 - 00054272 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6890\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-03-08 16:33 - 2016-03-08 16:33 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.6890\qml\QtQml\Models.2\modelsplugin.dll
2016-03-09 15:20 - 2016-02-10 02:17 - 00782336 _____ () E:\Steam\SDL2.dll
2016-02-03 15:40 - 2015-07-03 17:12 - 04962816 _____ () E:\Steam\v8.dll
2016-03-11 13:08 - 2016-03-10 20:02 - 02547792 _____ () E:\Steam\video.dll
2016-02-03 15:40 - 2015-07-03 17:12 - 01556992 _____ () E:\Steam\icui18n.dll
2016-02-03 15:40 - 2015-07-03 17:12 - 01187840 _____ () E:\Steam\icuuc.dll
2016-03-09 15:20 - 2016-02-09 00:14 - 02549760 _____ () E:\Steam\libavcodec-56.dll
2016-03-09 15:20 - 2016-02-09 00:14 - 00491008 _____ () E:\Steam\libavformat-56.dll
2016-03-09 15:20 - 2016-02-09 00:14 - 00332800 _____ () E:\Steam\libavresample-2.dll
2016-03-09 15:20 - 2016-02-09 00:14 - 00442880 _____ () E:\Steam\libavutil-54.dll
2016-03-09 15:20 - 2016-02-09 00:14 - 00485888 _____ () E:\Steam\libswscale-3.dll
2016-03-11 13:08 - 2016-03-10 20:02 - 00802896 _____ () E:\Steam\bin\chromehtml.DLL
2016-03-09 15:20 - 2016-02-17 23:25 - 00281088 _____ () E:\Steam\openvr_api.dll
2016-03-09 15:20 - 2016-02-09 02:33 - 48400672 _____ () E:\Steam\bin\libcef.dll
2016-02-03 15:40 - 2015-09-25 00:56 - 00119208 _____ () E:\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 12:04 - 2015-07-10 12:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3473851266-2326088663-4233973066-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Pascal Weger\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1D23DCA4-210F-4343-8E7D-514B5BB81841}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{0A45F6D0-854C-48AF-8C8A-8A90A96CA6B3}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{730F2314-6D87-4BC1-A9D0-3EA983754EF3}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{05AE7C6D-23F8-4BA3-A113-434122EEF12D}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [UDP Query User{06BA525F-0B3A-4737-AFDB-C186E01CDC1B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{BE5EB719-53FE-4E41-BF9A-31DA627395CE}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{7D2F0842-8C5B-45F8-940F-F41E4A0E0541}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{95CABAB1-1F77-461E-B559-70812101C1C7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E836C842-4C3C-4AED-9B75-49E38E896C27}] => (Allow) E:\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{8F1ACB0C-55BA-42D0-A68A-18992BCEE672}] => (Allow) E:\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{A9EFF17D-652E-4710-BCC6-4C7731FE9578}] => (Allow) E:\Steam\steamapps\common\Final Dusk\Final Dusk.exe
FirewallRules: [{CBECCBF3-AEDB-4F36-A0AC-D9782D38AC71}] => (Allow) E:\Steam\steamapps\common\Final Dusk\Final Dusk.exe
FirewallRules: [{259CF16A-823A-4735-8D3A-24F4C4786B1E}] => (Allow) E:\Steam\steamapps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{81D70C42-7245-412F-B954-F7B03BD43E0A}] => (Allow) E:\Steam\steamapps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{7B470F4A-6214-4BF2-B08A-C2AAD0C79A88}] => (Allow) E:\Steam\steamapps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [{C8F54226-1F17-4966-A6B2-DF17CE58E3A4}] => (Allow) E:\Steam\steamapps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [{4CE61C46-EBB6-42DD-8179-C26BE2F8F919}] => (Allow) E:\Steam\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{C442BA4F-15FA-49AA-9AE7-663945C2836A}] => (Allow) E:\Steam\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{104DA83C-95C0-4F33-8F98-DAE9147D4A32}] => (Allow) E:\Steam\steamapps\common\Turmoil\Turmoil_PC_Full.exe
FirewallRules: [{F013BEFD-C954-419E-8271-4347C85A0EF5}] => (Allow) E:\Steam\steamapps\common\Turmoil\Turmoil_PC_Full.exe
FirewallRules: [{97A02347-11A1-457E-9D5A-AC1384D1D432}] => (Allow) E:\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe
FirewallRules: [{5D1C1E92-CE46-484A-AEBB-E93C8651925F}] => (Allow) E:\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe
FirewallRules: [{20E72504-A15A-48A5-B46C-AD899140D5BA}] => (Allow) E:\Steam\steamapps\common\One Way Heroics\Game.exe
FirewallRules: [{AAD7FA62-49BF-4B47-B8CD-280C0667E551}] => (Allow) E:\Steam\steamapps\common\One Way Heroics\Game.exe
FirewallRules: [{D3008802-0B10-4BCD-9455-6018ED768756}] => (Allow) E:\Steam\steamapps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{0A42DAF8-3119-4797-940D-EA13EEC24714}] => (Allow) E:\Steam\steamapps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{1451FF4A-439F-4F9E-B946-359EDF8AC093}] => (Allow) E:\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{B22F224D-2C4B-45B1-B263-B777FD12FBF7}] => (Allow) E:\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{9ADB5C0F-7FA4-4970-A3F3-7FD0F243162A}] => (Allow) E:\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{2E9011ED-9BB0-4CE4-A7EB-23983E00DF4E}] => (Allow) E:\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{F59C655D-2A43-468D-A418-B601469178F0}] => (Allow) E:\Steam\steamapps\common\Mitsurugi Kamui Hikae\mitsurugi.exe
FirewallRules: [{F2DDC091-2C74-49BF-958C-445D784DE113}] => (Allow) E:\Steam\steamapps\common\Mitsurugi Kamui Hikae\mitsurugi.exe
FirewallRules: [{B8A6EDE6-9552-48F3-9788-33BCCB78468E}] => (Allow) E:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{2A6C7D4A-BCD6-4C7A-A4A6-42ABDD442ACE}] => (Allow) E:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{6B97D6E9-60F8-4E45-BFE3-A67AE35288D5}] => (Allow) E:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{28CB9F4C-1EA3-4B13-9D38-6C5648DF0348}] => (Allow) E:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{CEEA72ED-23D7-44A8-88A3-719056E16D49}] => (Allow) E:\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{B8A20CA5-2D6F-4E4C-AB7A-6DC45C0A0C1A}] => (Allow) E:\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{500A6B8C-08F6-4332-BAE7-01450B1AADA5}] => (Allow) E:\Steam\steamapps\common\The Silent Age\TheSilentAge.exe
FirewallRules: [{FD00DF9F-DE59-4E15-8CCD-829CAFF64941}] => (Allow) E:\Steam\steamapps\common\The Silent Age\TheSilentAge.exe
FirewallRules: [{5BA0593B-866B-4F11-AE6B-456EC652CD33}] => (Allow) E:\Steam\steamapps\common\vanguard-princess\vanpri.exe
FirewallRules: [{E4E91C77-E2BB-41C1-A0A5-32D87947FF0B}] => (Allow) E:\Steam\steamapps\common\vanguard-princess\vanpri.exe
FirewallRules: [{3415708E-8AE6-43FA-B208-C2CC2AE28373}] => (Allow) E:\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{B09FE2C5-506B-4F6A-BD87-4C6C72839883}] => (Allow) E:\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{0FF79D20-776D-47C3-A54E-8CEAEB43DD3F}] => (Allow) E:\Steam\steamapps\common\Dropsy\Dropsy.exe
FirewallRules: [{821F0FAB-24F8-4AA2-8922-D79F865DFEFF}] => (Allow) E:\Steam\steamapps\common\Dropsy\Dropsy.exe
FirewallRules: [{F96C09CC-7675-436D-A682-E9895857813E}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BEE673A0-575E-47CF-9D67-47DF0E4FD72D}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2F386593-D9C4-4DB1-9F48-D052D532E3D5}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{FCB551E2-0091-41B8-AAC9-66EB87F512BD}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{0759729A-BEC6-47A8-9DAD-AF7FD5CEC009}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{3E1BA211-D348-4F9D-951B-4007F6E8DBC1}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{9D96858C-370F-4A65-ACA4-0793E7CF5B51}] => (Allow) E:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{D86BCDAC-C767-428B-92F9-4EE8AA1E6AF3}] => (Allow) E:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{3B4EDD5F-A9A5-418C-B16D-25481A5218E1}] => (Allow) E:\Steam\steamapps\common\Trine 3\trine3_launcher.exe
FirewallRules: [{F4B5A4C8-0CB4-47D1-8B7A-92ED53F5DF28}] => (Allow) E:\Steam\steamapps\common\Trine 3\trine3_launcher.exe
FirewallRules: [{FF657DEB-64DC-465F-A40D-60D774214A54}] => (Allow) E:\Steam\steamapps\common\NeverAlone\Never_Alone.exe
FirewallRules: [{9444FBF4-3A54-4538-8D34-E8D716502FE6}] => (Allow) E:\Steam\steamapps\common\NeverAlone\Never_Alone.exe
FirewallRules: [{EEEBC949-BC19-4314-A5C0-9BFDA7525CB3}] => (Allow) E:\Steam\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{FB65DEC6-8842-4AB0-8318-74BE4FD94087}] => (Allow) E:\Steam\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{A4F03835-6036-4A99-9AAD-3976D70AAC55}] => (Allow) E:\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{C1840FFF-AD02-452E-9167-7C1442D19CC4}] => (Allow) E:\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{65213DD5-6A46-4890-AC6C-8C565A490173}] => (Allow) E:\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{54F971E0-0D6D-4932-8194-EACF6E86301A}] => (Allow) E:\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{083B5F5F-1493-465B-9701-6E35F4272FA7}] => (Allow) E:\Programme\Ubisoft Game Launcher\games\Far Cry Primal\bin\FCPrimal.exe
FirewallRules: [{625257C8-9BBF-4961-BC62-1603CFBDC22A}] => (Allow) E:\Steam\steamapps\common\Party Hard\PartyHardGame.exe
FirewallRules: [{640CD889-F506-4BF6-986B-E12D16554FA0}] => (Allow) E:\Steam\steamapps\common\Party Hard\PartyHardGame.exe
FirewallRules: [{067BFAAF-ED2C-452F-9EBA-10092ADF7FFC}] => (Allow) E:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{FA8F636A-315C-4A88-BCFD-13F75F15DAC0}] => (Allow) E:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{5B7EC102-D29F-4EAE-B8FE-8EFE61420CFE}] => (Allow) E:\Steam\steamapps\common\Lego Star Wars Saga\LEGOStarWarsSaga.exe
FirewallRules: [{7921EC11-D795-44C1-AE0E-D191675145D8}] => (Allow) E:\Steam\steamapps\common\Lego Star Wars Saga\LEGOStarWarsSaga.exe
FirewallRules: [{6A9A6755-2795-461A-B59C-EA6DAD8D20C1}] => (Allow) E:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{3C5EF787-814E-4CEA-9C08-30306D402A99}] => (Allow) E:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{A945C110-76A8-49C8-AEB6-18C28A378A66}] => (Allow) E:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{469C0C70-EF4F-417A-A254-794A2D6FEF86}] => (Allow) E:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{61BE62EF-8ED1-476C-8CA4-9E382527031F}] => (Allow) E:\Steam\steamapps\common\Oceanhorn\Oceanhorn.exe
FirewallRules: [{E18EB7D8-9389-47B8-BB01-A3EF90A0A062}] => (Allow) E:\Steam\steamapps\common\Oceanhorn\Oceanhorn.exe
FirewallRules: [{D3514AB1-2AC9-4FCB-86F7-5CF7A136D868}] => (Allow) E:\Programme\Ubisoft Game Launcher\games\Anno 2070\Anno5.exe
FirewallRules: [{14270896-74BC-4F57-86A3-3A01CAD6BE19}] => (Allow) E:\Programme\Ubisoft Game Launcher\games\Anno 2070\Anno5.exe
FirewallRules: [{ED43D778-26A5-4D12-9D9D-D74F4C1CC2F7}] => (Allow) E:\Steam\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{2413CBEF-EC1F-4072-81DE-E4A8EB2F7E44}] => (Allow) E:\Steam\steamapps\common\Subnautica\Subnautica.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/18/2016 06:18:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (03/17/2016 03:46:49 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (03/17/2016 01:55:00 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: Der Sicherungsspeicherort ist ungültig. Ein in die Sicherung einbezogenes Volume kann nicht als Speicherort verwendet werden. (0x80780040).

Error: (03/17/2016 01:54:58 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/17/2016 01:54:55 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/17/2016 01:54:33 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/17/2016 01:54:29 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/17/2016 01:53:37 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/17/2016 01:53:38 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: Der Sicherungsspeicherort ist ungültig. Ein in die Sicherung einbezogenes Volume kann nicht als Speicherort verwendet werden. (0x80780040).

Error: (03/17/2016 01:53:34 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.


Systemfehler:
=============
Error: (03/18/2016 08:45:48 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "HOME",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{2FC182B6-9684-482A-803A-DCFCA6885BF6}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/18/2016 08:19:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/18/2016 08:19:08 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\PASCAL~1\AppData\Local\Temp\ehdrv.sys

Error: (03/18/2016 08:19:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/18/2016 08:19:07 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\PASCAL~1\AppData\Local\Temp\ehdrv.sys

Error: (03/18/2016 08:19:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/18/2016 08:19:07 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\PASCAL~1\AppData\Local\Temp\ehdrv.sys

Error: (03/18/2016 08:17:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/18/2016 08:17:27 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\PASCAL~1\AppData\Local\Temp\ehdrv.sys

Error: (03/18/2016 08:17:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275


CodeIntegrity:
===================================
  Date: 2016-03-13 03:25:28.394
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-12 17:02:59.181
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-11 03:23:21.785
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-09 15:23:23.076
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-02 02:17:48.080
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-10 17:17:45.855
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-10 16:51:42.370
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-10 16:47:10.002
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-28 03:19:24.617
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-21 02:11:40.952
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10240.16384_none_ae8b861a138d2840\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 8130.39 MB
Verfügbarer physikalischer RAM: 5083.11 MB
Summe virtueller Speicher: 9410.39 MB
Verfügbarer virtueller Speicher: 5951.98 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.35 GB) (Free:79.79 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive e: (Volume) (Fixed) (Total:931.39 GB) (Free:431.25 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 95A49282)
Partition 1: (Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

==================== Ende von Addition.txt ============================

TDSS-Killer

Code:

ATTFilter

21:38:57.0086 0x0518  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
21:39:01.0692 0x0518  ============================================================
21:39:01.0692 0x0518  Current date / time: 2016/03/18 21:39:01.0692
21:39:01.0692 0x0518  SystemInfo:
21:39:01.0692 0x0518  
21:39:01.0692 0x0518  OS Version: 10.0.10586 ServicePack: 0.0
21:39:01.0692 0x0518  Product type: Workstation
21:39:01.0692 0x0518  ComputerName: DESKTOP-MKUL2BH
21:39:01.0692 0x0518  UserName: Pascal Weger
21:39:01.0692 0x0518  Windows directory: C:\WINDOWS
21:39:01.0692 0x0518  System windows directory: C:\WINDOWS
21:39:01.0692 0x0518  Running under WOW64
21:39:01.0692 0x0518  Processor architecture: Intel x64
21:39:01.0692 0x0518  Number of processors: 4
21:39:01.0692 0x0518  Page size: 0x1000
21:39:01.0692 0x0518  Boot type: Normal boot
21:39:01.0692 0x0518  ============================================================
21:39:01.0769 0x0518  KLMD registered as C:\WINDOWS\system32\drivers\83005169.sys
21:39:01.0835 0x0518  System UUID: {1FE38F53-7EA2-3553-70D9-D0BB60754041}
21:39:02.0101 0x0518  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:39:02.0101 0x0518  Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:39:02.0103 0x0518  ============================================================
21:39:02.0103 0x0518  \Device\Harddisk0\DR0:
21:39:02.0104 0x0518  GPT partitions:
21:39:02.0128 0x0518  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D6FAF32D-16FF-488A-AF91-0A1930AD1A35}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x746C6000
21:39:02.0128 0x0518  MBR partitions:
21:39:02.0128 0x0518  \Device\Harddisk1\DR1:
21:39:02.0128 0x0518  MBR partitions:
21:39:02.0128 0x0518  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDEB2800
21:39:02.0128 0x0518  ============================================================
21:39:02.0128 0x0518  C: <-> \Device\Harddisk1\DR1\Partition1
21:39:02.0139 0x0518  E: <-> \Device\Harddisk0\DR0\Partition1
21:39:02.0139 0x0518  ============================================================
21:39:02.0139 0x0518  Initialize success
21:39:02.0139 0x0518  ============================================================
21:39:19.0222 0x1c7c  ============================================================
21:39:19.0222 0x1c7c  Scan started
21:39:19.0222 0x1c7c  Mode: Manual; SigCheck; TDLFS; 
21:39:19.0222 0x1c7c  ============================================================
21:39:19.0222 0x1c7c  KSN ping started
21:39:21.0634 0x1c7c  KSN ping finished: true
21:39:22.0428 0x1c7c  ================ Scan system memory ========================
21:39:22.0428 0x1c7c  System memory - ok
21:39:22.0428 0x1c7c  ================ Scan services =============================
21:39:22.0434 0x1c7c  [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
21:39:22.0453 0x1c7c  !SASCORE - ok
21:39:22.0479 0x1c7c  1394ohci - ok
21:39:22.0480 0x1c7c  3ware - ok
21:39:22.0482 0x1c7c  ACPI - ok
21:39:22.0484 0x1c7c  acpiex - ok
21:39:22.0486 0x1c7c  acpipagr - ok
21:39:22.0487 0x1c7c  AcpiPmi - ok
21:39:22.0488 0x1c7c  acpitime - ok
21:39:22.0505 0x1c7c  [ 99B993BD0F4C033D832B50D5E83BEBEC, A091635B2B428A51400468353F52D3FF35095460D3FA8CB29E2C4A804D87B845 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:39:22.0514 0x1c7c  AdobeFlashPlayerUpdateSvc - ok
21:39:22.0517 0x1c7c  ADP80XX - ok
21:39:22.0520 0x1c7c  AFD - ok
21:39:22.0521 0x1c7c  agp440 - ok
21:39:22.0523 0x1c7c  ahcache - ok
21:39:22.0525 0x1c7c  AJRouter - ok
21:39:22.0527 0x1c7c  ALG - ok
21:39:22.0532 0x1c7c  [ 13C2B6A6CCCB6F84087068BF50A0F733, 3522FE1A3706534D303E06E6D3AA5B44DDA9BCCED185A781F62821C63256238D ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
21:39:22.0550 0x1c7c  AMD External Events Utility - ok
21:39:22.0552 0x1c7c  AmdK8 - ok
21:39:22.0554 0x1c7c  [ D1B8BEAE7BE49789776FE0479D374134, EEB256E4EE7A5989F80F0F6CF484A4F8CC7D59C7F590F18477A13CF1ABCC65F5 ] amdkmafd        C:\WINDOWS\system32\drivers\amdkmafd.sys
21:39:22.0559 0x1c7c  amdkmafd - ok
21:39:22.0561 0x1c7c  amdkmdag - ok
21:39:22.0572 0x1c7c  [ B71FD96974061B61A20281BDB8A46D83, 433F4394D24E7027611CD4C8ED1AB1FDBED455DFC6EC64EC0E9E276CCC9B5570 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
21:39:22.0594 0x1c7c  amdkmdap - ok
21:39:22.0597 0x1c7c  AmdPPM - ok
21:39:22.0598 0x1c7c  amdsata - ok
21:39:22.0600 0x1c7c  amdsbs - ok
21:39:22.0602 0x1c7c  amdxata - ok
21:39:22.0604 0x1c7c  AppID - ok
21:39:22.0606 0x1c7c  AppIDSvc - ok
21:39:22.0607 0x1c7c  Appinfo - ok
21:39:22.0609 0x1c7c  AppMgmt - ok
21:39:22.0611 0x1c7c  AppReadiness - ok
21:39:22.0613 0x1c7c  AppXSvc - ok
21:39:22.0615 0x1c7c  arcsas - ok
21:39:22.0617 0x1c7c  AsyncMac - ok
21:39:22.0618 0x1c7c  atapi - ok
21:39:22.0623 0x1c7c  [ 829CEA6C5C2C1100734933D133D3589E, 2E2C2B26BB22A4058F2A5FB25E292C0743C80B61F9733CDA39EE20A88D370D2D ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
21:39:22.0631 0x1c7c  AtiHDAudioService - ok
21:39:22.0633 0x1c7c  AudioEndpointBuilder - ok
21:39:22.0635 0x1c7c  Audiosrv - ok
21:39:22.0636 0x1c7c  AxInstSV - ok
21:39:22.0638 0x1c7c  b06bdrv - ok
21:39:22.0641 0x1c7c  BasicDisplay - ok
21:39:22.0643 0x1c7c  BasicRender - ok
21:39:22.0645 0x1c7c  bcmfn - ok
21:39:22.0647 0x1c7c  bcmfn2 - ok
21:39:22.0649 0x1c7c  BDESVC - ok
21:39:22.0650 0x1c7c  Beep - ok
21:39:22.0654 0x1c7c  BFE - ok
21:39:22.0656 0x1c7c  BITS - ok
21:39:22.0657 0x1c7c  bowser - ok
21:39:22.0659 0x1c7c  BrokerInfrastructure - ok
21:39:22.0660 0x1c7c  Browser - ok
21:39:22.0663 0x1c7c  BthAvrcpTg - ok
21:39:22.0665 0x1c7c  BthHFEnum - ok
21:39:22.0667 0x1c7c  bthhfhid - ok
21:39:22.0669 0x1c7c  BthHFSrv - ok
21:39:22.0670 0x1c7c  BTHMODEM - ok
21:39:22.0673 0x1c7c  bthserv - ok
21:39:22.0675 0x1c7c  buttonconverter - ok
21:39:22.0677 0x1c7c  CapImg - ok
21:39:22.0679 0x1c7c  cdfs - ok
21:39:22.0680 0x1c7c  CDPSvc - ok
21:39:22.0682 0x1c7c  cdrom - ok
21:39:22.0684 0x1c7c  CertPropSvc - ok
21:39:22.0686 0x1c7c  circlass - ok
21:39:22.0688 0x1c7c  CLFS - ok
21:39:22.0689 0x1c7c  ClipSVC - ok
21:39:22.0694 0x1c7c  CmBatt - ok
21:39:22.0696 0x1c7c  CNG - ok
21:39:22.0697 0x1c7c  cnghwassist - ok
21:39:22.0709 0x1c7c  CompositeBus - ok
21:39:22.0711 0x1c7c  COMSysApp - ok
21:39:22.0713 0x1c7c  condrv - ok
21:39:22.0717 0x1c7c  CoreMessagingRegistrar - ok
21:39:22.0720 0x1c7c  CryptSvc - ok
21:39:22.0721 0x1c7c  CSC - ok
21:39:22.0723 0x1c7c  CscService - ok
21:39:22.0725 0x1c7c  dam - ok
21:39:22.0728 0x1c7c  DcomLaunch - ok
21:39:22.0730 0x1c7c  DcpSvc - ok
21:39:22.0731 0x1c7c  defragsvc - ok
21:39:22.0734 0x1c7c  DeviceAssociationService - ok
21:39:22.0735 0x1c7c  DeviceInstall - ok
21:39:22.0737 0x1c7c  DevQueryBroker - ok
21:39:22.0739 0x1c7c  Dfsc - ok
21:39:22.0740 0x1c7c  Dhcp - ok
21:39:22.0743 0x1c7c  diagnosticshub.standardcollector.service - ok
21:39:22.0744 0x1c7c  DiagTrack - ok
21:39:22.0746 0x1c7c  disk - ok
21:39:22.0748 0x1c7c  DmEnrollmentSvc - ok
21:39:22.0750 0x1c7c  dmvsc - ok
21:39:22.0752 0x1c7c  dmwappushservice - ok
21:39:22.0754 0x1c7c  Dnscache - ok
21:39:22.0756 0x1c7c  dot3svc - ok
21:39:22.0758 0x1c7c  DPS - ok
21:39:22.0760 0x1c7c  drmkaud - ok
21:39:22.0761 0x1c7c  DsmSvc - ok
21:39:22.0762 0x1c7c  DsSvc - ok
21:39:22.0765 0x1c7c  DXGKrnl - ok
21:39:22.0767 0x1c7c  Eaphost - ok
21:39:22.0768 0x1c7c  ebdrv - ok
21:39:22.0770 0x1c7c  EFS - ok
21:39:22.0772 0x1c7c  EhStorClass - ok
21:39:22.0773 0x1c7c  EhStorTcgDrv - ok
21:39:22.0775 0x1c7c  embeddedmode - ok
21:39:22.0777 0x1c7c  EntAppSvc - ok
21:39:22.0779 0x1c7c  ErrDev - ok
21:39:22.0781 0x1c7c  EventSystem - ok
21:39:22.0784 0x1c7c  exfat - ok
21:39:22.0786 0x1c7c  fastfat - ok
21:39:22.0788 0x1c7c  Fax - ok
21:39:22.0789 0x1c7c  fdc - ok
21:39:22.0791 0x1c7c  fdPHost - ok
21:39:22.0792 0x1c7c  FDResPub - ok
21:39:22.0795 0x1c7c  fhsvc - ok
21:39:22.0796 0x1c7c  FileCrypt - ok
21:39:22.0798 0x1c7c  FileInfo - ok
21:39:22.0800 0x1c7c  Filetrace - ok
21:39:22.0802 0x1c7c  flpydisk - ok
21:39:22.0803 0x1c7c  FltMgr - ok
21:39:22.0805 0x1c7c  FontCache - ok
21:39:22.0808 0x1c7c  FontCache3.0.0.0 - ok
21:39:22.0817 0x1c7c  [ 9E77E21A717303E1FFC1AFCA4C6BD968, C13886B6DA087B6185804536C35DF991783EF6A4C489671B1CF255E79BF5AB89 ] Freedome Service C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\FreedomeService.exe
21:39:22.0829 0x1c7c  Freedome Service - ok
21:39:22.0831 0x1c7c  FsDepends - ok
21:39:22.0834 0x1c7c  [ C5D70AF84CBDA5A1ACBE96BD5EB1C747, 7583C0D5CEFF6CAF0BB65BA71314B7DC956FC2074F8E1D0B81E47A5952AC7533 ] fsfreedometap   C:\WINDOWS\System32\drivers\fsfreedometap.sys
21:39:22.0840 0x1c7c  fsfreedometap - ok
21:39:22.0842 0x1c7c  Fs_Rec - ok
21:39:22.0844 0x1c7c  fvevol - ok
21:39:22.0845 0x1c7c  gagp30kx - ok
21:39:22.0847 0x1c7c  gencounter - ok
21:39:22.0849 0x1c7c  genericusbfn - ok
21:39:22.0851 0x1c7c  GPIOClx0101 - ok
21:39:22.0853 0x1c7c  gpsvc - ok
21:39:22.0855 0x1c7c  GpuEnergyDrv - ok
21:39:22.0856 0x1c7c  HdAudAddService - ok
21:39:22.0858 0x1c7c  HDAudBus - ok
21:39:22.0860 0x1c7c  HidBatt - ok
21:39:22.0862 0x1c7c  HidBth - ok
21:39:22.0863 0x1c7c  hidi2c - ok
21:39:22.0866 0x1c7c  hidinterrupt - ok
21:39:22.0868 0x1c7c  HidIr - ok
21:39:22.0870 0x1c7c  hidserv - ok
21:39:22.0871 0x1c7c  HidUsb - ok
21:39:22.0873 0x1c7c  HomeGroupListener - ok
21:39:22.0875 0x1c7c  HomeGroupProvider - ok
21:39:22.0877 0x1c7c  HpSAMD - ok
21:39:22.0878 0x1c7c  HTTP - ok
21:39:22.0880 0x1c7c  hwpolicy - ok
21:39:22.0882 0x1c7c  hyperkbd - ok
21:39:22.0884 0x1c7c  i8042prt - ok
21:39:22.0885 0x1c7c  iai2c - ok
21:39:22.0887 0x1c7c  iaLPSS2i_I2C - ok
21:39:22.0889 0x1c7c  iaLPSSi_GPIO - ok
21:39:22.0891 0x1c7c  iaLPSSi_I2C - ok
21:39:22.0893 0x1c7c  iaStorAV - ok
21:39:22.0895 0x1c7c  iaStorV - ok
21:39:22.0897 0x1c7c  ibbus - ok
21:39:22.0899 0x1c7c  icssvc - ok
21:39:22.0901 0x1c7c  IEEtwCollectorService - ok
21:39:22.0903 0x1c7c  IKEEXT - ok
21:39:22.0904 0x1c7c  intelide - ok
21:39:22.0907 0x1c7c  intelpep - ok
21:39:22.0908 0x1c7c  intelppm - ok
21:39:22.0910 0x1c7c  IoQos - ok
21:39:22.0912 0x1c7c  IpFilterDriver - ok
21:39:22.0914 0x1c7c  iphlpsvc - ok
21:39:22.0915 0x1c7c  IPMIDRV - ok
21:39:22.0917 0x1c7c  IPNAT - ok
21:39:22.0919 0x1c7c  IRENUM - ok
21:39:22.0921 0x1c7c  isapnp - ok
21:39:22.0922 0x1c7c  iScsiPrt - ok
21:39:22.0924 0x1c7c  kbdclass - ok
21:39:22.0926 0x1c7c  kbdhid - ok
21:39:22.0928 0x1c7c  kdnic - ok
21:39:22.0929 0x1c7c  KeyIso - ok
21:39:22.0932 0x1c7c  KSecDD - ok
21:39:22.0934 0x1c7c  KSecPkg - ok
21:39:22.0935 0x1c7c  ksthunk - ok
21:39:22.0937 0x1c7c  KtmRm - ok
21:39:22.0939 0x1c7c  LanmanServer - ok
21:39:22.0941 0x1c7c  LanmanWorkstation - ok
21:39:22.0943 0x1c7c  lfsvc - ok
21:39:22.0946 0x1c7c  [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum       C:\WINDOWS\system32\drivers\LGBusEnum.sys
21:39:22.0955 0x1c7c  LGBusEnum - ok
21:39:22.0958 0x1c7c  [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp      C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
21:39:22.0962 0x1c7c  LGCoreTemp - ok
21:39:22.0966 0x1c7c  [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore     C:\WINDOWS\system32\drivers\LGJoyXlCore.sys
21:39:22.0974 0x1c7c  LGJoyXlCore - ok
21:39:22.0977 0x1c7c  [ F705A641C18DF31B48B5DBDA94B425E4, 1F47EE43CAFE5458E56467E127EE99B5FDBFF8B810CF92B232094B475DD42B21 ] LGPBTDD         C:\WINDOWS\System32\Drivers\LGPBTDD.sys
21:39:22.0982 0x1c7c  LGPBTDD - ok
21:39:22.0985 0x1c7c  [ 1DDB8DE3D6EEF31EDCF4977B2D2FAACC, 24291B522A596E2D9A1CDAC192DB1C7422D5DD0E87E5C8A5F5E2CAA90296BF23 ] LGVirHid        C:\WINDOWS\system32\drivers\LGVirHid.sys
21:39:22.0991 0x1c7c  LGVirHid - ok
21:39:22.0993 0x1c7c  LicenseManager - ok
21:39:22.0995 0x1c7c  lltdio - ok
21:39:22.0997 0x1c7c  lltdsvc - ok
21:39:22.0999 0x1c7c  lmhosts - ok
21:39:23.0003 0x1c7c  [ F22EC985B9BE0788B5DB4F0162131CCF, 015A5E0396240373ED9EC5026C53CD5E03AE31688A984C47E071704B0FE8D552 ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
21:39:23.0010 0x1c7c  LogiRegistryService - ok
21:39:23.0013 0x1c7c  LSI_SAS - ok
21:39:23.0015 0x1c7c  LSI_SAS2i - ok
21:39:23.0018 0x1c7c  LSI_SAS3i - ok
21:39:23.0019 0x1c7c  LSI_SSS - ok
21:39:23.0021 0x1c7c  LSM - ok
21:39:23.0023 0x1c7c  luafv - ok
21:39:23.0025 0x1c7c  MapsBroker - ok
21:39:23.0027 0x1c7c  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
21:39:23.0032 0x1c7c  MBAMProtector - ok
21:39:23.0052 0x1c7c  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
21:39:23.0072 0x1c7c  MBAMService - ok
21:39:23.0076 0x1c7c  [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
21:39:23.0081 0x1c7c  MBAMWebAccessControl - ok
21:39:23.0083 0x1c7c  megasas - ok
21:39:23.0085 0x1c7c  megasr - ok
21:39:23.0090 0x1c7c  [ E7C9F74D8CAAB1FF7964C27C070FB16C, 76CCD9109E1031A336B7E275368520FFB60D500E24444B04066F205D1ED5BA2B ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
21:39:23.0099 0x1c7c  MEIx64 - ok
21:39:23.0102 0x1c7c  MessagingService - ok
21:39:23.0106 0x1c7c  mlx4_bus - ok
21:39:23.0107 0x1c7c  MMCSS - ok
21:39:23.0109 0x1c7c  Modem - ok
21:39:23.0111 0x1c7c  monitor - ok
21:39:23.0112 0x1c7c  mouclass - ok
21:39:23.0114 0x1c7c  mouhid - ok
21:39:23.0116 0x1c7c  mountmgr - ok
21:39:23.0119 0x1c7c  [ 9EA771C01B8F99360F5BE1F732C59C3F, 69868A00F29379E822DC5A77EB4372CCAD690D2BDF10FEABB79C987527730FD5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:39:23.0126 0x1c7c  MozillaMaintenance - ok
21:39:23.0128 0x1c7c  mpsdrv - ok
21:39:23.0131 0x1c7c  MpsSvc - ok
21:39:23.0132 0x1c7c  MRxDAV - ok
21:39:23.0134 0x1c7c  mrxsmb - ok
21:39:23.0136 0x1c7c  mrxsmb10 - ok
21:39:23.0138 0x1c7c  mrxsmb20 - ok
21:39:23.0139 0x1c7c  MsBridge - ok
21:39:23.0142 0x1c7c  MSDTC - ok
21:39:23.0145 0x1c7c  Msfs - ok
21:39:23.0147 0x1c7c  msgpiowin32 - ok
21:39:23.0149 0x1c7c  mshidkmdf - ok
21:39:23.0151 0x1c7c  mshidumdf - ok
21:39:23.0153 0x1c7c  msisadrv - ok
21:39:23.0155 0x1c7c  MSiSCSI - ok
21:39:23.0157 0x1c7c  msiserver - ok
21:39:23.0158 0x1c7c  MSKSSRV - ok
21:39:23.0160 0x1c7c  MsLldp - ok
21:39:23.0161 0x1c7c  MSPCLOCK - ok
21:39:23.0163 0x1c7c  MSPQM - ok
21:39:23.0165 0x1c7c  MsRPC - ok
21:39:23.0168 0x1c7c  mssmbios - ok
21:39:23.0170 0x1c7c  MSTEE - ok
21:39:23.0171 0x1c7c  MTConfig - ok
21:39:23.0173 0x1c7c  Mup - ok
21:39:23.0175 0x1c7c  mvumis - ok
21:39:23.0183 0x1c7c  [ 5BB03606E249FBFBC885E313C8FB9694, DC41B05C593CC79CB449F57AA9A52F132C00BD70C99C157831B133568F7DADFD ] NanoServiceMain C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
21:39:23.0188 0x1c7c  NanoServiceMain - ok
21:39:23.0191 0x1c7c  NativeWifiP - ok
21:39:23.0193 0x1c7c  NcaSvc - ok
21:39:23.0195 0x1c7c  NcbService - ok
21:39:23.0197 0x1c7c  NcdAutoSetup - ok
21:39:23.0199 0x1c7c  ndfltr - ok
21:39:23.0201 0x1c7c  NDIS - ok
21:39:23.0203 0x1c7c  NdisCap - ok
21:39:23.0205 0x1c7c  NdisImPlatform - ok
21:39:23.0207 0x1c7c  NdisTapi - ok
21:39:23.0208 0x1c7c  Ndisuio - ok
21:39:23.0210 0x1c7c  NdisVirtualBus - ok
21:39:23.0212 0x1c7c  NdisWan - ok
21:39:23.0213 0x1c7c  ndiswanlegacy - ok
21:39:23.0215 0x1c7c  ndproxy - ok
21:39:23.0217 0x1c7c  Ndu - ok
21:39:23.0219 0x1c7c  NetBIOS - ok
21:39:23.0222 0x1c7c  NetBT - ok
21:39:23.0223 0x1c7c  Netlogon - ok
21:39:23.0225 0x1c7c  Netman - ok
21:39:23.0227 0x1c7c  netprofm - ok
21:39:23.0229 0x1c7c  NetSetupSvc - ok
21:39:23.0234 0x1c7c  NetTcpPortSharing - ok
21:39:23.0237 0x1c7c  NgcCtnrSvc - ok
21:39:23.0238 0x1c7c  NgcSvc - ok
21:39:23.0240 0x1c7c  NlaSvc - ok
21:39:23.0243 0x1c7c  [ 88960DB46ACCC3FEDEBBB8184D1D8BF5, 6FC18EFC8B4BE7A2A64166C735E1CB9B20E8B62F2296A01576AC1769E3C24E31 ] NNSALPC         C:\WINDOWS\system32\DRIVERS\NNSALPC.sys
21:39:23.0252 0x1c7c  NNSALPC - ok
21:39:23.0259 0x1c7c  [ 528C0EDB540F0B0A7054D9E2517E8A35, 0762BF4C2D9D8DB648F58CC3D7A919239E4DB8712D8941D53652371F2C025378 ] NNSHTTP         C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys
21:39:23.0268 0x1c7c  NNSHTTP - ok
21:39:23.0273 0x1c7c  [ DA4688175B84E522F4E0D269475D01D6, D330B09FDD7BEEDB65E7DC2AC3D410F2BC64BEE4ACD663237B4C0F0814C8CE3A ] NNSHTTPS        C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys
21:39:23.0281 0x1c7c  NNSHTTPS - ok
21:39:23.0286 0x1c7c  [ C71B72375BB54A22F053E7EBDA28BB5C, D188D16BDCED9A5877C8B7791B7C354E266B6B37C110140033E00850372700F5 ] NNSIDS          C:\WINDOWS\system32\DRIVERS\NNSIDS.sys
21:39:23.0294 0x1c7c  NNSIDS - ok
21:39:23.0297 0x1c7c  [ E4B9C6200A8A1213FD29FAF3C42F5F22, 32B21D03BAE08418E5E3B41D7A792378F9915A4AE24C9007B5192E98D480C12B ] NNSNAHSL        C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys
21:39:23.0303 0x1c7c  NNSNAHSL - ok
21:39:23.0307 0x1c7c  [ 3F6BAA8B1C4BC50735E54DBDBED734D8, 6E892687D12E947548059E1534ED12EB20DF1A6196EAF73657192C46C9CA7FBB ] NNSPICC         C:\WINDOWS\system32\DRIVERS\NNSPICC.sys
21:39:23.0315 0x1c7c  NNSPICC - ok
21:39:23.0319 0x1c7c  [ ADBEC2D045F19826A33A2E21110A4E08, EAA603BDE1D1B6DD04B9533D02F04C3E74E9373B66669AE07469BEFD074D6C32 ] NNSPIHSW        C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys
21:39:23.0327 0x1c7c  NNSPIHSW - ok
21:39:23.0331 0x1c7c  [ D9609840CF0571B783A4E81B9061F2B6, 1CED58206E7D90FE20B689DD13427D4C7019239B0AF84CBDA656CF0F2437A726 ] NNSPOP3         C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys
21:39:23.0339 0x1c7c  NNSPOP3 - ok
21:39:23.0347 0x1c7c  [ F3F228144410965A196123A4F4D60B66, 9132EE85915DB17B931C3C51819E8522033B3A7AE53B57593F7C77BAD43B9EC3 ] NNSPROT         C:\WINDOWS\system32\DRIVERS\NNSPROT.sys
21:39:23.0358 0x1c7c  NNSPROT - ok
21:39:23.0364 0x1c7c  [ 7FA577EE5344906675DD19BB79F6C668, 53BED5908FC9BEDD8DC3B428CA624CA43FFA1D0A8C3C9685509ED2CBEA4A2E65 ] NNSPRV          C:\WINDOWS\system32\DRIVERS\NNSPRV.sys
21:39:23.0374 0x1c7c  NNSPRV - ok
21:39:23.0379 0x1c7c  [ 4125E22EF46CFBFB59DEE7F7144E6D74, 4D5C451CA26CF34E0AB6F17F1862398F5E9F6513F306080BDC56893D9B6FBE53 ] NNSSMTP         C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys
21:39:23.0387 0x1c7c  NNSSMTP - ok
21:39:23.0395 0x1c7c  [ 650C2DFED558AF7FF45A87CD7147D457, 9AE264A30B63FDB655B5872A43075A18D6C9AEEE1ACA55B500FAD8849A219365 ] NNSSTRM         C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys
21:39:23.0407 0x1c7c  NNSSTRM - ok
21:39:23.0412 0x1c7c  [ E74AA03D6C9E443EC1C7A35B9B04DAA2, A3B4CB031F33B11F4D5FFE610CD34F8BC4EC6892D850C9ED6B46B20BCFBF0DC1 ] NNSTLSC         C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys
21:39:23.0420 0x1c7c  NNSTLSC - ok
21:39:23.0422 0x1c7c  Npfs - ok
21:39:23.0425 0x1c7c  npggsvc - ok
21:39:23.0427 0x1c7c  npsvctrig - ok
21:39:23.0428 0x1c7c  nsi - ok
21:39:23.0430 0x1c7c  nsiproxy - ok
21:39:23.0434 0x1c7c  NTFS - ok
21:39:23.0436 0x1c7c  Null - ok
21:39:23.0438 0x1c7c  nvraid - ok
21:39:23.0440 0x1c7c  nvstor - ok
21:39:23.0441 0x1c7c  nv_agp - ok
21:39:23.0443 0x1c7c  OneSyncSvc - ok
21:39:23.0506 0x1c7c  [ A309633A4BA2DE3FC30468C3103E0BA5, 530C707A4FCD36A45E9D370D20105356C8019DE41EF1C1F1A728A523D5FBEE25 ] Origin Client Service E:\Origin\OriginClientService.exe
21:39:23.0539 0x1c7c  Origin Client Service - ok
21:39:23.0543 0x1c7c  p2pimsvc - ok
21:39:23.0546 0x1c7c  p2psvc - ok
21:39:23.0549 0x1c7c  [ 7CB4A8CEFE80C1B924B82ABC8423D75A, 8114529E20433B20542AD7ADDC7D069768E8190A88B1B2ED9988324580D6059C ] PandaAgent      C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
21:39:23.0554 0x1c7c  PandaAgent - ok
21:39:23.0556 0x1c7c  Parport - ok
21:39:23.0558 0x1c7c  partmgr - ok
21:39:23.0560 0x1c7c  PcaSvc - ok
21:39:23.0562 0x1c7c  pci - ok
21:39:23.0563 0x1c7c  pciide - ok
21:39:23.0566 0x1c7c  pcmcia - ok
21:39:23.0568 0x1c7c  pcw - ok
21:39:23.0570 0x1c7c  pdc - ok
21:39:23.0571 0x1c7c  PEAUTH - ok
21:39:23.0573 0x1c7c  PeerDistSvc - ok
21:39:23.0575 0x1c7c  percsas2i - ok
21:39:23.0577 0x1c7c  percsas3i - ok
21:39:23.0590 0x1c7c  PerfHost - ok
21:39:23.0594 0x1c7c  PhoneSvc - ok
21:39:23.0595 0x1c7c  PimIndexMaintenanceSvc - ok
21:39:23.0598 0x1c7c  pla - ok
21:39:23.0600 0x1c7c  PlugPlay - ok
21:39:23.0602 0x1c7c  PNRPAutoReg - ok
21:39:23.0603 0x1c7c  PNRPsvc - ok
21:39:23.0605 0x1c7c  PolicyAgent - ok
21:39:23.0608 0x1c7c  Power - ok
21:39:23.0610 0x1c7c  PptpMiniport - ok
21:39:23.0675 0x1c7c  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:39:23.0756 0x1c7c  PrintNotify - ok
21:39:23.0761 0x1c7c  Processor - ok
21:39:23.0763 0x1c7c  ProfSvc - ok
21:39:23.0764 0x1c7c  Psched - ok
21:39:23.0771 0x1c7c  [ AA0BA747EC0431EB104BB2FF6440DD66, A707ADCC3C0D3CF9B35C255446AAD80FFAD81DCC8E74FE2CD0E6067E32EA97CE ] PSINAflt        C:\WINDOWS\system32\DRIVERS\PSINAflt.sys
21:39:23.0781 0x1c7c  PSINAflt - ok
21:39:23.0785 0x1c7c  [ EA50EC24E63CB1011AB6D47A80804478, 71D883664B7F00953948643F5ED3EAAF59F8D06265D559102570D6344603F780 ] PSINFile        C:\WINDOWS\system32\DRIVERS\PSINFile.sys
21:39:23.0793 0x1c7c  PSINFile - ok
21:39:23.0800 0x1c7c  [ C62E122E2D40C403CA1C7D2382319C1E, 247B44C8C42E1805FD688E3E8573BDC6A414B21E78090EDFB3E2D0945137F52F ] PSINKNC         C:\WINDOWS\system32\DRIVERS\PSINKNC.sys
21:39:23.0809 0x1c7c  PSINKNC - ok
21:39:23.0815 0x1c7c  [ D8B1D430406F95B761D67C4AD1914D8F, E34B2DF8C56C71BBD9E65F5DD37749A1D149F15C9AF9A9151E06AD372FDE53A6 ] PSINProc        C:\WINDOWS\system32\DRIVERS\PSINProc.sys
21:39:23.0823 0x1c7c  PSINProc - ok
21:39:23.0828 0x1c7c  [ 65A7D90A0C1E8B972CB0C99A4C8DB6B1, EC070E54049E7D2DDADE8FC2E78291F2F10A89D3D9EA82C8BEF27309954E1074 ] PSINProt        C:\WINDOWS\system32\DRIVERS\PSINProt.sys
21:39:23.0836 0x1c7c  PSINProt - ok
21:39:23.0841 0x1c7c  [ 868F4F576974830118E1DDBF129511E2, 7F48EADD98B21CD03DFA31B0AB8E7650734AD4769A0F77FB84903D97B960E127 ] PSINReg         C:\WINDOWS\system32\DRIVERS\PSINReg.sys
21:39:23.0849 0x1c7c  PSINReg - ok
21:39:23.0852 0x1c7c  [ F803473CD0E5D36D02EB58109F1294CD, DB6FFB4100BD35D491FF1C61FB3073049C2C18038D004A6D1E279A95AB8BA2EC ] PSKMAD          C:\WINDOWS\system32\DRIVERS\PSKMAD.sys
21:39:23.0861 0x1c7c  PSKMAD - ok
21:39:23.0866 0x1c7c  [ 0104879261E702358C63D61404B20FC5, 0741827637D37EAF5EE08BEEACD3B88B413C5CC35B5EF358743C10C6CCB0E0E0 ] PSUAService     C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
21:39:23.0871 0x1c7c  PSUAService - ok
21:39:23.0873 0x1c7c  QWAVE - ok
21:39:23.0875 0x1c7c  QWAVEdrv - ok
21:39:23.0877 0x1c7c  RasAcd - ok
21:39:23.0878 0x1c7c  RasAgileVpn - ok
21:39:23.0879 0x1c7c  RasAuto - ok
21:39:23.0882 0x1c7c  Rasl2tp - ok
21:39:23.0884 0x1c7c  RasMan - ok
21:39:23.0886 0x1c7c  RasPppoe - ok
21:39:23.0888 0x1c7c  RasSstp - ok
21:39:23.0889 0x1c7c  rdbss - ok
21:39:23.0893 0x1c7c  rdpbus - ok
21:39:23.0894 0x1c7c  RDPDR - ok
21:39:23.0898 0x1c7c  RdpVideoMiniport - ok
21:39:23.0900 0x1c7c  rdyboost - ok
21:39:23.0902 0x1c7c  ReFSv1 - ok
21:39:23.0905 0x1c7c  RemoteAccess - ok
21:39:23.0907 0x1c7c  RemoteRegistry - ok
21:39:23.0908 0x1c7c  RetailDemo - ok
21:39:23.0910 0x1c7c  RpcEptMapper - ok
21:39:23.0912 0x1c7c  RpcLocator - ok
21:39:23.0913 0x1c7c  RpcSs - ok
21:39:23.0915 0x1c7c  rspndr - ok
21:39:23.0917 0x1c7c  rt640x64 - ok
21:39:23.0919 0x1c7c  s3cap - ok
21:39:23.0920 0x1c7c  SamSs - ok
21:39:23.0923 0x1c7c  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
21:39:23.0927 0x1c7c  SASDIFSV - ok
21:39:23.0929 0x1c7c  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
21:39:23.0933 0x1c7c  SASKUTIL - ok
21:39:23.0935 0x1c7c  sbp2port - ok
21:39:23.0937 0x1c7c  SCardSvr - ok
21:39:23.0939 0x1c7c  ScDeviceEnum - ok
21:39:23.0941 0x1c7c  scfilter - ok
21:39:23.0943 0x1c7c  Schedule - ok
21:39:23.0945 0x1c7c  SCPolicySvc - ok
21:39:23.0946 0x1c7c  sdbus - ok
21:39:23.0948 0x1c7c  SDRSVC - ok
21:39:23.0950 0x1c7c  sdstor - ok
21:39:23.0952 0x1c7c  seclogon - ok
21:39:23.0953 0x1c7c  SENS - ok
21:39:23.0955 0x1c7c  SensorDataService - ok
21:39:23.0957 0x1c7c  SensorService - ok
21:39:23.0958 0x1c7c  SensrSvc - ok
21:39:23.0960 0x1c7c  SerCx - ok
21:39:23.0962 0x1c7c  SerCx2 - ok
21:39:23.0963 0x1c7c  Serenum - ok
21:39:23.0966 0x1c7c  Serial - ok
21:39:23.0967 0x1c7c  sermouse - ok
21:39:23.0972 0x1c7c  SessionEnv - ok
21:39:23.0974 0x1c7c  sfloppy - ok
21:39:23.0976 0x1c7c  SharedAccess - ok
21:39:23.0978 0x1c7c  ShellHWDetection - ok
21:39:23.0979 0x1c7c  SiSRaid2 - ok
21:39:23.0981 0x1c7c  SiSRaid4 - ok
21:39:23.0983 0x1c7c  smphost - ok
21:39:23.0985 0x1c7c  SmsRouter - ok
21:39:23.0988 0x1c7c  SNMPTRAP - ok
21:39:23.0990 0x1c7c  spaceport - ok
21:39:23.0991 0x1c7c  SpbCx - ok
21:39:23.0994 0x1c7c  Spooler - ok
21:39:23.0995 0x1c7c  sppsvc - ok
21:39:23.0997 0x1c7c  srv - ok
21:39:23.0999 0x1c7c  srv2 - ok
21:39:24.0001 0x1c7c  srvnet - ok
21:39:24.0003 0x1c7c  SSDPSRV - ok
21:39:24.0005 0x1c7c  SstpSvc - ok
21:39:24.0007 0x1c7c  StateRepository - ok
21:39:24.0020 0x1c7c  [ 81433E112B6BD31B59519BA31EF927DB, DD1776E5729F22C58A4969132E0C105B0E48672ADC4E8FD958A8D5A627596BBA ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:39:24.0035 0x1c7c  Steam Client Service - ok
21:39:24.0038 0x1c7c  stexstor - ok
21:39:24.0040 0x1c7c  stisvc - ok
21:39:24.0042 0x1c7c  storahci - ok
21:39:24.0044 0x1c7c  storflt - ok
21:39:24.0045 0x1c7c  stornvme - ok
21:39:24.0047 0x1c7c  storqosflt - ok
21:39:24.0049 0x1c7c  StorSvc - ok
21:39:24.0051 0x1c7c  storufs - ok
21:39:24.0053 0x1c7c  storvsc - ok
21:39:24.0055 0x1c7c  svsvc - ok
21:39:24.0056 0x1c7c  swenum - ok
21:39:24.0058 0x1c7c  swprv - ok
21:39:24.0060 0x1c7c  Synth3dVsc - ok
21:39:24.0062 0x1c7c  SysMain - ok
21:39:24.0063 0x1c7c  SystemEventsBroker - ok
21:39:24.0066 0x1c7c  TabletInputService - ok
21:39:24.0068 0x1c7c  TapiSrv - ok
21:39:24.0070 0x1c7c  Tcpip - ok
21:39:24.0071 0x1c7c  Tcpip6 - ok
21:39:24.0074 0x1c7c  tcpipreg - ok
21:39:24.0076 0x1c7c  tdx - ok
21:39:24.0078 0x1c7c  terminpt - ok
21:39:24.0080 0x1c7c  TermService - ok
21:39:24.0082 0x1c7c  Themes - ok
21:39:24.0084 0x1c7c  TieringEngineService - ok
21:39:24.0085 0x1c7c  tiledatamodelsvc - ok
21:39:24.0087 0x1c7c  TimeBroker - ok
21:39:24.0089 0x1c7c  TPM - ok
21:39:24.0091 0x1c7c  TrkWks - ok
21:39:24.0092 0x1c7c  TrustedInstaller - ok
21:39:24.0095 0x1c7c  tsusbflt - ok
21:39:24.0097 0x1c7c  TsUsbGD - ok
21:39:24.0099 0x1c7c  tunnel - ok
21:39:24.0101 0x1c7c  tzautoupdate - ok
21:39:24.0102 0x1c7c  uagp35 - ok
21:39:24.0103 0x1c7c  UASPStor - ok
21:39:24.0106 0x1c7c  UcmCx0101 - ok
21:39:24.0107 0x1c7c  UcmUcsi - ok
21:39:24.0109 0x1c7c  Ucx01000 - ok
21:39:24.0111 0x1c7c  UdeCx - ok
21:39:24.0112 0x1c7c  udfs - ok
21:39:24.0114 0x1c7c  UEFI - ok
21:39:24.0116 0x1c7c  Ufx01000 - ok
21:39:24.0119 0x1c7c  UfxChipidea - ok
21:39:24.0120 0x1c7c  ufxsynopsys - ok
21:39:24.0124 0x1c7c  UI0Detect - ok
21:39:24.0125 0x1c7c  uliagpkx - ok
21:39:24.0127 0x1c7c  umbus - ok
21:39:24.0129 0x1c7c  UmPass - ok
21:39:24.0131 0x1c7c  UmRdpService - ok
21:39:24.0133 0x1c7c  UnistoreSvc - ok
21:39:24.0137 0x1c7c  upnphost - ok
21:39:24.0138 0x1c7c  UrsChipidea - ok
21:39:24.0140 0x1c7c  UrsCx01000 - ok
21:39:24.0142 0x1c7c  UrsSynopsys - ok
21:39:24.0144 0x1c7c  usbccgp - ok
21:39:24.0146 0x1c7c  usbcir - ok
21:39:24.0147 0x1c7c  usbehci - ok
21:39:24.0149 0x1c7c  usbhub - ok
21:39:24.0151 0x1c7c  USBHUB3 - ok
21:39:24.0153 0x1c7c  usbohci - ok
21:39:24.0155 0x1c7c  usbprint - ok
21:39:24.0157 0x1c7c  usbscan - ok
21:39:24.0158 0x1c7c  usbser - ok
21:39:24.0160 0x1c7c  USBSTOR - ok
21:39:24.0162 0x1c7c  usbuhci - ok
21:39:24.0163 0x1c7c  USBXHCI - ok
21:39:24.0166 0x1c7c  UserDataSvc - ok
21:39:24.0169 0x1c7c  UserManager - ok
21:39:24.0171 0x1c7c  UsoSvc - ok
21:39:24.0172 0x1c7c  VaultSvc - ok
21:39:24.0174 0x1c7c  vdrvroot - ok
21:39:24.0176 0x1c7c  vds - ok
21:39:24.0177 0x1c7c  VerifierExt - ok
21:39:24.0179 0x1c7c  vhdmp - ok
21:39:24.0181 0x1c7c  vhf - ok
21:39:24.0183 0x1c7c  vmbus - ok
21:39:24.0185 0x1c7c  VMBusHID - ok
21:39:24.0187 0x1c7c  vmicguestinterface - ok
21:39:24.0189 0x1c7c  vmicheartbeat - ok
21:39:24.0190 0x1c7c  vmickvpexchange - ok
21:39:24.0192 0x1c7c  vmicrdv - ok
21:39:24.0194 0x1c7c  vmicshutdown - ok
21:39:24.0195 0x1c7c  vmictimesync - ok
21:39:24.0197 0x1c7c  vmicvmsession - ok
21:39:24.0199 0x1c7c  vmicvss - ok
21:39:24.0201 0x1c7c  volmgr - ok
21:39:24.0203 0x1c7c  volmgrx - ok
21:39:24.0204 0x1c7c  volsnap - ok
21:39:24.0206 0x1c7c  vpci - ok
21:39:24.0208 0x1c7c  vsmraid - ok
21:39:24.0210 0x1c7c  VSS - ok
21:39:24.0211 0x1c7c  VSTXRAID - ok
21:39:24.0213 0x1c7c  vwifibus - ok
21:39:24.0214 0x1c7c  vwififlt - ok
21:39:24.0217 0x1c7c  W32Time - ok
21:39:24.0219 0x1c7c  WacomPen - ok
21:39:24.0221 0x1c7c  WalletService - ok
21:39:24.0223 0x1c7c  wanarp - ok
21:39:24.0224 0x1c7c  wanarpv6 - ok
21:39:24.0226 0x1c7c  wbengine - ok
21:39:24.0228 0x1c7c  WbioSrvc - ok
21:39:24.0230 0x1c7c  Wcmsvc - ok
21:39:24.0232 0x1c7c  wcncsvc - ok
21:39:24.0234 0x1c7c  WcsPlugInService - ok
21:39:24.0236 0x1c7c  WdBoot - ok
21:39:24.0238 0x1c7c  Wdf01000 - ok
21:39:24.0239 0x1c7c  WdFilter - ok
21:39:24.0242 0x1c7c  WdiServiceHost - ok
21:39:24.0243 0x1c7c  WdiSystemHost - ok
21:39:24.0245 0x1c7c  wdiwifi - ok
21:39:24.0247 0x1c7c  WdNisDrv - ok
21:39:24.0249 0x1c7c  WdNisSvc - ok
21:39:24.0252 0x1c7c  WebClient - ok
21:39:24.0254 0x1c7c  Wecsvc - ok
21:39:24.0255 0x1c7c  WEPHOSTSVC - ok
21:39:24.0257 0x1c7c  wercplsupport - ok
21:39:24.0259 0x1c7c  WerSvc - ok
21:39:24.0261 0x1c7c  WFPLWFS - ok
21:39:24.0263 0x1c7c  WiaRpc - ok
21:39:24.0265 0x1c7c  WIMMount - ok
21:39:24.0266 0x1c7c  WinDefend - ok
21:39:24.0270 0x1c7c  WindowsTrustedRT - ok
21:39:24.0272 0x1c7c  WindowsTrustedRTProxy - ok
21:39:24.0274 0x1c7c  WinHttpAutoProxySvc - ok
21:39:24.0275 0x1c7c  WinMad - ok
21:39:24.0281 0x1c7c  Winmgmt - ok
21:39:24.0283 0x1c7c  WinRM - ok
21:39:24.0286 0x1c7c  WINUSB - ok
21:39:24.0288 0x1c7c  WinVerbs - ok
21:39:24.0290 0x1c7c  WlanSvc - ok
21:39:24.0292 0x1c7c  wlidsvc - ok
21:39:24.0294 0x1c7c  WmiAcpi - ok
21:39:24.0297 0x1c7c  wmiApSrv - ok
21:39:24.0299 0x1c7c  WMPNetworkSvc - ok
21:39:24.0304 0x1c7c  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
21:39:24.0314 0x1c7c  Wof - ok
21:39:24.0316 0x1c7c  workfolderssvc - ok
21:39:24.0319 0x1c7c  wpcfltr - ok
21:39:24.0321 0x1c7c  WPDBusEnum - ok
21:39:24.0322 0x1c7c  WpdUpFltr - ok
21:39:24.0324 0x1c7c  WpnService - ok
21:39:24.0326 0x1c7c  ws2ifsl - ok
21:39:24.0328 0x1c7c  wscsvc - ok
21:39:24.0330 0x1c7c  WSearch - ok
21:39:24.0333 0x1c7c  WSService - ok
21:39:24.0335 0x1c7c  wuauserv - ok
21:39:24.0337 0x1c7c  WudfPf - ok
21:39:24.0338 0x1c7c  WUDFRd - ok
21:39:24.0341 0x1c7c  wudfsvc - ok
21:39:24.0342 0x1c7c  WUDFWpdFs - ok
21:39:24.0344 0x1c7c  WUDFWpdMtp - ok
21:39:24.0346 0x1c7c  WwanSvc - ok
21:39:24.0348 0x1c7c  XblAuthManager - ok
21:39:24.0350 0x1c7c  XblGameSave - ok
21:39:24.0352 0x1c7c  xboxgip - ok
21:39:24.0354 0x1c7c  XboxNetApiSvc - ok
21:39:24.0356 0x1c7c  xinputhid - ok
21:39:24.0359 0x1c7c  xusb22 - ok
21:39:24.0359 0x1c7c  ================ Scan global ===============================
21:39:24.0366 0x1c7c  [ Global ] - ok
21:39:24.0366 0x1c7c  ================ Scan MBR ==================================
21:39:24.0368 0x1c7c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:39:24.0434 0x1c7c  \Device\Harddisk0\DR0 - ok
21:39:24.0435 0x1c7c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
21:39:24.0493 0x1c7c  \Device\Harddisk1\DR1 - ok
21:39:24.0493 0x1c7c  ================ Scan VBR ==================================
21:39:24.0494 0x1c7c  [ 57026EE6E254858E0FEA59DD84C8B09C ] \Device\Harddisk0\DR0\Partition1
21:39:24.0533 0x1c7c  \Device\Harddisk0\DR0\Partition1 - ok
21:39:24.0535 0x1c7c  [ CAB90B8AC29E5EB6D60B79E0C5830AC0 ] \Device\Harddisk1\DR1\Partition1
21:39:24.0536 0x1c7c  \Device\Harddisk1\DR1\Partition1 - ok
21:39:24.0536 0x1c7c  ================ Scan generic autorun ======================
21:39:24.0769 0x1c7c  [ 9CFD0AFEA08FFEA16F3EFFC94D5B3DEF, AB7879DDA9D516C2B124640B1D34557A8BAD244423867E8390D29FFF6858A865 ] C:\Program Files\Logitech Gaming Software\LCore.exe
21:39:25.0039 0x1c7c  Launch LCore - ok
21:39:25.0119 0x1c7c  [ 3298B23482DAC11CD6CF6ED627B5D406, 159D38A9CFEA7E59733B4AC53A49205DFCBD23CB28302A3A15F39BA2D406FAB2 ] C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
21:39:25.0202 0x1c7c  StartCN - ok
21:39:25.0210 0x1c7c  [ 372A480C3E64CE1DFE5193BE78CB021D, B99926E3D2B8219B4D4276DA0CC1C1CAA5FDA088914EFDC55CD0ECD095A5016D ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
21:39:25.0215 0x1c7c  PSUAMain - ok
21:39:25.0295 0x1c7c  [ 898944FBC4E3A6F02D568FD3490A7155, 4EE68B8E3E65640AEA4EE04572503A0B1DA66F941D705D3B4EB747B7B7FED233 ] C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\Freedome.exe
21:39:25.0385 0x1c7c  FreedomeAutoStart - ok
21:39:25.0402 0x1c7c  OneDriveSetup - ok
21:39:25.0403 0x1c7c  OneDriveSetup - ok
21:39:25.0425 0x1c7c  [ 5400677699FBBBDFF1CB48D05AF55EEC, A3F3DC72CAB8FD57B5D7FB5BB2DFD67170BD43063F9AAE3EEAD5BC3CF22A0A0D ] C:\Users\Pascal Weger\AppData\Roaming\Spotify\SpotifyWebHelper.exe
21:39:25.0454 0x1c7c  Spotify Web Helper - ok
21:39:25.0460 0x1c7c  Uninstall C:\Users\Pascal Weger\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64 - ok
21:39:25.0464 0x1c7c  Uninstall C:\Users\Pascal Weger\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1 - ok
21:39:25.0464 0x1c7c  Waiting for KSN requests completion. In queue: 53
21:39:25.0716 0x1e04  Object required for P2P: [ 99B993BD0F4C033D832B50D5E83BEBEC ] AdobeFlashPlayerUpdateSvc
21:39:26.0465 0x1c7c  Waiting for KSN requests completion. In queue: 52
21:39:27.0466 0x1c7c  Waiting for KSN requests completion. In queue: 52
21:39:27.0856 0x1658  Object required for P2P: [ 7FA577EE5344906675DD19BB79F6C668 ] NNSPRV
21:39:28.0237 0x1e04  Object send P2P result: true
21:39:28.0237 0x1e04  Object required for P2P: [ B71FD96974061B61A20281BDB8A46D83 ] amdkmdap
21:39:28.0467 0x1c7c  Waiting for KSN requests completion. In queue: 47
21:39:29.0468 0x1c7c  Waiting for KSN requests completion. In queue: 47
21:39:30.0302 0x1658  Object send P2P result: true
21:39:30.0302 0x1658  Object required for P2P: [ 4125E22EF46CFBFB59DEE7F7144E6D74 ] NNSSMTP
21:39:30.0468 0x1c7c  Waiting for KSN requests completion. In queue: 46
21:39:30.0685 0x1e04  Object send P2P result: true
21:39:30.0685 0x1e04  Object required for P2P: [ 9EA771C01B8F99360F5BE1F732C59C3F ] MozillaMaintenance
21:39:31.0469 0x1c7c  Waiting for KSN requests completion. In queue: 32
21:39:32.0469 0x1c7c  Waiting for KSN requests completion. In queue: 32
21:39:32.0763 0x1658  Object send P2P result: true
21:39:32.0763 0x1658  Object required for P2P: [ 650C2DFED558AF7FF45A87CD7147D457 ] NNSSTRM
21:39:33.0124 0x1e04  Object send P2P result: true
21:39:33.0125 0x1e04  Object required for P2P: [ 5BB03606E249FBFBC885E313C8FB9694 ] NanoServiceMain
21:39:33.0470 0x1c7c  Waiting for KSN requests completion. In queue: 30
21:39:34.0471 0x1c7c  Waiting for KSN requests completion. In queue: 30
21:39:35.0204 0x1658  Object send P2P result: true
21:39:35.0204 0x1658  Object required for P2P: [ E74AA03D6C9E443EC1C7A35B9B04DAA2 ] NNSTLSC
21:39:35.0471 0x1c7c  Waiting for KSN requests completion. In queue: 29
21:39:35.0556 0x1e04  Object send P2P result: true
21:39:35.0557 0x1e04  Object required for P2P: [ 88960DB46ACCC3FEDEBBB8184D1D8BF5 ] NNSALPC
21:39:36.0471 0x1c7c  Waiting for KSN requests completion. In queue: 28
21:39:37.0473 0x1c7c  Waiting for KSN requests completion. In queue: 28
21:39:37.0647 0x1658  Object send P2P result: true
21:39:37.0647 0x1658  Object required for P2P: [ EA50EC24E63CB1011AB6D47A80804478 ] PSINFile
21:39:38.0013 0x1e04  Object send P2P result: true
21:39:38.0013 0x1e04  Object required for P2P: [ 528C0EDB540F0B0A7054D9E2517E8A35 ] NNSHTTP
21:39:38.0473 0x1c7c  Waiting for KSN requests completion. In queue: 22
21:39:39.0474 0x1c7c  Waiting for KSN requests completion. In queue: 22
21:39:40.0084 0x1658  Object send P2P result: true
21:39:40.0084 0x1658  Object required for P2P: [ D8B1D430406F95B761D67C4AD1914D8F ] PSINProc
21:39:40.0464 0x1e04  Object send P2P result: true
21:39:40.0464 0x1e04  Object required for P2P: [ 3F6BAA8B1C4BC50735E54DBDBED734D8 ] NNSPICC
21:39:40.0474 0x1c7c  Waiting for KSN requests completion. In queue: 16
21:39:41.0475 0x1c7c  Waiting for KSN requests completion. In queue: 16
21:39:42.0476 0x1c7c  Waiting for KSN requests completion. In queue: 16
21:39:42.0524 0x1658  Object send P2P result: true
21:39:42.0524 0x1658  Object required for P2P: [ 868F4F576974830118E1DDBF129511E2 ] PSINReg
21:39:42.0905 0x1e04  Object send P2P result: true
21:39:43.0476 0x1c7c  Waiting for KSN requests completion. In queue: 12
21:39:44.0476 0x1c7c  Waiting for KSN requests completion. In queue: 12
21:39:44.0966 0x1658  Object send P2P result: true
21:39:44.0966 0x1658  Object required for P2P: [ 9CFD0AFEA08FFEA16F3EFFC94D5B3DEF ] C:\Program Files\Logitech Gaming Software\LCore.exe
21:39:45.0476 0x1c7c  Waiting for KSN requests completion. In queue: 5
21:39:46.0476 0x1c7c  Waiting for KSN requests completion. In queue: 5
21:39:47.0431 0x1658  Object send P2P result: true
21:39:47.0432 0x1658  Object required for P2P: [ 3298B23482DAC11CD6CF6ED627B5D406 ] C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
21:39:47.0477 0x1c7c  Waiting for KSN requests completion. In queue: 4
21:39:48.0477 0x1c7c  Waiting for KSN requests completion. In queue: 4
21:39:49.0477 0x1c7c  Waiting for KSN requests completion. In queue: 4
21:39:49.0885 0x1658  Object send P2P result: true
21:39:50.0488 0x1c7c  AV detected via SS2: Panda Antivirus Pro 2016, C:\Program Files (x86)\Panda Security\Panda Security Protection\PAV3WSC.exe ( 6.0.0.0 ), 0x71000 ( enabled : updated )
21:39:50.0490 0x1c7c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
21:39:50.0491 0x1c7c  FW detected via SS2: Panda Firewall, C:\Program Files (x86)\Panda Security\Panda Security Protection\PAV3WSC.exe ( 6.0.0.0 ), 0x71010 ( enabled )
21:39:52.0932 0x1c7c  ============================================================
21:39:52.0932 0x1c7c  Scan finished
21:39:52.0932 0x1c7c  ============================================================
21:39:52.0937 0x16d8  Detected object count: 0
21:39:52.0937 0x16d8  Actual detected object count: 0
21:40:21.0174 0x0e3c  Deinitialize success

M-K-D-B · 19.03.2016, 22:34

Servus,

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von JRT,
die beiden neuen Logdateien von FRST.

NBX · 20.03.2016, 00:38

Guten Abend! Danke, hier mal die ersten drei:

AdwCleane

Code:

ATTFilter

# AdwCleaner v5.102 - Bericht erstellt am 20/03/2016 um 00:24:01
# Aktualisiert am 13/03/2016 von Xplode
# Datenbank : 2016-03-19.1 [Server]
# Betriebssystem : Windows 10 Pro  (x64)
# Benutzername : Pascal Weger - DESKTOP-MKUL2BH
# Gestartet von : C:\Users\Pascal Weger\Desktop\AdwCleaner_5.102(1).exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLL ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [1135 Bytes] - [20/03/2016 00:24:01]

########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [1228 Bytes] ##########

mbam.txt

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 20.03.2016
Suchlaufzeit: 00:27
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.03.19.06
Rootkit-Datenbank: v2016.03.12.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Pascal Weger

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 384024
Abgelaufene Zeit: 4 Min., 58 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

JRT.txt

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 10 Pro x64 
Ran by Pascal Weger (Administrator) on 20.03.2016 at  0:35:25,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 4 

Successfully deleted: C:\Users\Pascal Weger\AppData\Roaming\3909 (Folder) 
Successfully deleted: C:\WINDOWS\prefetch\FREEDOME.EXE-07054CFD.pf (File) 
Successfully deleted: C:\WINDOWS\prefetch\FREEDOME.EXE-89979190.pf (File) 
Successfully deleted: C:\WINDOWS\prefetch\FREEDOMEINSTALLERUI.EXE-FAD0BC0A.pf (File) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.03.2016 at  0:35:50,76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NBX · 20.03.2016, 00:40

FRST.txt

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Pascal Weger (Administrator) auf DESKTOP-MKUL2BH (20-03-2016 00:39:38)
Gestartet von C:\Users\Pascal Weger\Desktop
Geladene Profile: Pascal Weger (Verfügbare Profile: Pascal Weger)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\FreedomeService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-20] (Logitech Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [5006024 2016-03-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [99064 2015-12-07] (Panda Security, S.L.)
HKLM-x32\...\Run: [FreedomeAutoStart] => C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\Freedome.exe [5397976 2016-03-07] (F-Secure Corporation)
HKU\S-1-5-21-3473851266-2326088663-4233973066-1002\...\Run: [Spotify Web Helper] => C:\Users\Pascal Weger\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524848 2016-03-04] (Spotify Ltd)
HKU\S-1-5-21-3473851266-2326088663-4233973066-1002\...\RunOnce: [Uninstall C:\Users\Pascal Weger\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Pascal Weger\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-3473851266-2326088663-4233973066-1002\...\RunOnce: [Uninstall C:\Users\Pascal Weger\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Pascal Weger\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2fc182b6-9684-482a-803a-dcfca6885bf6}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================

FireFox:
========
FF ProfilePath: C:\Users\Pascal Weger\AppData\Roaming\Mozilla\Firefox\Profiles\51xz7td4.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-10] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> E:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> E:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-10] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> E:\Programme\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Pascal Weger\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> E:\Programme\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3473851266-2326088663-4233973066-1002: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> E:\Programme\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Extension: Adblock Plus - C:\Users\Pascal Weger\AppData\Roaming\Mozilla\Firefox\Profiles\51xz7td4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-19] [ist nicht signiert]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 Freedome Service; C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\FreedomeService.exe [434648 2016-03-07] (F-Secure Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-11-20] (Logitech Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-12-07] (Panda Security, S.L.)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2104840 2016-03-03] (Electronic Arts)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73176 2016-02-22] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-12-07] (Panda Security, S.L.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [23240 2016-02-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102400 2016-02-23] (Advanced Micro Devices)
R3 fsfreedometap; C:\Windows\System32\drivers\fsfreedometap.sys [34344 2016-02-05] (The OpenVPN Project)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2016-01-04] (Intel Corporation)
R1 NNSALPC; C:\Windows\system32\DRIVERS\NNSALPC.sys [103856 2015-12-10] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\system32\DRIVERS\NNSHTTP.sys [210864 2015-12-10] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\system32\DRIVERS\NNSHTTPS.sys [120240 2015-12-10] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\system32\DRIVERS\NNSIDS.sys [120240 2015-12-10] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\system32\DRIVERS\NNSPICC.sys [112560 2015-12-10] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\system32\DRIVERS\NNSPIHSW.sys [87984 2015-12-10] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\system32\DRIVERS\NNSPOP3.sys [133552 2015-12-10] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\system32\DRIVERS\NNSPROT.sys [309680 2015-12-10] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\system32\DRIVERS\NNSPRV.sys [179632 2015-12-10] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\system32\DRIVERS\NNSSMTP.sys [122800 2015-12-10] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\system32\DRIVERS\NNSSTRM.sys [267184 2015-12-10] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\system32\DRIVERS\NNSTLSC.sys [115632 2015-12-10] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [173488 2015-12-10] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [129456 2015-12-10] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\system32\DRIVERS\PSINKNC.sys [207280 2015-12-10] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [133552 2015-12-10] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [146352 2015-12-10] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [117168 2015-12-10] (Panda Security, S.L.)
U3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-20 00:39 - 2016-03-20 00:39 - 00011671 _____ C:\Users\Pascal Weger\Desktop\FRST.txt
2016-03-20 00:35 - 2016-03-20 00:35 - 00000868 _____ C:\Users\Pascal Weger\Desktop\JRT.txt
2016-03-20 00:34 - 2016-03-20 00:35 - 01610352 _____ (Malwarebytes) C:\Users\Pascal Weger\Desktop\JRT.exe
2016-03-20 00:34 - 2016-03-20 00:34 - 00002159 _____ C:\Users\Pascal Weger\Desktop\1.txt
2016-03-20 00:33 - 2016-03-20 00:33 - 00001200 _____ C:\Users\Pascal Weger\Desktop\mbam.txt
2016-03-20 00:22 - 2016-03-20 00:23 - 01527296 _____ C:\Users\Pascal Weger\Desktop\AdwCleaner_5.102(1).exe
2016-03-19 18:26 - 2016-03-20 00:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-18 23:07 - 2016-03-18 23:07 - 00000490 _____ C:\TDSSKiller.3.1.0.9_18.03.2016_23.07.11_log.txt
2016-03-18 23:06 - 2016-03-18 23:06 - 00000490 _____ C:\TDSSKiller.3.1.0.9_18.03.2016_23.06.40_log.txt
2016-03-18 21:38 - 2016-03-18 21:40 - 00080440 _____ C:\TDSSKiller.3.1.0.9_18.03.2016_21.38.57_log.txt
2016-03-18 21:37 - 2016-03-20 00:39 - 00000000 ____D C:\FRST
2016-03-18 21:37 - 2016-03-18 21:37 - 00081659 _____ C:\Users\Pascal Weger\Downloads\FRST.txt
2016-03-18 21:37 - 2016-03-18 21:37 - 00043290 _____ C:\Users\Pascal Weger\Downloads\Addition.txt
2016-03-18 21:36 - 2016-03-18 21:36 - 02374144 _____ (Farbar) C:\Users\Pascal Weger\Desktop\FRST64.exe
2016-03-18 20:16 - 2016-03-18 20:16 - 01527296 _____ C:\Users\Pascal Weger\Downloads\adwcleaner_5.102.exe
2016-03-17 11:46 - 2016-03-17 11:46 - 00032587 _____ C:\Users\Pascal Weger\Downloads\tarifeat-kuendigung-a1-17-3-2016.pdf
2016-03-16 02:53 - 2016-03-16 02:53 - 00000202 _____ C:\Users\Pascal Weger\Desktop\Subnautica.url
2016-03-15 15:58 - 2016-03-15 16:03 - 301869848 _____ C:\Users\Pascal Weger\Downloads\More Music V5-85-5.zip
2016-03-14 03:37 - 2016-03-14 03:37 - 00000202 _____ C:\Users\Pascal Weger\Desktop\Stardew Valley.url
2016-03-13 14:09 - 2016-03-13 14:05 - 00295976 _____ C:\Users\Pascal Weger\Desktop\Stardew Valley - The Spreadsheet_update4.xlsx
2016-03-13 14:04 - 2016-03-13 14:05 - 00295976 _____ C:\Users\Pascal Weger\Downloads\Stardew Valley - The Spreadsheet_update4.xlsx
2016-03-12 17:08 - 2016-03-12 17:08 - 08110628 _____ C:\Users\Pascal Weger\Downloads\dict-de_at-frami_2015-12-28.oxt
2016-03-12 15:05 - 2016-03-12 15:05 - 00000000 ____D C:\Users\Pascal Weger\AppData\Roaming\Ubisoft
2016-03-12 15:02 - 2016-03-12 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2016-03-12 15:02 - 2016-03-12 15:02 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-03-12 15:02 - 2016-02-16 00:27 - 00125720 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-03-12 15:02 - 2016-02-16 00:26 - 00126232 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-03-12 15:02 - 2016-02-16 00:25 - 00045848 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-03-12 15:02 - 2016-02-16 00:25 - 00042264 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-03-12 15:02 - 2015-06-16 15:41 - 00062080 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2016-03-12 15:00 - 2016-03-12 15:00 - 00000000 ____D C:\Program Files (x86)\AMD
2016-03-11 13:35 - 2016-03-11 13:35 - 00001564 _____ C:\Users\Pascal Weger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OnlineScannerApp.lnk
2016-03-11 02:05 - 2016-03-11 02:05 - 00000000 ____D C:\Program Files (x86)\ESET
2016-03-10 23:05 - 2016-03-12 15:02 - 00000630 _____ C:\WINDOWS\Tasks\TrackerAutoUpdate.job
2016-03-10 23:05 - 2016-03-10 23:05 - 00003222 _____ C:\WINDOWS\System32\Tasks\TrackerAutoUpdate
2016-03-10 23:05 - 2016-03-10 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2016-03-10 23:03 - 2016-03-10 23:04 - 17765360 _____ (Tracker Software Products Ltd ) C:\Users\Pascal Weger\Downloads\PDFXVwer3161.exe
2016-03-10 23:02 - 2016-03-10 23:02 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-03-10 20:17 - 2016-03-10 20:17 - 00001960 _____ C:\Users\Pascal Weger\Documents\panda.txt
2016-03-10 16:52 - 2016-03-10 16:52 - 284640110 _____ C:\Users\Pascal Weger\Downloads\More-Music-Modv1(1).zip
2016-03-10 16:45 - 2016-03-10 16:45 - 00001604 _____ C:\Users\Pascal Weger\Downloads\Fish(2).xnb
2016-03-10 16:44 - 2016-03-10 16:45 - 00001604 _____ C:\Users\Pascal Weger\Downloads\Fish(1).xnb
2016-03-10 15:10 - 2016-03-10 15:10 - 00001799 _____ C:\Users\Pascal Weger\Desktop\Audible.lnk
2016-03-10 14:59 - 2016-03-18 23:47 - 00000000 ___RD C:\Users\Pascal Weger\Desktop\Neuer Ordner
2016-03-10 14:58 - 2016-03-10 14:58 - 00001359 _____ C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2016-03-09 16:34 - 2016-03-18 16:02 - 00000000 ____D C:\Users\Pascal Weger\AppData\Roaming\StardewValley
2016-03-09 15:16 - 2016-03-01 06:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-09 15:16 - 2016-03-01 06:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-09 15:16 - 2016-02-24 10:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-03-09 15:16 - 2016-02-24 10:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 15:16 - 2016-02-24 10:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-09 15:16 - 2016-02-24 10:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 15:16 - 2016-02-24 10:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-09 15:16 - 2016-02-24 10:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-09 15:16 - 2016-02-24 10:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-09 15:16 - 2016-02-24 10:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-03-09 15:16 - 2016-02-24 09:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-09 15:16 - 2016-02-24 09:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-09 15:16 - 2016-02-24 09:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-09 15:16 - 2016-02-24 09:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-09 15:16 - 2016-02-24 09:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-09 15:16 - 2016-02-24 09:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-09 15:16 - 2016-02-24 09:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-03-09 15:16 - 2016-02-24 09:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-09 15:16 - 2016-02-24 09:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-09 15:16 - 2016-02-24 09:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-09 15:16 - 2016-02-24 09:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-09 15:16 - 2016-02-24 09:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-09 15:16 - 2016-02-24 09:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-03-09 15:16 - 2016-02-24 09:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-03-09 15:16 - 2016-02-24 09:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-09 15:16 - 2016-02-24 09:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-09 15:16 - 2016-02-24 09:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 15:16 - 2016-02-24 09:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-09 15:16 - 2016-02-24 09:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-09 15:16 - 2016-02-24 09:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-09 15:16 - 2016-02-24 09:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-09 15:16 - 2016-02-24 08:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-03-09 15:16 - 2016-02-24 08:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-09 15:16 - 2016-02-24 08:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-09 15:16 - 2016-02-24 08:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-09 15:16 - 2016-02-24 08:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-09 15:16 - 2016-02-24 08:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-09 15:16 - 2016-02-24 08:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-09 15:16 - 2016-02-24 08:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-09 15:16 - 2016-02-24 08:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-03-09 15:16 - 2016-02-24 08:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-09 15:16 - 2016-02-24 08:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-09 15:16 - 2016-02-24 08:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-09 15:16 - 2016-02-24 08:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-09 15:16 - 2016-02-24 08:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-03-09 15:16 - 2016-02-24 08:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-09 15:16 - 2016-02-24 08:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-09 15:16 - 2016-02-24 08:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-09 15:16 - 2016-02-24 08:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-09 15:16 - 2016-02-24 08:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-09 15:16 - 2016-02-24 08:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-09 15:16 - 2016-02-24 08:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-03-09 15:16 - 2016-02-24 08:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 15:16 - 2016-02-24 08:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-09 15:16 - 2016-02-24 08:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-09 15:16 - 2016-02-24 08:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-09 15:16 - 2016-02-24 08:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-09 15:16 - 2016-02-24 08:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-09 15:16 - 2016-02-24 08:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-09 15:16 - 2016-02-24 08:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-09 15:16 - 2016-02-24 08:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-09 15:16 - 2016-02-24 08:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-09 15:16 - 2016-02-24 08:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-09 15:16 - 2016-02-24 08:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-09 15:16 - 2016-02-24 08:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-03-09 15:16 - 2016-02-24 08:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-09 15:16 - 2016-02-24 08:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-09 15:16 - 2016-02-24 08:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-09 15:16 - 2016-02-24 08:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-09 15:16 - 2016-02-24 08:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-09 15:16 - 2016-02-24 08:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-09 15:16 - 2016-02-24 07:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-09 15:16 - 2016-02-24 07:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-09 15:16 - 2016-02-24 07:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-09 15:16 - 2016-02-24 07:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-09 15:16 - 2016-02-24 07:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-09 15:16 - 2016-02-24 07:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-09 15:16 - 2016-02-24 07:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-03-09 15:16 - 2016-02-24 07:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-09 15:16 - 2016-02-24 07:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-09 15:16 - 2016-02-24 07:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 15:16 - 2016-02-24 07:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-09 15:16 - 2016-02-24 07:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-03-09 15:16 - 2016-02-24 07:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-03-09 15:16 - 2016-02-24 07:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-09 15:16 - 2016-02-24 07:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-09 15:16 - 2016-02-24 07:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-09 15:16 - 2016-02-24 07:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-09 15:16 - 2016-02-24 07:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-03-09 15:16 - 2016-02-24 07:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-03-09 15:16 - 2016-02-24 07:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-03-09 15:16 - 2016-02-24 07:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-09 15:16 - 2016-02-24 07:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-09 15:16 - 2016-02-24 07:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-03-09 15:16 - 2016-02-24 07:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-03-09 15:16 - 2016-02-24 07:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-09 15:16 - 2016-02-24 07:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-09 15:16 - 2016-02-24 07:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-09 15:16 - 2016-02-24 07:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-09 15:16 - 2016-02-24 07:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-09 15:16 - 2016-02-24 07:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-09 15:16 - 2016-02-24 07:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-09 15:16 - 2016-02-24 07:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-03-09 15:16 - 2016-02-24 07:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-03-09 15:16 - 2016-02-24 07:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 15:16 - 2016-02-24 07:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-09 15:16 - 2016-02-24 07:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-09 15:16 - 2016-02-24 07:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-03-09 15:16 - 2016-02-24 07:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-03-09 15:16 - 2016-02-24 07:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-03-09 15:16 - 2016-02-24 07:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-03-09 15:16 - 2016-02-24 07:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-03-09 15:16 - 2016-02-24 07:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-03-09 15:16 - 2016-02-24 07:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-03-09 15:16 - 2016-02-24 07:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 15:16 - 2016-02-24 07:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-03-09 15:16 - 2016-02-24 07:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-03-09 15:16 - 2016-02-24 07:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-09 15:16 - 2016-02-24 07:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-03-09 15:16 - 2016-02-24 07:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-09 15:16 - 2016-02-24 07:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-03-09 15:16 - 2016-02-24 07:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-03-09 15:16 - 2016-02-24 07:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-03-09 15:16 - 2016-02-24 07:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-09 15:16 - 2016-02-24 07:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-03-09 15:16 - 2016-02-24 07:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-09 15:16 - 2016-02-24 07:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-03-09 15:16 - 2016-02-24 07:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-03-09 15:16 - 2016-02-24 07:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-03-09 15:16 - 2016-02-24 07:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-09 15:16 - 2016-02-24 07:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-09 15:16 - 2016-02-24 07:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-03-09 15:16 - 2016-02-24 07:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-03-09 15:16 - 2016-02-24 07:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-09 15:16 - 2016-02-24 07:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-03-09 15:16 - 2016-02-24 07:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-09 15:16 - 2016-02-24 07:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 15:16 - 2016-02-24 07:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-03-09 15:16 - 2016-02-24 06:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-09 15:16 - 2016-02-24 06:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-09 15:16 - 2016-02-24 06:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-09 15:16 - 2016-02-24 06:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-09 15:16 - 2016-02-24 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-03-09 15:16 - 2016-02-24 06:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-09 15:16 - 2016-02-24 06:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-09 15:16 - 2016-02-24 06:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-09 15:16 - 2016-02-24 06:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 15:16 - 2016-02-24 06:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 15:16 - 2016-02-24 06:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 15:16 - 2016-02-24 06:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 15:16 - 2016-02-24 06:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 15:16 - 2016-02-24 05:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-09 15:16 - 2016-02-24 05:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-09 03:29 - 2016-03-09 03:29 - 00271766 _____ C:\Users\Pascal Weger\Downloads\Cursors.xnb
2016-03-09 03:21 - 2016-03-09 03:21 - 284640110 _____ C:\Users\Pascal Weger\Downloads\More-Music-Modv1.zip
2016-03-09 03:19 - 2016-03-15 16:01 - 00000000 ____D C:\Users\Pascal Weger\Documents\Stardew Valley alte Dateien
2016-03-08 21:32 - 2016-03-08 21:35 - 345750267 _____ C:\Users\Pascal Weger\Downloads\oceanhorn-pc-2016-january-01.zip
2016-03-08 21:17 - 2016-03-08 21:17 - 00001604 _____ C:\Users\Pascal Weger\Downloads\Fish.xnb
2016-03-08 00:30 - 2016-03-08 00:30 - 00458472 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-03-08 00:30 - 2016-03-08 00:30 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-03-08 00:30 - 2016-03-08 00:30 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-03-08 00:30 - 2016-03-08 00:30 - 00110880 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-03-08 00:30 - 2016-03-08 00:30 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-03-08 00:30 - 2016-03-08 00:30 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-03-08 00:30 - 2016-03-08 00:30 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-03-08 00:29 - 2016-03-08 00:29 - 00120656 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2016-03-08 00:29 - 2016-03-08 00:29 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-03-08 00:29 - 2016-03-08 00:29 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-03-08 00:28 - 2016-03-08 00:28 - 08843208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2016-03-08 00:26 - 2016-03-08 00:26 - 00296648 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdacpksd.sys
2016-03-08 00:17 - 2016-03-08 00:17 - 06956032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-03-08 00:14 - 2016-03-08 00:14 - 48212480 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2016-03-08 00:14 - 2016-03-08 00:14 - 00235008 _____ C:\WINDOWS\system32\clinfo.exe
2016-03-08 00:13 - 2016-03-08 00:13 - 40126464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2016-03-08 00:13 - 2016-03-08 00:13 - 05420032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-03-08 00:12 - 2016-03-08 00:12 - 00065024 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-03-08 00:12 - 2016-03-08 00:12 - 00059392 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-03-08 00:10 - 2016-03-08 00:10 - 26886656 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2016-03-08 00:10 - 2016-03-08 00:10 - 21730304 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2016-03-07 23:58 - 2016-03-07 23:58 - 06591488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2016-03-07 23:49 - 2016-03-07 23:49 - 00134656 _____ C:\WINDOWS\system32\amdhdl64.dll
2016-03-07 23:49 - 2016-03-07 23:49 - 00123392 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2016-03-07 23:48 - 2016-03-07 23:48 - 30377984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2016-03-07 23:48 - 2016-03-07 23:48 - 06883840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2016-03-07 23:48 - 2016-03-07 23:48 - 00701440 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-03-07 23:48 - 2016-03-07 23:48 - 00580096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-03-07 23:48 - 2016-03-07 23:48 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2016-03-07 23:48 - 2016-03-07 23:48 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2016-03-07 23:46 - 2016-03-07 23:46 - 00865280 _____ (AMD) C:\WINDOWS\system32\coinst_16.15.dll
2016-03-07 23:45 - 2016-03-07 23:45 - 15711744 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2016-03-07 23:45 - 2016-03-07 23:45 - 00697320 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2016-03-07 23:45 - 2016-03-07 23:45 - 00697320 _____ C:\WINDOWS\system32\atiapfxx.blb
2016-03-07 23:45 - 2016-03-07 23:45 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-03-07 23:45 - 2016-03-07 23:45 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2016-03-07 23:45 - 2016-03-07 23:45 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2016-03-07 23:45 - 2016-03-07 23:45 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2016-03-07 23:45 - 2016-03-07 23:45 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2016-03-07 23:44 - 2016-03-07 23:44 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2016-03-07 23:44 - 2016-03-07 23:44 - 05396992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2016-03-07 23:44 - 2016-03-07 23:44 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2016-03-07 23:44 - 2016-03-07 23:44 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2016-03-07 23:42 - 2016-03-07 23:42 - 25069056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2016-03-07 23:42 - 2016-03-07 23:42 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2016-03-07 23:40 - 2016-03-07 23:40 - 00097280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2016-03-07 23:40 - 2016-03-07 23:40 - 00089600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-03-07 23:39 - 2016-03-07 23:39 - 08385024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2016-03-07 23:38 - 2016-03-07 23:38 - 00560128 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-03-07 23:38 - 2016-03-07 23:38 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-03-07 23:38 - 2016-03-07 23:38 - 00251392 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2016-03-07 23:38 - 2016-03-07 23:38 - 00224256 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-03-07 23:38 - 2016-03-07 23:38 - 00209920 _____ C:\WINDOWS\system32\GameManager64.dll
2016-03-07 23:38 - 2016-03-07 23:38 - 00204800 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-03-07 23:38 - 2016-03-07 23:38 - 00189952 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-03-07 23:38 - 2016-03-07 23:38 - 00162304 _____ C:\WINDOWS\system32\atieah64.exe
2016-03-07 23:38 - 2016-03-07 23:38 - 00145408 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-03-07 23:38 - 2016-03-07 23:38 - 00078336 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-03-07 23:37 - 2016-03-07 23:37 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2016-03-07 23:37 - 2016-03-07 23:37 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 01276416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00944640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00944640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00157696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00142336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00075776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2016-03-07 23:32 - 2016-03-07 23:32 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2016-03-07 23:30 - 2016-03-07 23:30 - 00195072 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-03-07 23:30 - 2016-03-07 23:30 - 00174592 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-03-07 16:15 - 2016-03-07 17:46 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\Audible
2016-03-07 16:15 - 2016-03-07 16:15 - 00255352 _____ (Audible, Inc.) C:\WINDOWS\SysWOW64\awrdscdc.ax
2016-03-07 16:14 - 2016-03-07 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager
2016-03-07 16:14 - 2016-03-07 16:14 - 00000000 ____D C:\Users\Pascal Weger\Documents\Audible
2016-03-07 16:14 - 2003-03-18 21:20 - 01060864 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2016-03-07 16:14 - 2003-03-18 20:14 - 00499712 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2016-03-07 16:14 - 2003-02-21 04:42 - 00348160 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2016-03-07 16:14 - 2001-08-17 22:43 - 00024576 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2016-03-07 16:11 - 2016-03-07 16:12 - 01730272 _____ (Audible Inc.) C:\Users\Pascal Weger\Downloads\ActiveSetupN.exe
2016-03-07 16:11 - 2016-03-07 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freedome
2016-03-07 01:34 - 2016-03-20 00:24 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-07 01:25 - 2016-03-07 01:25 - 35816720 _____ (Panda Security ) C:\Users\Pascal Weger\Downloads\PandaCloudCleaner.exe
2016-03-04 03:48 - 2016-03-04 03:48 - 00000898 _____ C:\Users\Public\Desktop\Unravel™.lnk
2016-03-04 03:05 - 2016-03-17 21:14 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\Spotify
2016-03-04 03:05 - 2016-03-17 21:08 - 00000000 ____D C:\Users\Pascal Weger\AppData\Roaming\Spotify
2016-03-04 03:05 - 2016-03-04 03:05 - 00236248 _____ (Spotify Ltd) C:\Users\Pascal Weger\Downloads\SpotifySetup.exe
2016-03-04 03:05 - 2016-03-04 03:05 - 00001885 _____ C:\Users\Pascal Weger\Desktop\Spotify.lnk
2016-03-04 03:05 - 2016-03-04 03:05 - 00001871 _____ C:\Users\Pascal Weger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-03-03 23:59 - 2016-03-04 14:50 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\Origin
2016-03-03 23:59 - 2016-03-04 02:25 - 00000000 ____D C:\Users\Pascal Weger\AppData\Roaming\Origin
2016-03-03 23:58 - 2016-03-04 23:57 - 00000000 ____D C:\ProgramData\Origin
2016-03-03 23:58 - 2016-03-03 23:58 - 00000567 _____ C:\Users\Public\Desktop\Origin.lnk
2016-03-03 23:58 - 2016-03-03 23:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-03-03 23:58 - 2016-03-03 23:58 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-03-03 23:56 - 2016-03-03 23:57 - 31334856 _____ (Electronic Arts, Inc.) C:\Users\Pascal Weger\Downloads\OriginThinSetup.exe
2016-03-02 13:52 - 2016-03-02 13:52 - 00006504 _____ C:\Users\Pascal Weger\AppData\Local\recently-used.xbel
2016-03-02 02:21 - 2016-03-02 02:21 - 00000000 ____D C:\Users\Pascal Weger\AppData\Roaming\OpenOffice
2016-03-01 20:31 - 2016-02-23 12:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-01 20:31 - 2016-02-23 12:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-01 20:31 - 2016-02-23 12:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-01 20:31 - 2016-02-23 12:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-01 20:31 - 2016-02-23 12:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-01 20:31 - 2016-02-23 12:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-01 20:31 - 2016-02-23 12:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-01 20:31 - 2016-02-23 12:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-01 20:31 - 2016-02-23 12:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-01 20:31 - 2016-02-23 12:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-01 20:31 - 2016-02-23 11:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-01 20:31 - 2016-02-23 11:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-01 20:31 - 2016-02-23 11:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-01 20:31 - 2016-02-23 11:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-01 20:31 - 2016-02-23 11:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-01 20:31 - 2016-02-23 11:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-01 20:31 - 2016-02-23 11:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-01 20:31 - 2016-02-23 11:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-01 20:31 - 2016-02-23 11:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-01 20:31 - 2016-02-23 11:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-01 20:31 - 2016-02-23 11:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-01 20:31 - 2016-02-23 11:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-01 20:31 - 2016-02-23 11:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-01 20:31 - 2016-02-23 11:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-01 20:31 - 2016-02-23 11:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-01 20:31 - 2016-02-23 11:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-01 20:31 - 2016-02-23 11:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-01 20:31 - 2016-02-23 11:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-01 20:31 - 2016-02-23 11:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-01 20:31 - 2016-02-23 10:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-01 20:31 - 2016-02-23 10:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-01 20:31 - 2016-02-23 10:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-01 20:31 - 2016-02-23 10:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-01 20:31 - 2016-02-23 10:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-01 20:31 - 2016-02-23 10:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-01 20:31 - 2016-02-23 10:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-01 20:31 - 2016-02-23 10:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-01 20:31 - 2016-02-23 10:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-01 20:31 - 2016-02-23 10:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-01 20:31 - 2016-02-23 10:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-01 20:31 - 2016-02-23 10:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-01 20:31 - 2016-02-23 10:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-01 20:31 - 2016-02-23 10:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-01 20:31 - 2016-02-23 10:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-01 20:31 - 2016-02-23 10:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-01 20:31 - 2016-02-23 10:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-01 20:31 - 2016-02-23 10:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-01 20:31 - 2016-02-23 10:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-01 20:31 - 2016-02-23 10:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-01 20:31 - 2016-02-23 10:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-01 20:31 - 2016-02-23 10:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-01 20:31 - 2016-02-23 10:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-01 20:31 - 2016-02-23 10:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-01 20:31 - 2016-02-23 10:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-01 20:31 - 2016-02-23 10:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-01 20:31 - 2016-02-23 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-01 20:31 - 2016-02-23 10:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-01 20:31 - 2016-02-23 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-01 20:31 - 2016-02-23 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-01 20:31 - 2016-02-23 09:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-01 20:31 - 2016-02-23 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-01 20:31 - 2016-02-23 09:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-01 20:31 - 2016-02-23 09:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-01 20:31 - 2016-02-23 09:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-01 20:31 - 2016-02-23 09:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-01 20:31 - 2016-02-23 09:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-01 20:31 - 2016-02-23 09:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-01 20:31 - 2016-02-23 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-01 20:31 - 2016-02-23 09:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-01 20:31 - 2016-02-23 09:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-01 20:31 - 2016-02-23 09:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-01 20:31 - 2016-02-23 09:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-01 20:31 - 2016-02-23 09:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-01 20:31 - 2016-02-23 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-01 20:31 - 2016-02-23 09:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-01 20:31 - 2016-02-23 09:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-01 20:31 - 2016-02-23 09:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-01 20:31 - 2016-02-23 09:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-01 20:31 - 2016-02-23 09:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-01 20:31 - 2016-02-23 09:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-01 20:31 - 2016-02-23 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-01 20:31 - 2016-02-23 09:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-01 20:31 - 2016-02-23 09:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-01 20:31 - 2016-02-23 09:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-01 20:31 - 2016-02-23 09:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-01 20:31 - 2016-02-23 09:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-01 20:31 - 2016-02-23 09:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-01 20:31 - 2016-02-23 09:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-01 20:31 - 2016-02-23 09:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-01 20:31 - 2016-02-23 09:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-01 20:31 - 2016-02-23 09:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-01 20:31 - 2016-02-23 09:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-01 20:31 - 2016-02-23 09:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-01 20:31 - 2016-02-23 09:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-01 20:31 - 2016-02-23 09:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-01 20:31 - 2016-02-23 09:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-01 20:31 - 2016-02-23 09:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-01 20:31 - 2016-02-23 09:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-01 20:31 - 2016-02-23 09:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-01 20:31 - 2016-02-23 09:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-01 20:31 - 2016-02-23 09:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-01 20:31 - 2016-02-23 09:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-01 20:31 - 2016-02-23 09:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-01 20:31 - 2016-02-23 09:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-01 20:31 - 2016-02-23 09:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-01 20:31 - 2016-02-23 09:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-01 20:31 - 2016-02-23 09:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-01 20:31 - 2016-02-23 09:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-01 20:31 - 2016-02-23 09:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-01 20:31 - 2016-02-23 09:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-01 20:31 - 2016-02-23 09:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-01 20:31 - 2016-02-23 09:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-01 20:31 - 2016-02-23 09:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-01 20:31 - 2016-02-23 09:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-01 20:31 - 2016-02-23 09:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-01 20:31 - 2016-02-23 08:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-01 20:31 - 2016-02-23 08:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-01 20:31 - 2016-02-23 08:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-01 20:31 - 2016-02-23 08:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-01 20:31 - 2016-02-23 08:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-01 20:31 - 2016-02-23 08:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-01 20:31 - 2016-02-23 08:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-01 20:31 - 2016-02-23 08:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-01 20:31 - 2016-02-23 08:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-01 20:31 - 2016-02-23 08:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-01 20:31 - 2016-02-23 08:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-01 20:31 - 2016-02-23 08:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-01 20:31 - 2016-02-23 08:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-01 20:31 - 2016-02-23 08:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-01 20:31 - 2016-02-23 08:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-01 20:31 - 2016-02-23 08:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-01 20:31 - 2016-02-23 08:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-01 20:31 - 2016-02-23 08:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-01 20:31 - 2016-02-23 08:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-01 20:31 - 2016-02-23 08:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-01 20:31 - 2016-02-23 08:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-01 20:31 - 2016-02-23 08:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-01 20:31 - 2016-02-23 08:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-01 20:31 - 2016-02-23 08:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-01 20:31 - 2016-02-23 08:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-01 20:31 - 2016-02-23 08:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-01 20:31 - 2016-02-23 08:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-01 20:31 - 2016-02-23 08:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-01 20:31 - 2016-02-23 08:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-01 20:31 - 2016-02-23 08:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-01 20:31 - 2016-02-23 08:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-01 20:31 - 2016-02-23 08:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-01 20:31 - 2016-02-23 08:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-01 20:31 - 2016-02-23 08:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-01 20:31 - 2016-02-23 08:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-01 20:31 - 2016-02-23 08:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-01 20:31 - 2016-02-23 07:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-01 20:31 - 2016-02-23 07:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-01 20:31 - 2016-02-23 07:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-01 20:31 - 2016-02-23 07:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-01 20:31 - 2016-02-23 07:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-01 20:31 - 2016-02-23 07:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-01 20:31 - 2016-02-23 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-01 20:31 - 2016-02-23 07:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-01 20:31 - 2016-02-23 07:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-01 20:31 - 2016-02-23 07:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-01 20:31 - 2016-02-23 07:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-01 20:31 - 2016-02-23 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-01 20:31 - 2016-02-23 07:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-01 20:31 - 2016-02-23 07:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-01 20:31 - 2016-02-23 07:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-01 20:31 - 2016-02-23 07:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-01 20:31 - 2016-02-23 07:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-01 20:31 - 2016-02-23 07:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-01 20:31 - 2016-02-23 07:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-01 20:31 - 2016-02-23 07:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-01 20:31 - 2016-02-09 05:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-01 20:31 - 2016-02-09 05:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-01 20:31 - 2016-02-09 04:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-01 20:31 - 2016-02-09 04:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-01 20:31 - 2016-02-09 04:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-01 20:31 - 2016-02-09 04:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-01 20:31 - 2016-02-09 04:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-01 20:31 - 2016-02-09 04:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-01 15:03 - 2016-03-01 15:03 - 11258944 _____ C:\Users\Pascal Weger\Downloads\FCPRI_Wallpaper.zip
2016-03-01 14:57 - 2016-03-01 14:57 - 00000000 ____D C:\ProgramData\dbdata
2016-02-28 01:23 - 2016-02-28 01:23 - 00000000 ____D C:\Users\Pascal Weger\AppData\LocalLow\E_Line Media
2016-02-28 01:23 - 2016-02-28 01:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters
2016-02-28 01:23 - 2016-02-28 01:23 - 00000000 ____D C:\Program Files (x86)\LAV Filters
2016-02-27 15:33 - 2016-02-27 15:33 - 00000216 _____ C:\Users\Pascal Weger\Desktop\Far Cry Primal.url
2016-02-26 22:00 - 2016-03-08 00:29 - 08585696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2016-02-26 22:00 - 2016-03-08 00:29 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2016-02-26 22:00 - 2016-02-26 22:00 - 08089248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET6CDD.tmp
2016-02-26 22:00 - 2016-02-26 22:00 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET79B6.tmp
2016-02-26 21:59 - 2016-03-08 00:29 - 07392480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2016-02-26 21:59 - 2016-02-26 21:59 - 09176928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET6C5E.tmp
2016-02-26 21:04 - 2016-03-07 23:38 - 00186368 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-02-26 21:04 - 2016-02-26 21:04 - 00186368 _____ C:\WINDOWS\SysWOW64\SET7256.tmp
2016-02-26 16:34 - 2016-03-02 13:53 - 00000000 ____D C:\Users\Pascal Weger\.gimp-2.8
2016-02-26 16:33 - 2016-02-26 16:33 - 00000939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-02-26 16:33 - 2016-02-26 16:33 - 00000927 _____ C:\Users\Public\Desktop\GIMP 2.lnk
2016-02-26 16:33 - 2016-02-26 16:33 - 00000000 ____D C:\Program Files\GIMP 2
2016-02-26 16:27 - 2016-02-26 16:32 - 96823808 _____ (The GIMP Team ) C:\Users\Pascal Weger\Downloads\gimp-2.8.16-setup-1.exe
2016-02-23 20:13 - 2016-02-23 20:13 - 13163744 _____ (Microsoft Corporation) C:\Users\Pascal Weger\Downloads\Silverlight_x64.exe
2016-02-23 20:13 - 2016-02-23 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-23 20:13 - 2016-02-23 20:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-23 20:13 - 2016-02-23 20:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-23 16:54 - 2016-02-23 16:54 - 00023240 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmafd.sys
2016-02-23 16:17 - 2016-02-23 16:17 - 00103424 _____ (Advanced Micro Devices) C:\WINDOWS\system32\DelayAPO.dll
2016-02-23 01:54 - 2016-02-23 01:54 - 00000214 _____ C:\Users\Pascal Weger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anno 2070.url
2016-02-23 01:47 - 2016-03-01 15:18 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\Ubisoft Game Launcher
2016-02-23 01:47 - 2016-02-23 01:47 - 00000773 _____ C:\Users\Pascal Weger\Desktop\Uplay.lnk
2016-02-23 01:47 - 2016-02-23 01:47 - 00000000 ____D C:\Users\Pascal Weger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-02-23 01:46 - 2016-02-23 01:46 - 65201568 _____ (Ubisoft) C:\Users\Pascal Weger\Downloads\UplayInstaller.exe
2016-02-19 15:28 - 2016-02-19 15:29 - 78876410 _____ C:\Users\Pascal Weger\Downloads\RimWorldAlpha12dWin.zip

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-20 00:37 - 2016-01-05 01:08 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-20 00:24 - 2016-01-04 15:13 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-20 00:24 - 2015-10-30 19:35 - 00775524 _____ C:\WINDOWS\system32\perfh007.dat
2016-03-20 00:24 - 2015-10-30 19:35 - 00155338 _____ C:\WINDOWS\system32\perfc007.dat
2016-03-20 00:24 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-20 00:19 - 2016-01-04 20:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-20 00:19 - 2016-01-04 15:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-20 00:19 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-03-20 00:17 - 2016-01-04 19:45 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\Battle.net
2016-03-20 00:07 - 2016-01-04 20:36 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-19 23:24 - 2016-01-20 17:02 - 00004186 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{12938A39-7D46-4B23-850C-FF77D0E5E002}
2016-03-19 17:11 - 2016-01-04 19:44 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-03-19 17:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-18 20:17 - 2016-01-04 15:26 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\VirtualStore
2016-03-18 16:00 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-17 14:36 - 2016-01-05 16:47 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\Deployment
2016-03-17 01:45 - 2016-01-18 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2016-03-12 15:02 - 2016-01-04 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-03-12 14:59 - 2016-01-04 20:18 - 00000000 ____D C:\Program Files\AMD
2016-03-12 14:57 - 2016-01-04 15:18 - 00000000 ____D C:\AMD
2016-03-11 03:22 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-10 23:02 - 2016-01-04 15:48 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-03-10 14:58 - 2016-02-18 02:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2016-03-10 14:58 - 2016-01-04 16:12 - 00000000 ____D C:\Program Files (x86)\Panda Security
2016-03-09 15:23 - 2016-01-04 20:17 - 00269360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-09 15:22 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-09 15:22 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-09 15:22 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-09 15:22 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-09 15:20 - 2016-01-04 19:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-09 15:18 - 2016-01-04 19:47 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-09 03:44 - 2016-01-10 17:54 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-03-09 03:43 - 2016-01-05 22:48 - 00001160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2016-03-09 03:43 - 2016-01-05 22:48 - 00000000 ____D C:\Program Files\paint.net
2016-03-09 03:40 - 2016-01-04 19:16 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\AMD
2016-03-08 08:12 - 2015-10-30 08:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:12 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-08 00:29 - 2015-12-16 20:45 - 09526616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2016-03-08 00:29 - 2015-12-16 20:45 - 00152568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2016-03-08 00:29 - 2015-12-16 20:45 - 00133528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2016-03-08 00:29 - 2015-12-16 20:44 - 11623736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2016-03-08 00:29 - 2015-12-16 20:44 - 09581736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2016-03-08 00:29 - 2015-12-16 20:44 - 01514776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-03-08 00:29 - 2015-12-16 20:44 - 01243368 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-03-08 00:23 - 2015-12-16 20:31 - 26342400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2016-03-07 23:32 - 2015-12-16 20:31 - 00676352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2016-03-04 03:48 - 2016-01-04 15:19 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-04 02:46 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-03-02 13:53 - 2016-01-04 20:18 - 00000000 ____D C:\Users\Pascal Weger
2016-03-02 13:53 - 2016-01-04 15:28 - 00002408 _____ C:\Users\Pascal Weger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-02 13:53 - 2016-01-04 15:28 - 00000000 ___RD C:\Users\Pascal Weger\OneDrive
2016-03-02 13:52 - 2016-02-08 01:27 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\gtk-2.0
2016-03-02 02:17 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-02 02:17 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-02 02:17 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-02 02:17 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-02 02:17 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-02 02:17 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-02 02:17 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-02 02:17 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-02 02:17 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-01 14:58 - 2016-01-04 19:35 - 00000000 ____D C:\Users\Pascal Weger\Documents\my games
2016-02-26 22:00 - 2015-12-16 20:45 - 00152056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET72CE.tmp
2016-02-26 22:00 - 2015-12-16 20:45 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET79C8.tmp
2016-02-26 22:00 - 2015-12-16 20:44 - 13408208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET6BB0.tmp
2016-02-26 22:00 - 2015-12-16 20:44 - 11108696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET6F28.tmp
2016-02-26 22:00 - 2015-12-16 20:44 - 01506000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET7301.tmp
2016-02-26 22:00 - 2015-12-16 20:44 - 01237200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET73A1.tmp
2016-02-26 21:59 - 2015-12-16 20:45 - 09017808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET648D.tmp
2016-02-26 21:53 - 2015-12-16 20:31 - 23981568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\SET636F.tmp
2016-02-26 21:11 - 2015-12-16 20:41 - 00865280 _____ (AMD) C:\WINDOWS\system32\coinst_15.30.dll
2016-02-26 20:58 - 2015-12-16 20:31 - 00674816 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\SET72AC.tmp
2016-02-24 00:06 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-02-23 16:18 - 2015-09-18 01:38 - 00102400 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdWT6.sys

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-01-06 04:10 - 2016-01-10 23:07 - 0104257 _____ () C:\Users\Pascal Weger\AppData\Local\ars.cache
2016-01-06 04:10 - 2016-01-10 23:07 - 0339196 _____ () C:\Users\Pascal Weger\AppData\Local\census.cache
2016-01-06 03:59 - 2016-01-06 03:59 - 0000036 _____ () C:\Users\Pascal Weger\AppData\Local\housecall.guid.cache
2016-03-02 13:52 - 2016-03-02 13:52 - 0006504 _____ () C:\Users\Pascal Weger\AppData\Local\recently-used.xbel

Einige Dateien in TEMP:
====================
C:\Users\Pascal Weger\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Pascal Weger\AppData\Local\Temp\Nexus Mod Manager-0.61.9.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-03-12 21:08

==================== Ende von FRST.txt ============================

Addition.txt

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Pascal Weger (2016-03-20 00:39:55)
Gestartet von C:\Users\Pascal Weger\Desktop
Windows 10 Pro Version 1511 (X64) (2016-01-04 19:21:45)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3473851266-2326088663-4233973066-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3473851266-2326088663-4233973066-503 - Limited - Disabled)
Gast (S-1-5-21-3473851266-2326088663-4233973066-501 - Limited - Disabled)
Pascal Weger (S-1-5-21-3473851266-2326088663-4233973066-1002 - Administrator - Enabled) => C:\Users\Pascal Weger

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Panda Antivirus Pro 2016 (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Antivirus Pro 2016 (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Enabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Anno 2070 (HKLM-x32\...\Uplay Install 22) (Version:  - Ubisoft)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 508.38282512.38273632.38282520 - Audible, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
Catalyst Control Center Next Localization BR (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Curse Client (HKU\S-1-5-21-3473851266-2326088663-4233973066-1002\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Far Cry Primal (HKLM-x32\...\Uplay Install 2010) (Version:  - Ubisoft)
Freedome (HKLM-x32\...\F-Secure Freedome) (Version: 1.3.2906.0 - F-Secure Corporation)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
LAV Filters 0.62.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.62.0 - Hendrik Leppkes)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO® Star Wars™: The Complete Saga (HKLM-x32\...\Steam App 32440) (Version:  - Traveller's Tales)
Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 45.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 de)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
Never Alone (Kisima Ingitchuna) (HKLM-x32\...\Steam App 295790) (Version:  - Upper One Games)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.9 - Black Tree Gaming)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Oceanhorn: Monster of Uncharted Seas (HKLM-x32\...\Steam App 339200) (Version:  - Cornfox &amp; Bros.)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 9.11.6.18139 - Electronic Arts, Inc.)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
Panda Antivirus Pro 2016 (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.1.0 - Panda Security)
Panda Antivirus Pro 2016 (Version: 8.20.00.0000 - Panda Security) Hidden
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.7 - Panda Security)
Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
Password Depot 8 - Panda Secure Vault Edition (HKLM-x32\...\{56EC7B3B-D127-48FC-8EC1-FE93FEA64828}_is1) (Version: 8.1.8 - AceBIT GmbH)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.316.1 - Tracker Software Products Ltd)
Simulationcraft(x64) version 6.2.3.01 (HKLM-x32\...\{AC025546-B7C5-45A7-B16A-80AE482CBB01}_is1) (Version: 6.2.3.01 - Simulationcraft)
Spotify (HKU\S-1-5-21-3473851266-2326088663-4233973066-1002\...\Spotify) (Version: 1.0.24.104.g92a22684 - Spotify AB)
Stardew Valley (HKLM-x32\...\Steam App 413150) (Version:  - ConcernedApe)
Subnautica (HKLM\...\Steam App 264710) (Version:  - Unknown Worlds Entertainment)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1210 - SUPERAntiSpyware.com)
The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version:  - Telltale Games)
Trine 3: The Artifacts of Power (HKLM-x32\...\Steam App 319910) (Version:  - Frozenbyte)
Unravel™ (HKLM-x32\...\{5105E605-9EE7-4050-9CC0-005093BBF89A}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 17.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3473851266-2326088663-4233973066-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Pascal Weger\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {3A6081B1-39C8-40C3-8905-414562F61652} - System32\Tasks\TrackerAutoUpdate => E:\Programme\Tracker Software\Update\TrackerUpdate.exe [2016-01-18] (Tracker Software Products (Canada) Ltd.) <==== ACHTUNG
Task: {74167066-5E8D-48D3-875C-4AC4E75881E9} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-10] (Adobe Systems Incorporated)
Task: {9042417F-374F-48F7-9C55-DA605A7DE981} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
Task: {C03F9C99-CEAD-4D8D-9837-136C3B8FB176} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-07] (Advanced Micro Devices, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => E:\Programme\Tracker Software\Update\TrackerUpdate.exe <==== ACHTUNG

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-01 20:31 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-01 20:31 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-22 17:12 - 2016-01-22 17:13 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-01-04 20:15 - 2016-01-04 20:15 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-01 20:31 - 2016-02-23 09:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-12 23:18 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-12 23:18 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-27 21:37 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-27 21:37 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-12-15 18:17 - 2015-12-15 18:17 - 00618544 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2016-01-22 17:12 - 2016-01-22 17:13 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 17:12 - 2016-01-22 17:13 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 12:04 - 2015-07-10 12:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3473851266-2326088663-4233973066-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Pascal Weger\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1D23DCA4-210F-4343-8E7D-514B5BB81841}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{0A45F6D0-854C-48AF-8C8A-8A90A96CA6B3}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{730F2314-6D87-4BC1-A9D0-3EA983754EF3}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{05AE7C6D-23F8-4BA3-A113-434122EEF12D}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [UDP Query User{06BA525F-0B3A-4737-AFDB-C186E01CDC1B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{BE5EB719-53FE-4E41-BF9A-31DA627395CE}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{7D2F0842-8C5B-45F8-940F-F41E4A0E0541}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{95CABAB1-1F77-461E-B559-70812101C1C7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E836C842-4C3C-4AED-9B75-49E38E896C27}] => (Allow) E:\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{8F1ACB0C-55BA-42D0-A68A-18992BCEE672}] => (Allow) E:\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{A9EFF17D-652E-4710-BCC6-4C7731FE9578}] => (Allow) E:\Steam\steamapps\common\Final Dusk\Final Dusk.exe
FirewallRules: [{CBECCBF3-AEDB-4F36-A0AC-D9782D38AC71}] => (Allow) E:\Steam\steamapps\common\Final Dusk\Final Dusk.exe
FirewallRules: [{259CF16A-823A-4735-8D3A-24F4C4786B1E}] => (Allow) E:\Steam\steamapps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{81D70C42-7245-412F-B954-F7B03BD43E0A}] => (Allow) E:\Steam\steamapps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{7B470F4A-6214-4BF2-B08A-C2AAD0C79A88}] => (Allow) E:\Steam\steamapps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [{C8F54226-1F17-4966-A6B2-DF17CE58E3A4}] => (Allow) E:\Steam\steamapps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [{4CE61C46-EBB6-42DD-8179-C26BE2F8F919}] => (Allow) E:\Steam\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{C442BA4F-15FA-49AA-9AE7-663945C2836A}] => (Allow) E:\Steam\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{104DA83C-95C0-4F33-8F98-DAE9147D4A32}] => (Allow) E:\Steam\steamapps\common\Turmoil\Turmoil_PC_Full.exe
FirewallRules: [{F013BEFD-C954-419E-8271-4347C85A0EF5}] => (Allow) E:\Steam\steamapps\common\Turmoil\Turmoil_PC_Full.exe
FirewallRules: [{97A02347-11A1-457E-9D5A-AC1384D1D432}] => (Allow) E:\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe
FirewallRules: [{5D1C1E92-CE46-484A-AEBB-E93C8651925F}] => (Allow) E:\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe
FirewallRules: [{20E72504-A15A-48A5-B46C-AD899140D5BA}] => (Allow) E:\Steam\steamapps\common\One Way Heroics\Game.exe
FirewallRules: [{AAD7FA62-49BF-4B47-B8CD-280C0667E551}] => (Allow) E:\Steam\steamapps\common\One Way Heroics\Game.exe
FirewallRules: [{D3008802-0B10-4BCD-9455-6018ED768756}] => (Allow) E:\Steam\steamapps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{0A42DAF8-3119-4797-940D-EA13EEC24714}] => (Allow) E:\Steam\steamapps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{1451FF4A-439F-4F9E-B946-359EDF8AC093}] => (Allow) E:\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{B22F224D-2C4B-45B1-B263-B777FD12FBF7}] => (Allow) E:\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{9ADB5C0F-7FA4-4970-A3F3-7FD0F243162A}] => (Allow) E:\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{2E9011ED-9BB0-4CE4-A7EB-23983E00DF4E}] => (Allow) E:\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{F59C655D-2A43-468D-A418-B601469178F0}] => (Allow) E:\Steam\steamapps\common\Mitsurugi Kamui Hikae\mitsurugi.exe
FirewallRules: [{F2DDC091-2C74-49BF-958C-445D784DE113}] => (Allow) E:\Steam\steamapps\common\Mitsurugi Kamui Hikae\mitsurugi.exe
FirewallRules: [{B8A6EDE6-9552-48F3-9788-33BCCB78468E}] => (Allow) E:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{2A6C7D4A-BCD6-4C7A-A4A6-42ABDD442ACE}] => (Allow) E:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{6B97D6E9-60F8-4E45-BFE3-A67AE35288D5}] => (Allow) E:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{28CB9F4C-1EA3-4B13-9D38-6C5648DF0348}] => (Allow) E:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{CEEA72ED-23D7-44A8-88A3-719056E16D49}] => (Allow) E:\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{B8A20CA5-2D6F-4E4C-AB7A-6DC45C0A0C1A}] => (Allow) E:\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{500A6B8C-08F6-4332-BAE7-01450B1AADA5}] => (Allow) E:\Steam\steamapps\common\The Silent Age\TheSilentAge.exe
FirewallRules: [{FD00DF9F-DE59-4E15-8CCD-829CAFF64941}] => (Allow) E:\Steam\steamapps\common\The Silent Age\TheSilentAge.exe
FirewallRules: [{5BA0593B-866B-4F11-AE6B-456EC652CD33}] => (Allow) E:\Steam\steamapps\common\vanguard-princess\vanpri.exe
FirewallRules: [{E4E91C77-E2BB-41C1-A0A5-32D87947FF0B}] => (Allow) E:\Steam\steamapps\common\vanguard-princess\vanpri.exe
FirewallRules: [{3415708E-8AE6-43FA-B208-C2CC2AE28373}] => (Allow) E:\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{B09FE2C5-506B-4F6A-BD87-4C6C72839883}] => (Allow) E:\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{0FF79D20-776D-47C3-A54E-8CEAEB43DD3F}] => (Allow) E:\Steam\steamapps\common\Dropsy\Dropsy.exe
FirewallRules: [{821F0FAB-24F8-4AA2-8922-D79F865DFEFF}] => (Allow) E:\Steam\steamapps\common\Dropsy\Dropsy.exe
FirewallRules: [{F96C09CC-7675-436D-A682-E9895857813E}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BEE673A0-575E-47CF-9D67-47DF0E4FD72D}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2F386593-D9C4-4DB1-9F48-D052D532E3D5}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{FCB551E2-0091-41B8-AAC9-66EB87F512BD}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{0759729A-BEC6-47A8-9DAD-AF7FD5CEC009}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{3E1BA211-D348-4F9D-951B-4007F6E8DBC1}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{9D96858C-370F-4A65-ACA4-0793E7CF5B51}] => (Allow) E:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{D86BCDAC-C767-428B-92F9-4EE8AA1E6AF3}] => (Allow) E:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{3B4EDD5F-A9A5-418C-B16D-25481A5218E1}] => (Allow) E:\Steam\steamapps\common\Trine 3\trine3_launcher.exe
FirewallRules: [{F4B5A4C8-0CB4-47D1-8B7A-92ED53F5DF28}] => (Allow) E:\Steam\steamapps\common\Trine 3\trine3_launcher.exe
FirewallRules: [{FF657DEB-64DC-465F-A40D-60D774214A54}] => (Allow) E:\Steam\steamapps\common\NeverAlone\Never_Alone.exe
FirewallRules: [{9444FBF4-3A54-4538-8D34-E8D716502FE6}] => (Allow) E:\Steam\steamapps\common\NeverAlone\Never_Alone.exe
FirewallRules: [{EEEBC949-BC19-4314-A5C0-9BFDA7525CB3}] => (Allow) E:\Steam\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{FB65DEC6-8842-4AB0-8318-74BE4FD94087}] => (Allow) E:\Steam\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{A4F03835-6036-4A99-9AAD-3976D70AAC55}] => (Allow) E:\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{C1840FFF-AD02-452E-9167-7C1442D19CC4}] => (Allow) E:\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{65213DD5-6A46-4890-AC6C-8C565A490173}] => (Allow) E:\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{54F971E0-0D6D-4932-8194-EACF6E86301A}] => (Allow) E:\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{083B5F5F-1493-465B-9701-6E35F4272FA7}] => (Allow) E:\Programme\Ubisoft Game Launcher\games\Far Cry Primal\bin\FCPrimal.exe
FirewallRules: [{625257C8-9BBF-4961-BC62-1603CFBDC22A}] => (Allow) E:\Steam\steamapps\common\Party Hard\PartyHardGame.exe
FirewallRules: [{640CD889-F506-4BF6-986B-E12D16554FA0}] => (Allow) E:\Steam\steamapps\common\Party Hard\PartyHardGame.exe
FirewallRules: [{067BFAAF-ED2C-452F-9EBA-10092ADF7FFC}] => (Allow) E:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{FA8F636A-315C-4A88-BCFD-13F75F15DAC0}] => (Allow) E:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{5B7EC102-D29F-4EAE-B8FE-8EFE61420CFE}] => (Allow) E:\Steam\steamapps\common\Lego Star Wars Saga\LEGOStarWarsSaga.exe
FirewallRules: [{7921EC11-D795-44C1-AE0E-D191675145D8}] => (Allow) E:\Steam\steamapps\common\Lego Star Wars Saga\LEGOStarWarsSaga.exe
FirewallRules: [{6A9A6755-2795-461A-B59C-EA6DAD8D20C1}] => (Allow) E:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{3C5EF787-814E-4CEA-9C08-30306D402A99}] => (Allow) E:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{A945C110-76A8-49C8-AEB6-18C28A378A66}] => (Allow) E:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{469C0C70-EF4F-417A-A254-794A2D6FEF86}] => (Allow) E:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{61BE62EF-8ED1-476C-8CA4-9E382527031F}] => (Allow) E:\Steam\steamapps\common\Oceanhorn\Oceanhorn.exe
FirewallRules: [{E18EB7D8-9389-47B8-BB01-A3EF90A0A062}] => (Allow) E:\Steam\steamapps\common\Oceanhorn\Oceanhorn.exe
FirewallRules: [{D3514AB1-2AC9-4FCB-86F7-5CF7A136D868}] => (Allow) E:\Programme\Ubisoft Game Launcher\games\Anno 2070\Anno5.exe
FirewallRules: [{14270896-74BC-4F57-86A3-3A01CAD6BE19}] => (Allow) E:\Programme\Ubisoft Game Launcher\games\Anno 2070\Anno5.exe
FirewallRules: [{ED43D778-26A5-4D12-9D9D-D74F4C1CC2F7}] => (Allow) E:\Steam\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{2413CBEF-EC1F-4072-81DE-E4A8EB2F7E44}] => (Allow) E:\Steam\steamapps\common\Subnautica\Subnautica.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/20/2016 12:22:56 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (03/18/2016 10:31:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 45.0.0.5906 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 6f0

Startzeit: 01d1815d56f69ec0

Beendigungszeit: 46

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: b80e2815-ed50-11e5-9be6-600292b321ab

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (03/18/2016 10:31:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 45.0.0.5906, Zeitstempel: 0x56d8d4e9
Name des fehlerhaften Moduls: mozglue.dll, Version: 45.0.0.5906, Zeitstempel: 0x56d8c7fb
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ec50
ID des fehlerhaften Prozesses: 0x1f78
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (03/18/2016 06:18:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (03/17/2016 03:46:49 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (03/17/2016 01:55:00 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: Der Sicherungsspeicherort ist ungültig. Ein in die Sicherung einbezogenes Volume kann nicht als Speicherort verwendet werden. (0x80780040).

Error: (03/17/2016 01:54:58 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/17/2016 01:54:55 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/17/2016 01:54:33 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/17/2016 01:54:29 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.


Systemfehler:
=============
Error: (03/20/2016 12:23:10 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "HOME",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{2FC182B6-9684-482A-803A-DCFCA6885BF6}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/20/2016 12:19:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_5229be7" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/20/2016 12:19:34 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/19/2016 08:04:13 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "HOME",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{2FC182B6-9684-482A-803A-DCFCA6885BF6}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/19/2016 01:01:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_2e4a3d7" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/19/2016 01:01:01 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/18/2016 11:00:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/18/2016 11:00:22 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\PASCAL~1\AppData\Local\Temp\ehdrv.sys

Error: (03/18/2016 11:00:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/18/2016 11:00:21 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\PASCAL~1\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2016-03-13 03:25:28.394
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-12 17:02:59.181
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-11 03:23:21.785
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-09 15:23:23.076
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-02 02:17:48.080
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-10 17:17:45.855
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-10 16:51:42.370
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-10 16:47:10.002
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-28 03:19:24.617
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-21 02:11:40.952
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10240.16384_none_ae8b861a138d2840\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 19%
Installierter physikalischer RAM: 8130.39 MB
Verfügbarer physikalischer RAM: 6560.07 MB
Summe virtueller Speicher: 9410.39 MB
Verfügbarer virtueller Speicher: 7808 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.35 GB) (Free:81.16 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive e: (Volume) (Fixed) (Total:931.39 GB) (Free:420.75 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 95A49282)
Partition 1: (Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

==================== Ende von Addition.txt ============================

M-K-D-B · 20.03.2016, 10:47

Servus,

wir entfernen die letzten Reste und kontrollieren nochmal alles.

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
Task: {3A6081B1-39C8-40C3-8905-414562F61652} - System32\Tasks\TrackerAutoUpdate => E:\Programme\Tracker Software\Update\TrackerUpdate.exe [2016-01-18] (Tracker Software Products (Canada) Ltd.) <==== ACHTUNG
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => E:\Programme\Tracker Software\Update\TrackerUpdate.exe <==== ACHTUNG
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
Bitte setze deine Brower wie folgt zurück:
IE :::
Setze folgendermassen den Internet Explorer zurück:

Öffne den Internet Explorer und gehe zu Extras -> Internetoptionen.
Klicke in der Registerkarte Erweitert unter "Internet Explorer-Einstellungen zurücksetzen" auf Zurücksetzen...
Klicke im Dialogfeld "Internet Explorer-Einstellungen zurücksetzen" zum Bestätigen auf Zurücksetzen.

(Hier findest du die bebilderte Anleitung.)

FF :::
setze bitte Firefox wie folgt zurück:
Firefox zurücksetzen

CHR:::
Setze Google Chrome nach dieser Anleitung zurück.

Schritt 3

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 4
Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

Schritt 5

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von ESET,
die Logdatei von SecurityCheck,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

NBX · 20.03.2016, 14:59

Grüße und einen schönen Sonntag!
Habe die Schritte soweit durchgefüht, das mit Chrome übersprungen da ich den Browser nicht habe. Soweit scheint es zu passen. Anbei die Logs.

FRST-Fix

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Pascal Weger (2016-03-20 13:17:27) Run:1
Gestartet von C:\Users\Pascal Weger\Desktop
Geladene Profile: Pascal Weger (Verfügbare Profile: Pascal Weger)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
Task: {3A6081B1-39C8-40C3-8905-414562F61652} - System32\Tasks\TrackerAutoUpdate => E:\Programme\Tracker Software\Update\TrackerUpdate.exe [2016-01-18] (Tracker Software Products (Canada) Ltd.) <==== ACHTUNG
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => E:\Programme\Tracker Software\Update\TrackerUpdate.exe <==== ACHTUNG
EmptyTemp:
end
         
*****************

Prozess erfolgreich geschlossen.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3A6081B1-39C8-40C3-8905-414562F61652}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3A6081B1-39C8-40C3-8905-414562F61652}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\TrackerAutoUpdate => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TrackerAutoUpdate" => Schlüssel erfolgreich entfernt
C:\WINDOWS\Tasks\TrackerAutoUpdate.job => erfolgreich verschoben
EmptyTemp: => 753.5 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 13:17:38 ====

ESET

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=64955c837874164eae518c52835fe73b
# end=init
# utc_time=2016-03-11 01:05:44
# local_time=2016-03-11 02:05:44 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 28524
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=64955c837874164eae518c52835fe73b
# end=updated
# utc_time=2016-03-11 01:09:50
# local_time=2016-03-11 02:09:50 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=64955c837874164eae518c52835fe73b
# engine=28524
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-03-11 02:16:08
# local_time=2016-03-11 03:16:08 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Panda Antivirus Pro 2016'
# compatibility_mode=1562 16777213 85 100 5742235 225706388 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 11432456 11476711 0 0
# scanned=435711
# found=0
# cleaned=0
# scan_time=3977
Update Init
Update Download
Update Finalize
Updated modules version: 28650
Update Init
Update Download
Update Finalize
Updated modules version: 28650
Update Init
Update Download
Update Finalize
Updated modules version: 28665

SecurityCheck

Code:

ATTFilter

 Results of screen317's Security Check version 1.009  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Panda Antivirus Pro 2016   
Windows Defender           
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Panda Cloud Cleaner   
 Adobe Flash Player 	21.0.0.182  
 Mozilla Firefox (45.0.1) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

Und noch die beiden letzten Logs. Danke!

FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Pascal Weger (Administrator) auf DESKTOP-MKUL2BH (20-03-2016 14:53:26)
Gestartet von C:\Users\Pascal Weger\Desktop
Geladene Profile: Pascal Weger (Verfügbare Profile: Pascal Weger)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\FreedomeService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Spotify Ltd) C:\Users\Pascal Weger\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\Freedome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-20] (Logitech Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [5006024 2016-03-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [99064 2015-12-07] (Panda Security, S.L.)
HKLM-x32\...\Run: [FreedomeAutoStart] => C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\Freedome.exe [5397976 2016-03-07] (F-Secure Corporation)
HKU\S-1-5-21-3473851266-2326088663-4233973066-1002\...\Run: [Spotify Web Helper] => C:\Users\Pascal Weger\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524848 2016-03-04] (Spotify Ltd)
HKU\S-1-5-21-3473851266-2326088663-4233973066-1002\...\RunOnce: [Uninstall C:\Users\Pascal Weger\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Pascal Weger\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-3473851266-2326088663-4233973066-1002\...\RunOnce: [Uninstall C:\Users\Pascal Weger\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Pascal Weger\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1"

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2fc182b6-9684-482a-803a-dcfca6885bf6}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================

FireFox:
========
FF ProfilePath: C:\Users\Pascal Weger\AppData\Roaming\Mozilla\Firefox\Profiles\7n1fpa1k.default-1458476579667
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-10] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> E:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> E:\Programme\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-10] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> E:\Programme\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Pascal Weger\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> E:\Programme\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3473851266-2326088663-4233973066-1002: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> E:\Programme\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-19] [ist nicht signiert]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 Freedome Service; C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\FreedomeService.exe [434648 2016-03-07] (F-Secure Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-11-20] (Logitech Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-12-07] (Panda Security, S.L.)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.)
S3 Origin Client Service; E:\Origin\OriginClientService.exe [2104840 2016-03-03] (Electronic Arts)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73176 2016-02-22] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-12-07] (Panda Security, S.L.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [23240 2016-02-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102400 2016-02-23] (Advanced Micro Devices)
R3 fsfreedometap; C:\Windows\System32\drivers\fsfreedometap.sys [34344 2016-02-05] (The OpenVPN Project)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2016-01-04] (Intel Corporation)
R1 NNSALPC; C:\Windows\system32\DRIVERS\NNSALPC.sys [103856 2015-12-10] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\system32\DRIVERS\NNSHTTP.sys [210864 2015-12-10] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\system32\DRIVERS\NNSHTTPS.sys [120240 2015-12-10] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\system32\DRIVERS\NNSIDS.sys [120240 2015-12-10] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\system32\DRIVERS\NNSPICC.sys [112560 2015-12-10] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\system32\DRIVERS\NNSPIHSW.sys [87984 2015-12-10] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\system32\DRIVERS\NNSPOP3.sys [133552 2015-12-10] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\system32\DRIVERS\NNSPROT.sys [309680 2015-12-10] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\system32\DRIVERS\NNSPRV.sys [179632 2015-12-10] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\system32\DRIVERS\NNSSMTP.sys [122800 2015-12-10] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\system32\DRIVERS\NNSSTRM.sys [267184 2015-12-10] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\system32\DRIVERS\NNSTLSC.sys [115632 2015-12-10] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [173488 2015-12-10] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [129456 2015-12-10] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\system32\DRIVERS\PSINKNC.sys [207280 2015-12-10] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [133552 2015-12-10] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [146352 2015-12-10] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [117168 2015-12-10] (Panda Security, S.L.)
U3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-20 14:53 - 2016-03-20 14:53 - 00012260 _____ C:\Users\Pascal Weger\Desktop\FRST.txt
2016-03-20 14:52 - 2016-03-20 14:52 - 00000728 _____ C:\Users\Pascal Weger\Desktop\checkup.txt
2016-03-20 14:51 - 2016-03-20 14:52 - 00852720 _____ C:\Users\Pascal Weger\Desktop\SecurityCheck.exe
2016-03-20 13:23 - 2016-03-20 14:53 - 00000000 ____D C:\Users\Pascal Weger\Desktop\Alte Firefox-Daten
2016-03-20 13:17 - 2016-03-20 13:17 - 00001499 _____ C:\Users\Pascal Weger\Desktop\Fixlog.txt
2016-03-20 00:35 - 2016-03-20 00:35 - 00000868 _____ C:\Users\Pascal Weger\Desktop\JRT.txt
2016-03-20 00:34 - 2016-03-20 00:35 - 01610352 _____ (Malwarebytes) C:\Users\Pascal Weger\Desktop\JRT.exe
2016-03-20 00:33 - 2016-03-20 00:33 - 00001200 _____ C:\Users\Pascal Weger\Desktop\mbam.txt
2016-03-20 00:22 - 2016-03-20 00:23 - 01527296 _____ C:\Users\Pascal Weger\Desktop\AdwCleaner_5.102(1).exe
2016-03-19 18:26 - 2016-03-20 00:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-18 23:07 - 2016-03-18 23:07 - 00000490 _____ C:\TDSSKiller.3.1.0.9_18.03.2016_23.07.11_log.txt
2016-03-18 23:06 - 2016-03-18 23:06 - 00000490 _____ C:\TDSSKiller.3.1.0.9_18.03.2016_23.06.40_log.txt
2016-03-18 21:38 - 2016-03-18 21:40 - 00080440 _____ C:\TDSSKiller.3.1.0.9_18.03.2016_21.38.57_log.txt
2016-03-18 21:37 - 2016-03-20 14:53 - 00000000 ____D C:\FRST
2016-03-18 21:37 - 2016-03-18 21:37 - 00081659 _____ C:\Users\Pascal Weger\Downloads\FRST.txt
2016-03-18 21:37 - 2016-03-18 21:37 - 00043290 _____ C:\Users\Pascal Weger\Downloads\Addition.txt
2016-03-18 21:36 - 2016-03-18 21:36 - 02374144 _____ (Farbar) C:\Users\Pascal Weger\Desktop\FRST64.exe
2016-03-18 20:16 - 2016-03-18 20:16 - 01527296 _____ C:\Users\Pascal Weger\Downloads\adwcleaner_5.102.exe
2016-03-17 11:46 - 2016-03-17 11:46 - 00032587 _____ C:\Users\Pascal Weger\Downloads\tarifeat-kuendigung-a1-17-3-2016.pdf
2016-03-16 02:53 - 2016-03-16 02:53 - 00000202 _____ C:\Users\Pascal Weger\Desktop\Subnautica.url
2016-03-15 15:58 - 2016-03-15 16:03 - 301869848 _____ C:\Users\Pascal Weger\Downloads\More Music V5-85-5.zip
2016-03-14 03:37 - 2016-03-14 03:37 - 00000202 _____ C:\Users\Pascal Weger\Desktop\Stardew Valley.url
2016-03-13 14:09 - 2016-03-13 14:05 - 00295976 _____ C:\Users\Pascal Weger\Desktop\Stardew Valley - The Spreadsheet_update4.xlsx
2016-03-13 14:04 - 2016-03-13 14:05 - 00295976 _____ C:\Users\Pascal Weger\Downloads\Stardew Valley - The Spreadsheet_update4.xlsx
2016-03-12 17:08 - 2016-03-12 17:08 - 08110628 _____ C:\Users\Pascal Weger\Downloads\dict-de_at-frami_2015-12-28.oxt
2016-03-12 15:05 - 2016-03-12 15:05 - 00000000 ____D C:\Users\Pascal Weger\AppData\Roaming\Ubisoft
2016-03-12 15:02 - 2016-03-12 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2016-03-12 15:02 - 2016-03-12 15:02 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-03-12 15:02 - 2016-02-16 00:27 - 00125720 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-03-12 15:02 - 2016-02-16 00:26 - 00126232 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-03-12 15:02 - 2016-02-16 00:25 - 00045848 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-03-12 15:02 - 2016-02-16 00:25 - 00042264 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-03-12 15:02 - 2015-06-16 15:41 - 00062080 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2016-03-12 15:00 - 2016-03-12 15:00 - 00000000 ____D C:\Program Files (x86)\AMD
2016-03-11 13:35 - 2016-03-11 13:35 - 00001564 _____ C:\Users\Pascal Weger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OnlineScannerApp.lnk
2016-03-11 02:05 - 2016-03-11 02:05 - 00000000 ____D C:\Program Files (x86)\ESET
2016-03-10 23:05 - 2016-03-10 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2016-03-10 23:03 - 2016-03-10 23:04 - 17765360 _____ (Tracker Software Products Ltd ) C:\Users\Pascal Weger\Downloads\PDFXVwer3161.exe
2016-03-10 23:02 - 2016-03-10 23:02 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2016-03-10 20:17 - 2016-03-10 20:17 - 00001960 _____ C:\Users\Pascal Weger\Documents\panda.txt
2016-03-10 16:52 - 2016-03-10 16:52 - 284640110 _____ C:\Users\Pascal Weger\Downloads\More-Music-Modv1(1).zip
2016-03-10 16:45 - 2016-03-10 16:45 - 00001604 _____ C:\Users\Pascal Weger\Downloads\Fish(2).xnb
2016-03-10 16:44 - 2016-03-10 16:45 - 00001604 _____ C:\Users\Pascal Weger\Downloads\Fish(1).xnb
2016-03-10 15:10 - 2016-03-10 15:10 - 00001799 _____ C:\Users\Pascal Weger\Desktop\Audible.lnk
2016-03-10 14:59 - 2016-03-20 13:14 - 00000000 ___RD C:\Users\Pascal Weger\Desktop\Neuer Ordner
2016-03-10 14:58 - 2016-03-10 14:58 - 00001359 _____ C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2016-03-09 16:34 - 2016-03-18 16:02 - 00000000 ____D C:\Users\Pascal Weger\AppData\Roaming\StardewValley
2016-03-09 15:16 - 2016-03-01 06:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-09 15:16 - 2016-03-01 06:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-09 15:16 - 2016-02-24 10:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-03-09 15:16 - 2016-02-24 10:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 15:16 - 2016-02-24 10:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-09 15:16 - 2016-02-24 10:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 15:16 - 2016-02-24 10:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-09 15:16 - 2016-02-24 10:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-09 15:16 - 2016-02-24 10:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-09 15:16 - 2016-02-24 10:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-03-09 15:16 - 2016-02-24 09:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-09 15:16 - 2016-02-24 09:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-09 15:16 - 2016-02-24 09:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-09 15:16 - 2016-02-24 09:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-09 15:16 - 2016-02-24 09:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-09 15:16 - 2016-02-24 09:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-09 15:16 - 2016-02-24 09:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-03-09 15:16 - 2016-02-24 09:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-09 15:16 - 2016-02-24 09:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-09 15:16 - 2016-02-24 09:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-09 15:16 - 2016-02-24 09:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-09 15:16 - 2016-02-24 09:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-09 15:16 - 2016-02-24 09:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-03-09 15:16 - 2016-02-24 09:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-03-09 15:16 - 2016-02-24 09:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-09 15:16 - 2016-02-24 09:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-09 15:16 - 2016-02-24 09:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 15:16 - 2016-02-24 09:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-09 15:16 - 2016-02-24 09:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-09 15:16 - 2016-02-24 09:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-09 15:16 - 2016-02-24 09:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-09 15:16 - 2016-02-24 08:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-03-09 15:16 - 2016-02-24 08:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-09 15:16 - 2016-02-24 08:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-09 15:16 - 2016-02-24 08:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-09 15:16 - 2016-02-24 08:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-09 15:16 - 2016-02-24 08:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-09 15:16 - 2016-02-24 08:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-09 15:16 - 2016-02-24 08:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-09 15:16 - 2016-02-24 08:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-03-09 15:16 - 2016-02-24 08:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-09 15:16 - 2016-02-24 08:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-09 15:16 - 2016-02-24 08:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-09 15:16 - 2016-02-24 08:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-09 15:16 - 2016-02-24 08:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-03-09 15:16 - 2016-02-24 08:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-09 15:16 - 2016-02-24 08:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-09 15:16 - 2016-02-24 08:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-09 15:16 - 2016-02-24 08:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-09 15:16 - 2016-02-24 08:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-09 15:16 - 2016-02-24 08:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-09 15:16 - 2016-02-24 08:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-03-09 15:16 - 2016-02-24 08:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 15:16 - 2016-02-24 08:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-09 15:16 - 2016-02-24 08:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-09 15:16 - 2016-02-24 08:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-09 15:16 - 2016-02-24 08:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-09 15:16 - 2016-02-24 08:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-09 15:16 - 2016-02-24 08:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-09 15:16 - 2016-02-24 08:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-09 15:16 - 2016-02-24 08:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-09 15:16 - 2016-02-24 08:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-09 15:16 - 2016-02-24 08:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-09 15:16 - 2016-02-24 08:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-09 15:16 - 2016-02-24 08:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-03-09 15:16 - 2016-02-24 08:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-09 15:16 - 2016-02-24 08:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-09 15:16 - 2016-02-24 08:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-09 15:16 - 2016-02-24 08:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-09 15:16 - 2016-02-24 08:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-09 15:16 - 2016-02-24 08:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-09 15:16 - 2016-02-24 07:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-09 15:16 - 2016-02-24 07:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-09 15:16 - 2016-02-24 07:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-09 15:16 - 2016-02-24 07:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-09 15:16 - 2016-02-24 07:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-09 15:16 - 2016-02-24 07:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-09 15:16 - 2016-02-24 07:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-03-09 15:16 - 2016-02-24 07:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-09 15:16 - 2016-02-24 07:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-09 15:16 - 2016-02-24 07:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 15:16 - 2016-02-24 07:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-09 15:16 - 2016-02-24 07:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-03-09 15:16 - 2016-02-24 07:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-03-09 15:16 - 2016-02-24 07:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-09 15:16 - 2016-02-24 07:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-09 15:16 - 2016-02-24 07:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-09 15:16 - 2016-02-24 07:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-09 15:16 - 2016-02-24 07:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-03-09 15:16 - 2016-02-24 07:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-03-09 15:16 - 2016-02-24 07:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-03-09 15:16 - 2016-02-24 07:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-09 15:16 - 2016-02-24 07:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-09 15:16 - 2016-02-24 07:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-03-09 15:16 - 2016-02-24 07:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-03-09 15:16 - 2016-02-24 07:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-09 15:16 - 2016-02-24 07:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-09 15:16 - 2016-02-24 07:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-09 15:16 - 2016-02-24 07:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-09 15:16 - 2016-02-24 07:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-09 15:16 - 2016-02-24 07:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-09 15:16 - 2016-02-24 07:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-09 15:16 - 2016-02-24 07:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-03-09 15:16 - 2016-02-24 07:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-03-09 15:16 - 2016-02-24 07:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 15:16 - 2016-02-24 07:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-09 15:16 - 2016-02-24 07:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-09 15:16 - 2016-02-24 07:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-03-09 15:16 - 2016-02-24 07:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-03-09 15:16 - 2016-02-24 07:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-03-09 15:16 - 2016-02-24 07:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-03-09 15:16 - 2016-02-24 07:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-03-09 15:16 - 2016-02-24 07:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-03-09 15:16 - 2016-02-24 07:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-03-09 15:16 - 2016-02-24 07:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 15:16 - 2016-02-24 07:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-03-09 15:16 - 2016-02-24 07:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-03-09 15:16 - 2016-02-24 07:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-09 15:16 - 2016-02-24 07:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-03-09 15:16 - 2016-02-24 07:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-09 15:16 - 2016-02-24 07:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-03-09 15:16 - 2016-02-24 07:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-03-09 15:16 - 2016-02-24 07:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-03-09 15:16 - 2016-02-24 07:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-09 15:16 - 2016-02-24 07:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-03-09 15:16 - 2016-02-24 07:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-09 15:16 - 2016-02-24 07:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-03-09 15:16 - 2016-02-24 07:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-03-09 15:16 - 2016-02-24 07:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-03-09 15:16 - 2016-02-24 07:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-09 15:16 - 2016-02-24 07:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-09 15:16 - 2016-02-24 07:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-03-09 15:16 - 2016-02-24 07:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-03-09 15:16 - 2016-02-24 07:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-09 15:16 - 2016-02-24 07:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-03-09 15:16 - 2016-02-24 07:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-09 15:16 - 2016-02-24 07:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 15:16 - 2016-02-24 07:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-03-09 15:16 - 2016-02-24 06:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-09 15:16 - 2016-02-24 06:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-09 15:16 - 2016-02-24 06:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-09 15:16 - 2016-02-24 06:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-09 15:16 - 2016-02-24 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-03-09 15:16 - 2016-02-24 06:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-09 15:16 - 2016-02-24 06:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-09 15:16 - 2016-02-24 06:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-09 15:16 - 2016-02-24 06:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 15:16 - 2016-02-24 06:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 15:16 - 2016-02-24 06:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 15:16 - 2016-02-24 06:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 15:16 - 2016-02-24 06:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 15:16 - 2016-02-24 05:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-09 15:16 - 2016-02-24 05:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-09 03:29 - 2016-03-09 03:29 - 00271766 _____ C:\Users\Pascal Weger\Downloads\Cursors.xnb
2016-03-09 03:21 - 2016-03-09 03:21 - 284640110 _____ C:\Users\Pascal Weger\Downloads\More-Music-Modv1.zip
2016-03-09 03:19 - 2016-03-15 16:01 - 00000000 ____D C:\Users\Pascal Weger\Documents\Stardew Valley alte Dateien
2016-03-08 21:32 - 2016-03-08 21:35 - 345750267 _____ C:\Users\Pascal Weger\Downloads\oceanhorn-pc-2016-january-01.zip
2016-03-08 21:17 - 2016-03-08 21:17 - 00001604 _____ C:\Users\Pascal Weger\Downloads\Fish.xnb
2016-03-08 00:30 - 2016-03-08 00:30 - 00458472 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-03-08 00:30 - 2016-03-08 00:30 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-03-08 00:30 - 2016-03-08 00:30 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-03-08 00:30 - 2016-03-08 00:30 - 00110880 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-03-08 00:30 - 2016-03-08 00:30 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-03-08 00:30 - 2016-03-08 00:30 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-03-08 00:30 - 2016-03-08 00:30 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-03-08 00:29 - 2016-03-08 00:29 - 00120656 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2016-03-08 00:29 - 2016-03-08 00:29 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-03-08 00:29 - 2016-03-08 00:29 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-03-08 00:28 - 2016-03-08 00:28 - 08843208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2016-03-08 00:26 - 2016-03-08 00:26 - 00296648 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdacpksd.sys
2016-03-08 00:17 - 2016-03-08 00:17 - 06956032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-03-08 00:14 - 2016-03-08 00:14 - 48212480 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2016-03-08 00:14 - 2016-03-08 00:14 - 00235008 _____ C:\WINDOWS\system32\clinfo.exe
2016-03-08 00:13 - 2016-03-08 00:13 - 40126464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2016-03-08 00:13 - 2016-03-08 00:13 - 05420032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-03-08 00:12 - 2016-03-08 00:12 - 00065024 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-03-08 00:12 - 2016-03-08 00:12 - 00059392 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-03-08 00:10 - 2016-03-08 00:10 - 26886656 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2016-03-08 00:10 - 2016-03-08 00:10 - 21730304 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2016-03-07 23:58 - 2016-03-07 23:58 - 06591488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2016-03-07 23:49 - 2016-03-07 23:49 - 00134656 _____ C:\WINDOWS\system32\amdhdl64.dll
2016-03-07 23:49 - 2016-03-07 23:49 - 00123392 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2016-03-07 23:48 - 2016-03-07 23:48 - 30377984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2016-03-07 23:48 - 2016-03-07 23:48 - 06883840 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2016-03-07 23:48 - 2016-03-07 23:48 - 00701440 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-03-07 23:48 - 2016-03-07 23:48 - 00580096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-03-07 23:48 - 2016-03-07 23:48 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2016-03-07 23:48 - 2016-03-07 23:48 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2016-03-07 23:46 - 2016-03-07 23:46 - 00865280 _____ (AMD) C:\WINDOWS\system32\coinst_16.15.dll
2016-03-07 23:45 - 2016-03-07 23:45 - 15711744 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2016-03-07 23:45 - 2016-03-07 23:45 - 00697320 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2016-03-07 23:45 - 2016-03-07 23:45 - 00697320 _____ C:\WINDOWS\system32\atiapfxx.blb
2016-03-07 23:45 - 2016-03-07 23:45 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-03-07 23:45 - 2016-03-07 23:45 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2016-03-07 23:45 - 2016-03-07 23:45 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2016-03-07 23:45 - 2016-03-07 23:45 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2016-03-07 23:45 - 2016-03-07 23:45 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2016-03-07 23:44 - 2016-03-07 23:44 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2016-03-07 23:44 - 2016-03-07 23:44 - 05396992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2016-03-07 23:44 - 2016-03-07 23:44 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2016-03-07 23:44 - 2016-03-07 23:44 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2016-03-07 23:42 - 2016-03-07 23:42 - 25069056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2016-03-07 23:42 - 2016-03-07 23:42 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2016-03-07 23:40 - 2016-03-07 23:40 - 00097280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2016-03-07 23:40 - 2016-03-07 23:40 - 00089600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-03-07 23:39 - 2016-03-07 23:39 - 08385024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2016-03-07 23:38 - 2016-03-07 23:38 - 00560128 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-03-07 23:38 - 2016-03-07 23:38 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-03-07 23:38 - 2016-03-07 23:38 - 00251392 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2016-03-07 23:38 - 2016-03-07 23:38 - 00224256 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-03-07 23:38 - 2016-03-07 23:38 - 00209920 _____ C:\WINDOWS\system32\GameManager64.dll
2016-03-07 23:38 - 2016-03-07 23:38 - 00204800 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-03-07 23:38 - 2016-03-07 23:38 - 00189952 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-03-07 23:38 - 2016-03-07 23:38 - 00162304 _____ C:\WINDOWS\system32\atieah64.exe
2016-03-07 23:38 - 2016-03-07 23:38 - 00145408 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-03-07 23:38 - 2016-03-07 23:38 - 00078336 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-03-07 23:37 - 2016-03-07 23:37 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2016-03-07 23:37 - 2016-03-07 23:37 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 01276416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00944640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00944640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00157696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00142336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00075776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2016-03-07 23:33 - 2016-03-07 23:33 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2016-03-07 23:32 - 2016-03-07 23:32 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2016-03-07 23:30 - 2016-03-07 23:30 - 00195072 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-03-07 23:30 - 2016-03-07 23:30 - 00174592 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-03-07 16:15 - 2016-03-07 17:46 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\Audible
2016-03-07 16:15 - 2016-03-07 16:15 - 00255352 _____ (Audible, Inc.) C:\WINDOWS\SysWOW64\awrdscdc.ax
2016-03-07 16:14 - 2016-03-07 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager
2016-03-07 16:14 - 2016-03-07 16:14 - 00000000 ____D C:\Users\Pascal Weger\Documents\Audible
2016-03-07 16:14 - 2003-03-18 21:20 - 01060864 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc71.dll
2016-03-07 16:14 - 2003-03-18 20:14 - 00499712 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2016-03-07 16:14 - 2003-02-21 04:42 - 00348160 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2016-03-07 16:14 - 2001-08-17 22:43 - 00024576 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2016-03-07 16:11 - 2016-03-07 16:12 - 01730272 _____ (Audible Inc.) C:\Users\Pascal Weger\Downloads\ActiveSetupN.exe
2016-03-07 16:11 - 2016-03-07 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freedome
2016-03-07 01:34 - 2016-03-20 00:24 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-07 01:25 - 2016-03-07 01:25 - 35816720 _____ (Panda Security ) C:\Users\Pascal Weger\Downloads\PandaCloudCleaner.exe
2016-03-04 03:48 - 2016-03-04 03:48 - 00000898 _____ C:\Users\Public\Desktop\Unravel™.lnk
2016-03-04 03:05 - 2016-03-17 21:14 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\Spotify
2016-03-04 03:05 - 2016-03-17 21:08 - 00000000 ____D C:\Users\Pascal Weger\AppData\Roaming\Spotify
2016-03-04 03:05 - 2016-03-04 03:05 - 00236248 _____ (Spotify Ltd) C:\Users\Pascal Weger\Downloads\SpotifySetup.exe
2016-03-04 03:05 - 2016-03-04 03:05 - 00001885 _____ C:\Users\Pascal Weger\Desktop\Spotify.lnk
2016-03-04 03:05 - 2016-03-04 03:05 - 00001871 _____ C:\Users\Pascal Weger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-03-03 23:59 - 2016-03-04 14:50 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\Origin
2016-03-03 23:59 - 2016-03-04 02:25 - 00000000 ____D C:\Users\Pascal Weger\AppData\Roaming\Origin
2016-03-03 23:58 - 2016-03-04 23:57 - 00000000 ____D C:\ProgramData\Origin
2016-03-03 23:58 - 2016-03-03 23:58 - 00000567 _____ C:\Users\Public\Desktop\Origin.lnk
2016-03-03 23:58 - 2016-03-03 23:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-03-03 23:58 - 2016-03-03 23:58 - 00000000 ____D C:\ProgramData\Electronic Arts
2016-03-03 23:56 - 2016-03-03 23:57 - 31334856 _____ (Electronic Arts, Inc.) C:\Users\Pascal Weger\Downloads\OriginThinSetup.exe
2016-03-02 13:52 - 2016-03-02 13:52 - 00006504 _____ C:\Users\Pascal Weger\AppData\Local\recently-used.xbel
2016-03-02 02:21 - 2016-03-02 02:21 - 00000000 ____D C:\Users\Pascal Weger\AppData\Roaming\OpenOffice
2016-03-01 20:31 - 2016-02-23 12:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-01 20:31 - 2016-02-23 12:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-01 20:31 - 2016-02-23 12:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-01 20:31 - 2016-02-23 12:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-01 20:31 - 2016-02-23 12:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-01 20:31 - 2016-02-23 12:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-01 20:31 - 2016-02-23 12:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-01 20:31 - 2016-02-23 12:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-01 20:31 - 2016-02-23 12:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-01 20:31 - 2016-02-23 12:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-01 20:31 - 2016-02-23 11:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-01 20:31 - 2016-02-23 11:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-01 20:31 - 2016-02-23 11:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-01 20:31 - 2016-02-23 11:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-01 20:31 - 2016-02-23 11:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-01 20:31 - 2016-02-23 11:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-01 20:31 - 2016-02-23 11:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-01 20:31 - 2016-02-23 11:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-01 20:31 - 2016-02-23 11:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-01 20:31 - 2016-02-23 11:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-01 20:31 - 2016-02-23 11:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-01 20:31 - 2016-02-23 11:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-01 20:31 - 2016-02-23 11:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-01 20:31 - 2016-02-23 11:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-01 20:31 - 2016-02-23 11:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-01 20:31 - 2016-02-23 11:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-01 20:31 - 2016-02-23 11:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-01 20:31 - 2016-02-23 11:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-01 20:31 - 2016-02-23 11:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-01 20:31 - 2016-02-23 10:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-01 20:31 - 2016-02-23 10:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-01 20:31 - 2016-02-23 10:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-01 20:31 - 2016-02-23 10:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-01 20:31 - 2016-02-23 10:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-01 20:31 - 2016-02-23 10:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-01 20:31 - 2016-02-23 10:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-01 20:31 - 2016-02-23 10:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-01 20:31 - 2016-02-23 10:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-01 20:31 - 2016-02-23 10:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-01 20:31 - 2016-02-23 10:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-01 20:31 - 2016-02-23 10:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-01 20:31 - 2016-02-23 10:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-01 20:31 - 2016-02-23 10:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-01 20:31 - 2016-02-23 10:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-01 20:31 - 2016-02-23 10:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-01 20:31 - 2016-02-23 10:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-01 20:31 - 2016-02-23 10:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-01 20:31 - 2016-02-23 10:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-01 20:31 - 2016-02-23 10:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-01 20:31 - 2016-02-23 10:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-01 20:31 - 2016-02-23 10:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-01 20:31 - 2016-02-23 10:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-01 20:31 - 2016-02-23 10:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-01 20:31 - 2016-02-23 10:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-01 20:31 - 2016-02-23 10:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-01 20:31 - 2016-02-23 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-01 20:31 - 2016-02-23 10:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-01 20:31 - 2016-02-23 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-01 20:31 - 2016-02-23 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-01 20:31 - 2016-02-23 09:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-01 20:31 - 2016-02-23 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-01 20:31 - 2016-02-23 09:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-01 20:31 - 2016-02-23 09:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-01 20:31 - 2016-02-23 09:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-01 20:31 - 2016-02-23 09:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-01 20:31 - 2016-02-23 09:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-01 20:31 - 2016-02-23 09:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-01 20:31 - 2016-02-23 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-01 20:31 - 2016-02-23 09:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-01 20:31 - 2016-02-23 09:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-01 20:31 - 2016-02-23 09:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-01 20:31 - 2016-02-23 09:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-01 20:31 - 2016-02-23 09:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-01 20:31 - 2016-02-23 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-01 20:31 - 2016-02-23 09:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-01 20:31 - 2016-02-23 09:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-01 20:31 - 2016-02-23 09:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-01 20:31 - 2016-02-23 09:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-01 20:31 - 2016-02-23 09:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-01 20:31 - 2016-02-23 09:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-01 20:31 - 2016-02-23 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-01 20:31 - 2016-02-23 09:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-01 20:31 - 2016-02-23 09:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-01 20:31 - 2016-02-23 09:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-01 20:31 - 2016-02-23 09:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-01 20:31 - 2016-02-23 09:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-01 20:31 - 2016-02-23 09:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-01 20:31 - 2016-02-23 09:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-01 20:31 - 2016-02-23 09:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-01 20:31 - 2016-02-23 09:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-01 20:31 - 2016-02-23 09:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-01 20:31 - 2016-02-23 09:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-01 20:31 - 2016-02-23 09:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-01 20:31 - 2016-02-23 09:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-01 20:31 - 2016-02-23 09:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-01 20:31 - 2016-02-23 09:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-01 20:31 - 2016-02-23 09:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-01 20:31 - 2016-02-23 09:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-01 20:31 - 2016-02-23 09:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-01 20:31 - 2016-02-23 09:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-01 20:31 - 2016-02-23 09:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-01 20:31 - 2016-02-23 09:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-01 20:31 - 2016-02-23 09:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-01 20:31 - 2016-02-23 09:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-01 20:31 - 2016-02-23 09:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-01 20:31 - 2016-02-23 09:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-01 20:31 - 2016-02-23 09:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-01 20:31 - 2016-02-23 09:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-01 20:31 - 2016-02-23 09:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-01 20:31 - 2016-02-23 09:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-01 20:31 - 2016-02-23 09:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-01 20:31 - 2016-02-23 09:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-01 20:31 - 2016-02-23 09:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-01 20:31 - 2016-02-23 09:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-01 20:31 - 2016-02-23 09:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-01 20:31 - 2016-02-23 08:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-01 20:31 - 2016-02-23 08:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-01 20:31 - 2016-02-23 08:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-01 20:31 - 2016-02-23 08:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-01 20:31 - 2016-02-23 08:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-01 20:31 - 2016-02-23 08:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-01 20:31 - 2016-02-23 08:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-01 20:31 - 2016-02-23 08:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-01 20:31 - 2016-02-23 08:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-01 20:31 - 2016-02-23 08:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-01 20:31 - 2016-02-23 08:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-01 20:31 - 2016-02-23 08:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-01 20:31 - 2016-02-23 08:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-01 20:31 - 2016-02-23 08:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-01 20:31 - 2016-02-23 08:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-01 20:31 - 2016-02-23 08:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-01 20:31 - 2016-02-23 08:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-01 20:31 - 2016-02-23 08:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-01 20:31 - 2016-02-23 08:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-01 20:31 - 2016-02-23 08:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-01 20:31 - 2016-02-23 08:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-01 20:31 - 2016-02-23 08:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-01 20:31 - 2016-02-23 08:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-01 20:31 - 2016-02-23 08:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-01 20:31 - 2016-02-23 08:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-01 20:31 - 2016-02-23 08:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-01 20:31 - 2016-02-23 08:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-01 20:31 - 2016-02-23 08:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-01 20:31 - 2016-02-23 08:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-01 20:31 - 2016-02-23 08:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-01 20:31 - 2016-02-23 08:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-01 20:31 - 2016-02-23 08:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-01 20:31 - 2016-02-23 08:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-01 20:31 - 2016-02-23 08:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-01 20:31 - 2016-02-23 08:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-01 20:31 - 2016-02-23 08:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-01 20:31 - 2016-02-23 07:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-01 20:31 - 2016-02-23 07:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-01 20:31 - 2016-02-23 07:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-01 20:31 - 2016-02-23 07:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-01 20:31 - 2016-02-23 07:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-01 20:31 - 2016-02-23 07:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-01 20:31 - 2016-02-23 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-01 20:31 - 2016-02-23 07:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-01 20:31 - 2016-02-23 07:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-01 20:31 - 2016-02-23 07:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-01 20:31 - 2016-02-23 07:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-01 20:31 - 2016-02-23 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-01 20:31 - 2016-02-23 07:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-01 20:31 - 2016-02-23 07:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-01 20:31 - 2016-02-23 07:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-01 20:31 - 2016-02-23 07:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-01 20:31 - 2016-02-23 07:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-01 20:31 - 2016-02-23 07:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-01 20:31 - 2016-02-23 07:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-01 20:31 - 2016-02-23 07:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-01 20:31 - 2016-02-09 05:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-01 20:31 - 2016-02-09 05:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-01 20:31 - 2016-02-09 04:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-01 20:31 - 2016-02-09 04:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-01 20:31 - 2016-02-09 04:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-01 20:31 - 2016-02-09 04:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-01 20:31 - 2016-02-09 04:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-01 20:31 - 2016-02-09 04:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-01 15:03 - 2016-03-01 15:03 - 11258944 _____ C:\Users\Pascal Weger\Downloads\FCPRI_Wallpaper.zip
2016-03-01 14:57 - 2016-03-01 14:57 - 00000000 ____D C:\ProgramData\dbdata
2016-02-28 01:23 - 2016-02-28 01:23 - 00000000 ____D C:\Users\Pascal Weger\AppData\LocalLow\E_Line Media
2016-02-28 01:23 - 2016-02-28 01:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters
2016-02-28 01:23 - 2016-02-28 01:23 - 00000000 ____D C:\Program Files (x86)\LAV Filters
2016-02-27 15:33 - 2016-02-27 15:33 - 00000216 _____ C:\Users\Pascal Weger\Desktop\Far Cry Primal.url
2016-02-26 22:00 - 2016-03-08 00:29 - 08585696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2016-02-26 22:00 - 2016-03-08 00:29 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2016-02-26 22:00 - 2016-02-26 22:00 - 08089248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET6CDD.tmp
2016-02-26 22:00 - 2016-02-26 22:00 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET79B6.tmp
2016-02-26 21:59 - 2016-03-08 00:29 - 07392480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2016-02-26 21:59 - 2016-02-26 21:59 - 09176928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET6C5E.tmp
2016-02-26 21:04 - 2016-03-07 23:38 - 00186368 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-02-26 21:04 - 2016-02-26 21:04 - 00186368 _____ C:\WINDOWS\SysWOW64\SET7256.tmp
2016-02-26 16:34 - 2016-03-02 13:53 - 00000000 ____D C:\Users\Pascal Weger\.gimp-2.8
2016-02-26 16:33 - 2016-02-26 16:33 - 00000939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-02-26 16:33 - 2016-02-26 16:33 - 00000927 _____ C:\Users\Public\Desktop\GIMP 2.lnk
2016-02-26 16:33 - 2016-02-26 16:33 - 00000000 ____D C:\Program Files\GIMP 2
2016-02-26 16:27 - 2016-02-26 16:32 - 96823808 _____ (The GIMP Team ) C:\Users\Pascal Weger\Downloads\gimp-2.8.16-setup-1.exe
2016-02-23 20:13 - 2016-02-23 20:13 - 13163744 _____ (Microsoft Corporation) C:\Users\Pascal Weger\Downloads\Silverlight_x64.exe
2016-02-23 20:13 - 2016-02-23 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-23 20:13 - 2016-02-23 20:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-23 20:13 - 2016-02-23 20:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-23 16:54 - 2016-02-23 16:54 - 00023240 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmafd.sys
2016-02-23 16:17 - 2016-02-23 16:17 - 00103424 _____ (Advanced Micro Devices) C:\WINDOWS\system32\DelayAPO.dll
2016-02-23 01:54 - 2016-02-23 01:54 - 00000214 _____ C:\Users\Pascal Weger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anno 2070.url
2016-02-23 01:47 - 2016-03-01 15:18 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\Ubisoft Game Launcher
2016-02-23 01:47 - 2016-02-23 01:47 - 00000773 _____ C:\Users\Pascal Weger\Desktop\Uplay.lnk
2016-02-23 01:47 - 2016-02-23 01:47 - 00000000 ____D C:\Users\Pascal Weger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-02-23 01:46 - 2016-02-23 01:46 - 65201568 _____ (Ubisoft) C:\Users\Pascal Weger\Downloads\UplayInstaller.exe
2016-02-19 15:28 - 2016-02-19 15:29 - 78876410 _____ C:\Users\Pascal Weger\Downloads\RimWorldAlpha12dWin.zip

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-20 14:07 - 2016-01-04 20:36 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-20 13:23 - 2016-01-04 15:13 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-20 13:23 - 2015-10-30 19:35 - 00775524 _____ C:\WINDOWS\system32\perfh007.dat
2016-03-20 13:23 - 2015-10-30 19:35 - 00155338 _____ C:\WINDOWS\system32\perfc007.dat
2016-03-20 13:23 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-20 13:18 - 2016-01-04 20:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-20 13:17 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-03-20 13:15 - 2016-01-20 17:02 - 00004186 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{12938A39-7D46-4B23-850C-FF77D0E5E002}
2016-03-20 02:22 - 2016-01-04 19:45 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\Battle.net
2016-03-20 01:22 - 2016-01-04 19:44 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-03-20 01:05 - 2016-01-27 15:35 - 00000778 _____ C:\Users\Pascal Weger\Desktop\League of Legends.lnk
2016-03-20 00:37 - 2016-01-05 01:08 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-20 00:19 - 2016-01-04 15:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-19 17:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-18 20:17 - 2016-01-04 15:26 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\VirtualStore
2016-03-18 16:00 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-17 14:36 - 2016-01-05 16:47 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\Deployment
2016-03-17 01:45 - 2016-01-18 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2016-03-12 15:02 - 2016-01-04 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-03-12 14:59 - 2016-01-04 20:18 - 00000000 ____D C:\Program Files\AMD
2016-03-12 14:57 - 2016-01-04 15:18 - 00000000 ____D C:\AMD
2016-03-11 03:22 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-10 23:02 - 2016-01-04 15:48 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-03-10 14:58 - 2016-02-18 02:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2016-03-10 14:58 - 2016-01-04 16:12 - 00000000 ____D C:\Program Files (x86)\Panda Security
2016-03-09 15:23 - 2016-01-04 20:17 - 00269360 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-09 15:22 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-09 15:22 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-09 15:22 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-09 15:22 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-09 15:20 - 2016-01-04 19:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-09 15:18 - 2016-01-04 19:47 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-09 03:44 - 2016-01-10 17:54 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-03-09 03:43 - 2016-01-05 22:48 - 00001160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2016-03-09 03:43 - 2016-01-05 22:48 - 00000000 ____D C:\Program Files\paint.net
2016-03-09 03:40 - 2016-01-04 19:16 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\AMD
2016-03-08 08:12 - 2015-10-30 08:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:12 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-08 00:29 - 2015-12-16 20:45 - 09526616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2016-03-08 00:29 - 2015-12-16 20:45 - 00152568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2016-03-08 00:29 - 2015-12-16 20:45 - 00133528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2016-03-08 00:29 - 2015-12-16 20:44 - 11623736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2016-03-08 00:29 - 2015-12-16 20:44 - 09581736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2016-03-08 00:29 - 2015-12-16 20:44 - 01514776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-03-08 00:29 - 2015-12-16 20:44 - 01243368 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-03-08 00:23 - 2015-12-16 20:31 - 26342400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2016-03-07 23:32 - 2015-12-16 20:31 - 00676352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2016-03-04 03:48 - 2016-01-04 15:19 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-04 02:46 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-03-02 13:53 - 2016-01-04 20:18 - 00000000 ____D C:\Users\Pascal Weger
2016-03-02 13:53 - 2016-01-04 15:28 - 00002408 _____ C:\Users\Pascal Weger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-02 13:53 - 2016-01-04 15:28 - 00000000 ___RD C:\Users\Pascal Weger\OneDrive
2016-03-02 13:52 - 2016-02-08 01:27 - 00000000 ____D C:\Users\Pascal Weger\AppData\Local\gtk-2.0
2016-03-02 02:17 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-02 02:17 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-02 02:17 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-02 02:17 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-02 02:17 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-02 02:17 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-02 02:17 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-02 02:17 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-02 02:17 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-01 14:58 - 2016-01-04 19:35 - 00000000 ____D C:\Users\Pascal Weger\Documents\my games
2016-02-26 22:00 - 2015-12-16 20:45 - 00152056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET72CE.tmp
2016-02-26 22:00 - 2015-12-16 20:45 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET79C8.tmp
2016-02-26 22:00 - 2015-12-16 20:44 - 13408208 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET6BB0.tmp
2016-02-26 22:00 - 2015-12-16 20:44 - 11108696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET6F28.tmp
2016-02-26 22:00 - 2015-12-16 20:44 - 01506000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET7301.tmp
2016-02-26 22:00 - 2015-12-16 20:44 - 01237200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SET73A1.tmp
2016-02-26 21:59 - 2015-12-16 20:45 - 09017808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET648D.tmp
2016-02-26 21:53 - 2015-12-16 20:31 - 23981568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\SET636F.tmp
2016-02-26 21:11 - 2015-12-16 20:41 - 00865280 _____ (AMD) C:\WINDOWS\system32\coinst_15.30.dll
2016-02-26 20:58 - 2015-12-16 20:31 - 00674816 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\SET72AC.tmp
2016-02-24 00:06 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-02-23 16:18 - 2015-09-18 01:38 - 00102400 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdWT6.sys

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-01-06 04:10 - 2016-01-10 23:07 - 0104257 _____ () C:\Users\Pascal Weger\AppData\Local\ars.cache
2016-01-06 04:10 - 2016-01-10 23:07 - 0339196 _____ () C:\Users\Pascal Weger\AppData\Local\census.cache
2016-01-06 03:59 - 2016-01-06 03:59 - 0000036 _____ () C:\Users\Pascal Weger\AppData\Local\housecall.guid.cache
2016-03-02 13:52 - 2016-03-02 13:52 - 0006504 _____ () C:\Users\Pascal Weger\AppData\Local\recently-used.xbel

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-03-12 21:08

==================== Ende von FRST.txt ============================

NBX · 20.03.2016, 16:12

Addition.txt

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Pascal Weger (2016-03-20 14:53:46)
Gestartet von C:\Users\Pascal Weger\Desktop
Windows 10 Pro Version 1511 (X64) (2016-01-04 19:21:45)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3473851266-2326088663-4233973066-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3473851266-2326088663-4233973066-503 - Limited - Disabled)
Gast (S-1-5-21-3473851266-2326088663-4233973066-501 - Limited - Disabled)
Pascal Weger (S-1-5-21-3473851266-2326088663-4233973066-1002 - Administrator - Enabled) => C:\Users\Pascal Weger

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Panda Antivirus Pro 2016 (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Antivirus Pro 2016 (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Enabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Anno 2070 (HKLM-x32\...\Uplay Install 22) (Version:  - Ubisoft)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 508.38282512.38273632.38282520 - Audible, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
Catalyst Control Center Next Localization BR (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0307.1802.32257 - Advanced Micro Devices, Inc.) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Curse Client (HKU\S-1-5-21-3473851266-2326088663-4233973066-1002\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Far Cry Primal (HKLM-x32\...\Uplay Install 2010) (Version:  - Ubisoft)
Freedome (HKLM-x32\...\F-Secure Freedome) (Version: 1.3.2906.0 - F-Secure Corporation)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
LAV Filters 0.62.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.62.0 - Hendrik Leppkes)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO® Star Wars™: The Complete Saga (HKLM-x32\...\Steam App 32440) (Version:  - Traveller's Tales)
Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 45.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 de)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
Never Alone (Kisima Ingitchuna) (HKLM-x32\...\Steam App 295790) (Version:  - Upper One Games)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.9 - Black Tree Gaming)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Oceanhorn: Monster of Uncharted Seas (HKLM-x32\...\Steam App 339200) (Version:  - Cornfox &amp; Bros.)
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - Robot Entertainment)
Origin (HKLM-x32\...\Origin) (Version: 9.11.6.18139 - Electronic Arts, Inc.)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
Panda Antivirus Pro 2016 (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.1.0 - Panda Security)
Panda Antivirus Pro 2016 (Version: 8.20.00.0000 - Panda Security) Hidden
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.7 - Panda Security)
Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
Password Depot 8 - Panda Secure Vault Edition (HKLM-x32\...\{56EC7B3B-D127-48FC-8EC1-FE93FEA64828}_is1) (Version: 8.1.8 - AceBIT GmbH)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.316.1 - Tracker Software Products Ltd)
Simulationcraft(x64) version 6.2.3.01 (HKLM-x32\...\{AC025546-B7C5-45A7-B16A-80AE482CBB01}_is1) (Version: 6.2.3.01 - Simulationcraft)
Spotify (HKU\S-1-5-21-3473851266-2326088663-4233973066-1002\...\Spotify) (Version: 1.0.24.104.g92a22684 - Spotify AB)
Stardew Valley (HKLM-x32\...\Steam App 413150) (Version:  - ConcernedApe)
Subnautica (HKLM\...\Steam App 264710) (Version:  - Unknown Worlds Entertainment)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1210 - SUPERAntiSpyware.com)
The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version:  - Telltale Games)
Trine 3: The Artifacts of Power (HKLM-x32\...\Steam App 319910) (Version:  - Frozenbyte)
Unravel™ (HKLM-x32\...\{5105E605-9EE7-4050-9CC0-005093BBF89A}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 17.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3473851266-2326088663-4233973066-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Pascal Weger\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {74167066-5E8D-48D3-875C-4AC4E75881E9} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-10] (Adobe Systems Incorporated)
Task: {9042417F-374F-48F7-9C55-DA605A7DE981} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
Task: {C03F9C99-CEAD-4D8D-9837-136C3B8FB176} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-07] (Advanced Micro Devices, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-01 20:31 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-01 20:31 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-22 17:12 - 2016-01-22 17:13 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-01-04 20:15 - 2016-01-04 20:15 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-01 20:31 - 2016-02-23 09:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-11-20 22:41 - 2015-11-20 22:41 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-11-20 22:41 - 2015-11-20 22:41 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-03-04 20:02 - 2016-03-04 20:02 - 00016384 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-03-04 20:02 - 2016-03-04 20:02 - 16062976 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-03-04 20:02 - 2016-03-04 20:02 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.302.8200.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-01-21 15:18 - 2016-01-21 15:19 - 03746816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
2016-01-04 15:59 - 2016-01-04 16:00 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-01-12 23:18 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-12 23:18 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-27 21:37 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-27 21:37 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-12-15 18:17 - 2015-12-15 18:17 - 00618544 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2016-01-22 17:12 - 2016-01-22 17:13 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 17:12 - 2016-01-22 17:13 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-03-07 16:11 - 2016-03-07 16:11 - 00698840 _____ () C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-03-07 16:11 - 2016-03-07 16:11 - 00034776 _____ () C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\QtWebKit\qmlwebkitplugin.dll
2016-03-07 16:11 - 2016-03-07 16:11 - 00019416 _____ () C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\libEGL.dll
2016-03-07 16:11 - 2016-03-07 16:11 - 01610712 _____ () C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\libGLESv2.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 12:04 - 2015-07-10 12:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3473851266-2326088663-4233973066-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Pascal Weger\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1D23DCA4-210F-4343-8E7D-514B5BB81841}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{0A45F6D0-854C-48AF-8C8A-8A90A96CA6B3}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{730F2314-6D87-4BC1-A9D0-3EA983754EF3}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{05AE7C6D-23F8-4BA3-A113-434122EEF12D}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [UDP Query User{06BA525F-0B3A-4737-AFDB-C186E01CDC1B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{BE5EB719-53FE-4E41-BF9A-31DA627395CE}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{7D2F0842-8C5B-45F8-940F-F41E4A0E0541}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{95CABAB1-1F77-461E-B559-70812101C1C7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E836C842-4C3C-4AED-9B75-49E38E896C27}] => (Allow) E:\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{8F1ACB0C-55BA-42D0-A68A-18992BCEE672}] => (Allow) E:\Steam\steamapps\common\CastleCrashers\castle.exe
FirewallRules: [{A9EFF17D-652E-4710-BCC6-4C7731FE9578}] => (Allow) E:\Steam\steamapps\common\Final Dusk\Final Dusk.exe
FirewallRules: [{CBECCBF3-AEDB-4F36-A0AC-D9782D38AC71}] => (Allow) E:\Steam\steamapps\common\Final Dusk\Final Dusk.exe
FirewallRules: [{259CF16A-823A-4735-8D3A-24F4C4786B1E}] => (Allow) E:\Steam\steamapps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{81D70C42-7245-412F-B954-F7B03BD43E0A}] => (Allow) E:\Steam\steamapps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{7B470F4A-6214-4BF2-B08A-C2AAD0C79A88}] => (Allow) E:\Steam\steamapps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [{C8F54226-1F17-4966-A6B2-DF17CE58E3A4}] => (Allow) E:\Steam\steamapps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [{4CE61C46-EBB6-42DD-8179-C26BE2F8F919}] => (Allow) E:\Steam\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{C442BA4F-15FA-49AA-9AE7-663945C2836A}] => (Allow) E:\Steam\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{104DA83C-95C0-4F33-8F98-DAE9147D4A32}] => (Allow) E:\Steam\steamapps\common\Turmoil\Turmoil_PC_Full.exe
FirewallRules: [{F013BEFD-C954-419E-8271-4347C85A0EF5}] => (Allow) E:\Steam\steamapps\common\Turmoil\Turmoil_PC_Full.exe
FirewallRules: [{97A02347-11A1-457E-9D5A-AC1384D1D432}] => (Allow) E:\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe
FirewallRules: [{5D1C1E92-CE46-484A-AEBB-E93C8651925F}] => (Allow) E:\Steam\steamapps\common\Universe Sandbox 2\Universe Sandbox x64.exe
FirewallRules: [{20E72504-A15A-48A5-B46C-AD899140D5BA}] => (Allow) E:\Steam\steamapps\common\One Way Heroics\Game.exe
FirewallRules: [{AAD7FA62-49BF-4B47-B8CD-280C0667E551}] => (Allow) E:\Steam\steamapps\common\One Way Heroics\Game.exe
FirewallRules: [{D3008802-0B10-4BCD-9455-6018ED768756}] => (Allow) E:\Steam\steamapps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{0A42DAF8-3119-4797-940D-EA13EEC24714}] => (Allow) E:\Steam\steamapps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{1451FF4A-439F-4F9E-B946-359EDF8AC093}] => (Allow) E:\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{B22F224D-2C4B-45B1-B263-B777FD12FBF7}] => (Allow) E:\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{9ADB5C0F-7FA4-4970-A3F3-7FD0F243162A}] => (Allow) E:\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{2E9011ED-9BB0-4CE4-A7EB-23983E00DF4E}] => (Allow) E:\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{F59C655D-2A43-468D-A418-B601469178F0}] => (Allow) E:\Steam\steamapps\common\Mitsurugi Kamui Hikae\mitsurugi.exe
FirewallRules: [{F2DDC091-2C74-49BF-958C-445D784DE113}] => (Allow) E:\Steam\steamapps\common\Mitsurugi Kamui Hikae\mitsurugi.exe
FirewallRules: [{B8A6EDE6-9552-48F3-9788-33BCCB78468E}] => (Allow) E:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{2A6C7D4A-BCD6-4C7A-A4A6-42ABDD442ACE}] => (Allow) E:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{6B97D6E9-60F8-4E45-BFE3-A67AE35288D5}] => (Allow) E:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{28CB9F4C-1EA3-4B13-9D38-6C5648DF0348}] => (Allow) E:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{CEEA72ED-23D7-44A8-88A3-719056E16D49}] => (Allow) E:\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{B8A20CA5-2D6F-4E4C-AB7A-6DC45C0A0C1A}] => (Allow) E:\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{500A6B8C-08F6-4332-BAE7-01450B1AADA5}] => (Allow) E:\Steam\steamapps\common\The Silent Age\TheSilentAge.exe
FirewallRules: [{FD00DF9F-DE59-4E15-8CCD-829CAFF64941}] => (Allow) E:\Steam\steamapps\common\The Silent Age\TheSilentAge.exe
FirewallRules: [{5BA0593B-866B-4F11-AE6B-456EC652CD33}] => (Allow) E:\Steam\steamapps\common\vanguard-princess\vanpri.exe
FirewallRules: [{E4E91C77-E2BB-41C1-A0A5-32D87947FF0B}] => (Allow) E:\Steam\steamapps\common\vanguard-princess\vanpri.exe
FirewallRules: [{3415708E-8AE6-43FA-B208-C2CC2AE28373}] => (Allow) E:\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{B09FE2C5-506B-4F6A-BD87-4C6C72839883}] => (Allow) E:\Steam\steamapps\common\Day of Defeat Source\hl2.exe
FirewallRules: [{0FF79D20-776D-47C3-A54E-8CEAEB43DD3F}] => (Allow) E:\Steam\steamapps\common\Dropsy\Dropsy.exe
FirewallRules: [{821F0FAB-24F8-4AA2-8922-D79F865DFEFF}] => (Allow) E:\Steam\steamapps\common\Dropsy\Dropsy.exe
FirewallRules: [{F96C09CC-7675-436D-A682-E9895857813E}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BEE673A0-575E-47CF-9D67-47DF0E4FD72D}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2F386593-D9C4-4DB1-9F48-D052D532E3D5}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{FCB551E2-0091-41B8-AAC9-66EB87F512BD}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{0759729A-BEC6-47A8-9DAD-AF7FD5CEC009}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{3E1BA211-D348-4F9D-951B-4007F6E8DBC1}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{9D96858C-370F-4A65-ACA4-0793E7CF5B51}] => (Allow) E:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{D86BCDAC-C767-428B-92F9-4EE8AA1E6AF3}] => (Allow) E:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{3B4EDD5F-A9A5-418C-B16D-25481A5218E1}] => (Allow) E:\Steam\steamapps\common\Trine 3\trine3_launcher.exe
FirewallRules: [{F4B5A4C8-0CB4-47D1-8B7A-92ED53F5DF28}] => (Allow) E:\Steam\steamapps\common\Trine 3\trine3_launcher.exe
FirewallRules: [{FF657DEB-64DC-465F-A40D-60D774214A54}] => (Allow) E:\Steam\steamapps\common\NeverAlone\Never_Alone.exe
FirewallRules: [{9444FBF4-3A54-4538-8D34-E8D716502FE6}] => (Allow) E:\Steam\steamapps\common\NeverAlone\Never_Alone.exe
FirewallRules: [{EEEBC949-BC19-4314-A5C0-9BFDA7525CB3}] => (Allow) E:\Steam\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{FB65DEC6-8842-4AB0-8318-74BE4FD94087}] => (Allow) E:\Steam\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{A4F03835-6036-4A99-9AAD-3976D70AAC55}] => (Allow) E:\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{C1840FFF-AD02-452E-9167-7C1442D19CC4}] => (Allow) E:\Steam\steamapps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{65213DD5-6A46-4890-AC6C-8C565A490173}] => (Allow) E:\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{54F971E0-0D6D-4932-8194-EACF6E86301A}] => (Allow) E:\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{083B5F5F-1493-465B-9701-6E35F4272FA7}] => (Allow) E:\Programme\Ubisoft Game Launcher\games\Far Cry Primal\bin\FCPrimal.exe
FirewallRules: [{625257C8-9BBF-4961-BC62-1603CFBDC22A}] => (Allow) E:\Steam\steamapps\common\Party Hard\PartyHardGame.exe
FirewallRules: [{640CD889-F506-4BF6-986B-E12D16554FA0}] => (Allow) E:\Steam\steamapps\common\Party Hard\PartyHardGame.exe
FirewallRules: [{067BFAAF-ED2C-452F-9EBA-10092ADF7FFC}] => (Allow) E:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{FA8F636A-315C-4A88-BCFD-13F75F15DAC0}] => (Allow) E:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{5B7EC102-D29F-4EAE-B8FE-8EFE61420CFE}] => (Allow) E:\Steam\steamapps\common\Lego Star Wars Saga\LEGOStarWarsSaga.exe
FirewallRules: [{7921EC11-D795-44C1-AE0E-D191675145D8}] => (Allow) E:\Steam\steamapps\common\Lego Star Wars Saga\LEGOStarWarsSaga.exe
FirewallRules: [{6A9A6755-2795-461A-B59C-EA6DAD8D20C1}] => (Allow) E:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{3C5EF787-814E-4CEA-9C08-30306D402A99}] => (Allow) E:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{A945C110-76A8-49C8-AEB6-18C28A378A66}] => (Allow) E:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{469C0C70-EF4F-417A-A254-794A2D6FEF86}] => (Allow) E:\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{61BE62EF-8ED1-476C-8CA4-9E382527031F}] => (Allow) E:\Steam\steamapps\common\Oceanhorn\Oceanhorn.exe
FirewallRules: [{E18EB7D8-9389-47B8-BB01-A3EF90A0A062}] => (Allow) E:\Steam\steamapps\common\Oceanhorn\Oceanhorn.exe
FirewallRules: [{D3514AB1-2AC9-4FCB-86F7-5CF7A136D868}] => (Allow) E:\Programme\Ubisoft Game Launcher\games\Anno 2070\Anno5.exe
FirewallRules: [{14270896-74BC-4F57-86A3-3A01CAD6BE19}] => (Allow) E:\Programme\Ubisoft Game Launcher\games\Anno 2070\Anno5.exe
FirewallRules: [{ED43D778-26A5-4D12-9D9D-D74F4C1CC2F7}] => (Allow) E:\Steam\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{2413CBEF-EC1F-4072-81DE-E4A8EB2F7E44}] => (Allow) E:\Steam\steamapps\common\Subnautica\Subnautica.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/20/2016 02:25:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (03/20/2016 01:24:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (03/20/2016 12:22:56 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (03/18/2016 10:31:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 45.0.0.5906 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 6f0

Startzeit: 01d1815d56f69ec0

Beendigungszeit: 46

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: b80e2815-ed50-11e5-9be6-600292b321ab

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (03/18/2016 10:31:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 45.0.0.5906, Zeitstempel: 0x56d8d4e9
Name des fehlerhaften Moduls: mozglue.dll, Version: 45.0.0.5906, Zeitstempel: 0x56d8c7fb
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ec50
ID des fehlerhaften Prozesses: 0x1f78
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (03/18/2016 06:18:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (03/17/2016 03:46:49 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (03/17/2016 01:55:00 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: Der Sicherungsspeicherort ist ungültig. Ein in die Sicherung einbezogenes Volume kann nicht als Speicherort verwendet werden. (0x80780040).

Error: (03/17/2016 01:54:58 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/17/2016 01:54:55 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.


Systemfehler:
=============
Error: (03/20/2016 01:25:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/20/2016 01:25:46 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\PASCAL~1\AppData\Local\Temp\ehdrv.sys

Error: (03/20/2016 01:25:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/20/2016 01:25:45 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\PASCAL~1\AppData\Local\Temp\ehdrv.sys

Error: (03/20/2016 01:25:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/20/2016 01:25:45 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\PASCAL~1\AppData\Local\Temp\ehdrv.sys

Error: (03/20/2016 01:25:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/20/2016 01:25:28 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\PASCAL~1\AppData\Local\Temp\ehdrv.sys

Error: (03/20/2016 01:25:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/20/2016 01:25:27 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\PASCAL~1\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2016-03-13 03:25:28.394
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-12 17:02:59.181
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-11 03:23:21.785
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-09 15:23:23.076
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-02 02:17:48.080
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-10 17:17:45.855
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-10 16:51:42.370
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-10 16:47:10.002
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-28 03:19:24.617
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-21 02:11:40.952
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10240.16384_none_ae8b861a138d2840\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 26%
Installierter physikalischer RAM: 8130.39 MB
Verfügbarer physikalischer RAM: 6000.86 MB
Summe virtueller Speicher: 9410.39 MB
Verfügbarer virtueller Speicher: 6997.06 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:111.35 GB) (Free:81.67 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive e: (Volume) (Fixed) (Total:931.39 GB) (Free:414.19 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 95A49282)
Partition 1: (Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

==================== Ende von Addition.txt ============================

Darf ich noch fragen was es denn war bzw hat das "Tracker Software Products" etwas mit dem PDF Reader zu tun? Danke!

M-K-D-B · 21.03.2016, 11:11

Servus,

ja, Tracker Software Products hat etwas mit dem PDF-Reader zu tun.
Wir haben aber nur die Tasks dazu gelöscht.

Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

Cleanup:
Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:
Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

	Emsisoft	Microsoft Security Essentials	ESET

Microsoft Security Essentials (MSE) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE entschieden hast, brauchst du nicht extra MSE zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.

NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:

Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Lade keine Software von Chip, Softonic oder SourceForge. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

NBX · 21.03.2016, 11:29

Grüße! Vielen Danke erstmal für deine schnelle Hilfe! DelFix hab ich ausgeführt und noch eine kurze Frage. Ich kann den PDF Reader ja auch deinstallieren oder? Da unter "Absicherung" in deiner Antwort dabei steht das man mit Firefox eh PDF`s lesen kann was ich gar nich gewusst habe.
Danke nochmal! MfG NBX

M-K-D-B · 21.03.2016, 11:45

Ich würde einen pdf-Reader auf dem Rechner lassen, falls Firefox mal nicht läuft.

Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.

Firefox Popup + Werbung

Plagegeister aller Art und deren Bekämpfung: Firefox Popup + Werbung