System Clean? Malwarebytes erkennt 2 Schadhafte Dateien laut Kaspersky ist das System Sicher

moreply · 18.08.2016, 20:13

Hi,

Nach Download

eines Tools zum aufspielen von APK. Files über IP,gab der Smartscreen Filter diese Meldung aus "smartscreen filter cannot be reached"troz bestehender Internet Verbindung.Und die Kaspersky Firewall war automatisch Deaktiviert(lies sich nach neustart wieder einschalten)

Der Scan von Kaspersky(Vollständiger Suchlauf)hat nichts gefunden.Nachdem Windows dann den Fehler "chrome.exe anwendungsfehler 0xc0000142" ausgab hab ich Malwarebytes laufen lassen das auch 2 Bedrohungen gefunden hat:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 18.08.2016
Suchlaufzeit: 01:17
Protokolldatei: MalwareBytes.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.08.17.14
Rootkit-Datenbank: v2016.08.15.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Luca Rauch

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 307298
Abgelaufene Zeit: 5 Min., 0 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 2
PUP.Optional.OnClickAds, C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_onclickads.net_0.localstorage, In Quarantäne, [49e91636cdcda1956a0f27c2709301ff], 
PUP.Optional.OnClickAds, C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_onclickads.net_0.localstorage-journal, In Quarantäne, [989a61eb475382b45c1d78719e65e21e], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Nach dem Löschen hab ich CCcleaner laufen lassen.Ein Scan mit mit Sophos Anti-Virus Tool hat auch nichts ergeben.Aktuell verhält sich das System normal.Kann ich davon ausgehen das es Clean ist?

FRST Logs Folgen extra

Gruß moreply

FRST.txt Teil 1

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-08-2016
durchgeführt von Luca Rauch (Administrator) auf LUCA-PC (18-08-2016 20:23:58)
Gestartet von C:\Users\Luca Rauch\Desktop
Geladene Profile: Luca Rauch (Verfügbare Profile: Luca Rauch)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Alle) =========================

(Microsoft Corporation) C:\Windows\System32\smss.exe
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\wininit.exe
(Microsoft Corporation) C:\Windows\System32\csrss.exe
(Microsoft Corporation) C:\Windows\System32\services.exe
(Microsoft Corporation) C:\Windows\System32\lsass.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\winlogon.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dwm.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\spoolsv.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avpui.exe
(Microsoft Corporation) C:\Windows\System32\sihost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(Microsoft Corporation) C:\Windows\explorer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Spotify Ltd) C:\Users\Luca Rauch\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Luca Rauch\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe
(Spotify Ltd) C:\Users\Luca Rauch\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Luca Rauch\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\fontdrvhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnetwk.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe
(Microsoft Corporation) C:\Windows\System32\ApplicationFrameHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.22511.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1605.1582.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\taskhostw.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Luca Rauch\Desktop\FRST64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe
(Microsoft Corporation) C:\Windows\System32\svchost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6625672 2016-08-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-08-09] (Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-08-05] (Raptr, Inc)
HKLM-x32\...\Run: [RoccatKonePure] => C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.EXE [561152 2014-01-20] (ROCCAT GmbH)
HKLM-x32\...\Run: [EaseUS EPM tray] => E:\Programme\EaseUS Partition Master 10.8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd)
HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-07-23] (Electronic Arts)
HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\...\Run: [Spotify Web Helper] => C:\Users\Luca Rauch\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1555056 2016-08-04] (Spotify Ltd)
HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\...\Run: [Spotify] => C:\Users\Luca Rauch\AppData\Roaming\Spotify\Spotify.exe [6937200 2016-08-04] (Spotify Ltd)
HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2852128 2016-08-03] (Valve Corporation)
HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\...\RunOnce: [Uninstall C:\Users\Luca Rauch\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Luca Rauch\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\...\RunOnce: [Uninstall C:\Users\Luca Rauch\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Luca Rauch\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
ShellIconOverlayIdentifiers: [] -> {b5458932-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Luca Rauch\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayError.dll [2016-05-06] ()
ShellIconOverlayIdentifiers: [] -> {b5458930-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Luca Rauch\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySynced.dll [2016-05-06] ()
ShellIconOverlayIdentifiers: [] -> {b5458934-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Luca Rauch\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayReadOnly.dll [2016-05-06] ()
ShellIconOverlayIdentifiers: [] -> {b5458933-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Luca Rauch\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayLock.dll [2016-05-06] ()
ShellIconOverlayIdentifiers: [] -> {b5458931-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Luca Rauch\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySyncing.dll [2016-05-06] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-07-30]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5-x64 07 C:\Windows\system32\wlidnsp.dll [66048 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Windows\system32\wlidnsp.dll [66048 2016-07-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{177e6d71-f112-4f6b-9206-f24be18284e1}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================

FireFox:
========
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-08-16]

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR Profile: C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-09]
CHR Extension: (Flash Video Downloader) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2016-08-18]
CHR Extension: (Google Docs) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-09]
CHR Extension: (Google Drive) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-09]
CHR Extension: (Adguard Werbeblocker) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2016-08-05]
CHR Extension: (YouTube) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-09]
CHR Extension: (Google Cast) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-08-16]
CHR Extension: (TrafficLight) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfnpidifppmenkapgihekkeednfoenal [2016-08-05]
CHR Extension: (Google Play Musik) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2016-08-18]
CHR Extension: (Google Tabellen) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-09]
CHR Extension: (Play to Kodi) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\fncjhcjfnnooidlkijollckpakkebden [2016-08-17]
CHR Extension: (Google Play Filme & Serien) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdijeikdkaembjbdobgfkoidjkpbmlkd [2016-04-09]
CHR Extension: (Google Docs Offline) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-09]
CHR Extension: (AdBlock) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-30]
CHR Extension: (Google Notizen – Notizen & Listen) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-08-16]
CHR Extension: (SmallringFX DarkBlue Theme) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfijmgohofmpjlcgmjplbpmkpchdhpk [2016-04-09]
CHR Extension: (Kaspersky Protection) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpeeaghdjmhlakojjcgfdhgcejdaefmi [2016-08-05]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-09]
CHR Extension: (Google Mail) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-09]
CHR Extension: (Chrome Media Router) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-18]
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi

==================== Dienste (Alle) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AJRouter; C:\Windows\System32\AJRouter.dll [24576 2016-07-16] (Microsoft Corporation)
S3 ALG; C:\Windows\System32\alg.exe [95744 2016-07-16] (Microsoft Corporation)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [279184 2016-08-11] (AMD)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [124416 2016-07-16] (Microsoft Corporation)
R3 Appinfo; C:\Windows\System32\appinfo.dll [125952 2016-07-16] (Microsoft Corporation)
S3 AppReadiness; C:\Windows\system32\AppReadiness.dll [560128 2016-07-16] (Microsoft Corporation)
R3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [2264064 2016-07-16] (Microsoft Corporation)
R2 AudioEndpointBuilder; C:\Windows\System32\AudioEndpointBuilder.dll [337920 2016-07-16] (Microsoft Corporation)
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [944640 2016-07-16] (Microsoft Corporation)
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [113664 2016-07-16] (Microsoft Corporation)
S3 BDESVC; C:\Windows\System32\bdesvc.dll [354304 2016-07-16] (Microsoft Corporation)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1863688 2016-05-14] ()
R2 BFE; C:\Windows\System32\bfe.dll [795648 2016-07-16] (Microsoft Corporation)
R2 BITS; C:\Windows\System32\qmgr.dll [1052672 2016-07-16] (Microsoft Corporation)
R2 BrokerInfrastructure; C:\Windows\System32\bisrv.dll [770048 2016-08-10] (Microsoft Corporation)
R3 Browser; C:\Windows\System32\browser.dll [134656 2016-07-16] (Microsoft Corporation)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321536 2016-07-16] (Microsoft Corporation)
S3 bthserv; C:\Windows\system32\bthserv.dll [157184 2016-07-16] (Microsoft Corporation)
R2 CDPSvc; C:\Windows\System32\CDPSvc.dll [409088 2016-07-16] (Microsoft Corporation)
S2 CDPUserSvc; C:\Windows\System32\CDPUserSvc.dll [337408 2016-07-16] (Microsoft Corporation)
R2 CDPUserSvc_404bc; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 CDPUserSvc_404bc; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 CertPropSvc; C:\Windows\System32\certprop.dll [193536 2016-07-16] (Microsoft Corporation)
S3 ClipSVC; C:\Windows\System32\ClipSVC.dll [729328 2016-07-16] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\Windows\system32\coremessaging.dll [765456 2016-07-16] (Microsoft Corporation)
R2 CoreMessagingRegistrar; C:\WINDOWS\SysWOW64\coremessaging.dll [483840 2016-07-16] (Microsoft Corporation)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [81920 2016-07-16] (Microsoft Corporation)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [888320 2016-07-16] (Microsoft Corporation)
S3 DcpSvc; C:\Windows\system32\dcpsvc.dll [183808 2016-07-16] (Microsoft Corporation)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [511488 2016-07-16] (Microsoft Corporation)
R2 DeviceAssociationService; C:\Windows\system32\das.dll [447488 2016-07-16] (Microsoft Corporation)
S3 DeviceInstall; C:\Windows\system32\umpnpmgr.dll [111104 2016-07-16] (Microsoft Corporation)
S3 DevQueryBroker; C:\Windows\system32\DevQueryBroker.dll [34304 2016-07-16] (Microsoft Corporation)
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [360960 2016-07-16] (Microsoft Corporation)
R2 Dhcp; C:\WINDOWS\SysWOW64\dhcpcore.dll [292864 2016-07-16] (Microsoft Corporation)
S3 diagnosticshub.standardcollector.service; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [93184 2016-07-16] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1980416 2016-07-16] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\Windows\system32\Windows.Internal.Management.dll [407552 2016-07-16] (Microsoft Corporation)
S3 DmEnrollmentSvc; C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll [298496 2016-07-16] (Microsoft Corporation)
S3 dmwappushservice; C:\Windows\system32\dmwappushsvc.dll [57344 2016-07-16] (Microsoft Corporation)
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [264192 2016-07-16] (Microsoft Corporation)
R2 DoSvc; C:\Windows\system32\dosvc.dll [1234944 2016-07-16] (Microsoft Corporation)
S3 dot3svc; C:\Windows\System32\dot3svc.dll [262144 2016-07-16] (Microsoft Corporation)
R2 DPS; C:\Windows\system32\dps.dll [172032 2016-07-16] (Microsoft Corporation)
S3 DsmSvc; C:\Windows\System32\DeviceSetupManager.dll [197632 2016-07-16] (Microsoft Corporation)
R3 DsSvc; C:\Windows\System32\DsSvc.dll [152576 2016-07-16] (Microsoft Corporation)
S3 EapHost; C:\Windows\System32\eapsvc.dll [112128 2016-07-16] (Microsoft Corporation)
S3 EFS; C:\Windows\system32\efssvc.dll [55296 2016-07-16] (Microsoft Corporation)
S3 embeddedmode; C:\Windows\System32\embeddedmodesvc.dll [140800 2016-07-16] (Microsoft Corporation)
S3 EntAppSvc; C:\Windows\system32\EnterpriseAppMgmtSvc.dll [285696 2016-07-16] (Microsoft Corporation)
R2 EventLog; C:\Windows\System32\wevtsvc.dll [1708544 2016-08-10] (Microsoft Corporation)
R2 EventSystem; C:\Windows\system32\es.dll [453632 2016-07-16] (Microsoft Corporation)
R2 EventSystem; C:\WINDOWS\SysWOW64\es.dll [347136 2016-07-16] (Microsoft Corporation)
S3 Fax; C:\Windows\system32\fxssvc.exe [644608 2016-07-16] (Microsoft Corporation)
R3 fdPHost; C:\Windows\system32\fdPHost.dll [20992 2016-07-16] (Microsoft Corporation)
R3 FDResPub; C:\Windows\system32\fdrespub.dll [35328 2016-07-16] (Microsoft Corporation)
S3 fhsvc; C:\Windows\system32\fhsvc.dll [122368 2016-07-16] (Microsoft Corporation)
R2 FontCache; C:\Windows\system32\FntCache.dll [1840640 2016-07-16] (Microsoft Corporation)
S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [43696 2016-05-25] (Microsoft Corporation)
S3 FrameServer; C:\Windows\system32\FrameServer.dll [803840 2016-07-16] (Microsoft Corporation)
R2 gpsvc; C:\Windows\System32\gpsvc.dll [1225728 2016-07-16] (Microsoft Corporation)
S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-04-09] (Google Inc.)
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-04-09] (Google Inc.)
R3 hidserv; C:\Windows\system32\hidserv.dll [36864 2016-07-16] (Microsoft Corporation)
R3 hidserv; C:\WINDOWS\SysWOW64\hidserv.dll [32256 2016-07-16] (Microsoft Corporation)
R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [274432 2016-07-16] (Microsoft Corporation)
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [447488 2016-07-16] (Microsoft Corporation)
R3 HomeGroupProvider; C:\WINDOWS\SysWOW64\provsvc.dll [385536 2016-07-16] (Microsoft Corporation)
S3 HvHost; C:\Windows\System32\hvhostsvc.dll [67584 2016-07-16] (Microsoft Corporation)
S3 icssvc; C:\Windows\System32\tetheringservice.dll [202240 2016-07-16] (Microsoft Corporation)
R2 IKEEXT; C:\Windows\System32\ikeext.dll [932352 2016-07-16] (Microsoft Corporation)
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [945664 2016-07-16] (Microsoft Corporation)
S3 irmon; C:\Windows\System32\irmon.dll [25088 2016-07-16] (Microsoft Corporation)
R3 KeyIso; C:\Windows\system32\keyiso.dll [96768 2016-07-16] (Microsoft Corporation)
R3 KeyIso; C:\WINDOWS\SysWOW64\keyiso.dll [70656 2016-07-16] (Microsoft Corporation)
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [395776 2015-05-04] (Rivet Networks) [Datei ist nicht signiert]
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [376320 2016-07-16] (Microsoft Corporation)
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [305152 2016-07-16] (Microsoft Corporation)
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [283136 2016-07-16] (Microsoft Corporation)
R3 lfsvc; C:\Windows\System32\lfsvc.dll [37376 2016-07-16] (Microsoft Corporation)
R3 LicenseManager; C:\Windows\system32\LicenseManagerSvc.dll [23040 2016-07-16] (Microsoft Corporation)
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [275456 2016-07-16] (Microsoft Corporation)
R3 lmhosts; C:\Windows\System32\lmhsvc.dll [27136 2016-07-16] (Microsoft Corporation)
R2 LSM; C:\Windows\System32\lsm.dll [691712 2016-07-16] (Microsoft Corporation)
S2 MapsBroker; C:\Windows\System32\moshost.dll [77312 2016-07-16] (Microsoft Corporation)
S3 MessagingService; C:\Windows\System32\MessagingService.dll [52224 2016-07-16] (Microsoft Corporation)
S3 MessagingService_404bc; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 MessagingService_404bc; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [893952 2016-07-16] (Microsoft Corporation)
S3 MSDTC; C:\Windows\System32\msdtc.exe [147456 2016-07-16] (Microsoft Corporation)
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [151552 2016-07-16] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [65024 2016-07-16] (Microsoft Corporation)
S3 msiserver; C:\WINDOWS\SysWOW64\msiexec.exe [58368 2016-07-16] (Microsoft Corporation)
S3 NcaSvc; C:\Windows\System32\ncasvc.dll [167936 2016-07-16] (Microsoft Corporation)
R3 NcbService; C:\Windows\System32\ncbservice.dll [339968 2016-07-16] (Microsoft Corporation)
R3 NcdAutoSetup; C:\Windows\System32\NcdAutoSetup.dll [88576 2016-07-16] (Microsoft Corporation)
S3 Netlogon; C:\Windows\system32\netlogon.dll [827392 2016-07-16] (Microsoft Corporation)
S3 Netlogon; C:\WINDOWS\SysWOW64\netlogon.dll [670720 2016-07-16] (Microsoft Corporation)
S3 Netman; C:\Windows\System32\netman.dll [259072 2016-07-16] (Microsoft Corporation)
R3 netprofm; C:\Windows\System32\netprofmsvc.dll [519168 2016-07-16] (Microsoft Corporation)
S3 NetSetupSvc; C:\Windows\System32\NetSetupSvc.dll [265216 2016-07-16] (Microsoft Corporation)
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [136360 2016-07-16] (Microsoft Corporation)
S3 NgcCtnrSvc; C:\Windows\System32\NgcCtnrSvc.dll [326656 2016-07-16] (Microsoft Corporation)
S3 NgcSvc; C:\Windows\system32\ngcsvc.dll [983040 2016-07-16] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [368640 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\nsisvc.dll [30720 2016-07-16] (Microsoft Corporation)
S2 OneSyncSvc; C:\Windows\System32\APHostService.dll [366592 2016-07-16] (Microsoft Corporation)
R2 OneSyncSvc_404bc; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 OneSyncSvc_404bc; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-07-23] (Electronic Arts)
R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [345088 2016-07-16] (Microsoft Corporation)
R3 p2psvc; C:\Windows\system32\p2psvc.dll [425472 2016-07-16] (Microsoft Corporation)
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [500064 2016-07-16] (Microsoft Corporation)
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [21504 2016-07-16] (Microsoft Corporation)
S3 PhoneSvc; C:\Windows\System32\PhoneService.dll [781312 2016-07-16] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc; C:\Windows\System32\PimIndexMaintenance.dll [203776 2016-07-16] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_404bc; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 PimIndexMaintenanceSvc_404bc; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 pla; C:\Windows\system32\pla.dll [1457152 2016-07-16] (Microsoft Corporation)
S3 pla; C:\WINDOWS\SysWOW64\pla.dll [1536512 2016-07-16] (Microsoft Corporation)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-08-09] (Plays.tv, LLC)
R3 PlugPlay; C:\Windows\system32\umpnpmgr.dll [111104 2016-07-16] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-05-16] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-05-16] ()
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [27648 2016-07-16] (Microsoft Corporation)
R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [345088 2016-07-16] (Microsoft Corporation)
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [391168 2016-07-16] (Microsoft Corporation)
R2 Power; C:\Windows\system32\umpo.dll [123904 2016-07-16] (Microsoft Corporation)
S3 PrintNotify; C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll [3318272 2016-07-16] (Microsoft Corporation)
R2 ProfSvc; C:\Windows\system32\profsvc.dll [358400 2016-07-16] (Microsoft Corporation)
S3 QWAVE; C:\Windows\system32\qwave.dll [275456 2016-07-16] (Microsoft Corporation)
S3 QWAVE; C:\WINDOWS\SysWOW64\qwave.dll [234496 2016-07-16] (Microsoft Corporation)
S3 RasAuto; C:\Windows\System32\rasauto.dll [105472 2016-07-16] (Microsoft Corporation)
R3 RasMan; C:\Windows\System32\rasmans.dll [647680 2016-07-16] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [495104 2016-07-16] (Microsoft Corporation)
S4 RemoteAccess; C:\WINDOWS\SysWOW64\mprdim.dll [430592 2016-07-16] (Microsoft Corporation)
S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [155648 2016-07-16] (Microsoft Corporation)
S3 RetailDemo; C:\Windows\system32\RDXService.dll [650752 2016-07-16] (Microsoft Corporation)
S3 RmSvc; C:\Windows\System32\RMapi.dll [141312 2016-07-16] (Microsoft Corporation)
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [79360 2016-07-16] (Microsoft Corporation)
S3 RpcLocator; C:\Windows\system32\locator.exe [11264 2016-07-16] (Microsoft Corporation)
R2 RpcSs; C:\Windows\system32\rpcss.dll [888320 2016-07-16] (Microsoft Corporation)
R2 SamSs; C:\Windows\system32\lsass.exe [57400 2016-07-16] (Microsoft Corporation)
S4 SCardSvr; C:\Windows\System32\SCardSvr.dll [250880 2016-07-16] (Microsoft Corporation)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [201728 2016-07-16] (Microsoft Corporation)
R2 Schedule; C:\Windows\system32\schedsvc.dll [948224 2016-07-16] (Microsoft Corporation)
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [193536 2016-07-16] (Microsoft Corporation)
R3 SDRSVC; C:\Windows\System32\SDRSVC.dll [147968 2016-07-16] (Microsoft Corporation)
S3 seclogon; C:\Windows\system32\seclogon.dll [31232 2016-07-16] (Microsoft Corporation)
R2 SENS; C:\Windows\System32\sens.dll [70656 2016-07-16] (Microsoft Corporation)
S3 SensorDataService; C:\Windows\System32\SensorDataService.exe [1312768 2016-07-16] (Microsoft Corporation)
S3 SensorService; C:\Windows\system32\SensorService.dll [417792 2016-07-16] (Microsoft Corporation)
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [179200 2016-07-17] (Microsoft Corporation)
S3 SessionEnv; C:\Windows\system32\sessenv.dll [386560 2016-07-16] (Microsoft Corporation)
S3 SessionEnv; C:\WINDOWS\SysWOW64\sessenv.dll [331264 2016-07-16] (Microsoft Corporation)
S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [541696 2016-07-16] (Microsoft Corporation)
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [617472 2016-07-16] (Microsoft Corporation)
R2 ShellHWDetection; C:\WINDOWS\SysWOW64\shsvcs.dll [566784 2016-07-16] (Microsoft Corporation)
S4 shpamsvc; C:\Windows\system32\Windows.SharedPC.AccountManager.dll [161792 2016-07-16] (Microsoft Corporation)
S3 smphost; C:\Windows\System32\smphost.dll [23552 2016-07-16] (Microsoft Corporation)
S3 smphost; C:\WINDOWS\SysWOW64\smphost.dll [20992 2016-07-16] (Microsoft Corporation)
S3 SmsRouter; C:\Windows\system32\SmsRouterSvc.dll [590848 2016-07-16] (Microsoft Corporation)
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [15872 2016-07-16] (Microsoft Corporation)
R2 Spooler; C:\Windows\System32\spoolsv.exe [787968 2016-07-16] (Microsoft Corporation)
S2 sppsvc; C:\Windows\system32\sppsvc.exe [5622600 2016-07-16] (Microsoft Corporation)
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [236544 2016-07-16] (Microsoft Corporation)
R3 SstpSvc; C:\Windows\system32\sstpsvc.dll [209920 2016-07-16] (Microsoft Corporation)
R3 StateRepository; C:\Windows\system32\windows.staterepository.dll [4136448 2016-07-16] (Microsoft Corporation)
R3 StateRepository; C:\WINDOWS\SysWOW64\windows.staterepository.dll [3369984 2016-07-16] (Microsoft Corporation)
S3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [1452320 2016-08-03] (Valve Corporation)
R2 stisvc; C:\Windows\System32\wiaservc.dll [646656 2016-07-16] (Microsoft Corporation)
R3 StorSvc; C:\Windows\system32\storsvc.dll [396800 2016-07-16] (Microsoft Corporation)
S3 svsvc; C:\Windows\system32\svsvc.dll [13824 2016-07-16] (Microsoft Corporation)
S3 swprv; C:\Windows\System32\swprv.dll [467456 2016-07-16] (Microsoft Corporation)
R2 SysMain; C:\Windows\system32\sysmain.dll [944128 2016-07-16] (Microsoft Corporation)
R2 SystemEventsBroker; C:\Windows\System32\SystemEventsBrokerServer.dll [387072 2016-07-16] (Microsoft Corporation)
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [148992 2016-07-16] (Microsoft Corporation)
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [309248 2016-07-16] (Microsoft Corporation)
S3 TapiSrv; C:\WINDOWS\SysWOW64\tapisrv.dll [254976 2016-07-16] (Microsoft Corporation)
S3 TermService; C:\Windows\System32\termsrv.dll [987648 2016-07-16] (Microsoft Corporation)
R2 Themes; C:\Windows\system32\themeservice.dll [70656 2016-07-16] (Microsoft Corporation)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [287744 2016-07-16] (Microsoft Corporation)
R2 tiledatamodelsvc; C:\Windows\system32\tileobjserver.dll [574976 2016-07-16] (Microsoft Corporation)
R3 TimeBrokerSvc; C:\Windows\System32\TimeBrokerServer.dll [177664 2016-07-16] (Microsoft Corporation)
R2 TrkWks; C:\Windows\System32\trkwks.dll [116736 2016-07-16] (Microsoft Corporation)
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [122880 2016-07-16] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [95232 2016-07-16] (Microsoft Corporation)
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [42496 2016-07-16] (Microsoft Corporation)
S3 UmRdpService; C:\Windows\System32\umrdp.dll [273408 2016-07-17] (Microsoft Corporation)
S3 UnistoreSvc; C:\Windows\System32\unistore.dll [1184256 2016-07-16] (Microsoft Corporation)
S3 UnistoreSvc; C:\WINDOWS\SysWOW64\unistore.dll [968704 2016-07-16] (Microsoft Corporation)
R3 UnistoreSvc_404bc; C:\WINDOWS\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 UnistoreSvc_404bc; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R3 upnphost; C:\Windows\System32\upnphost.dll [440832 2016-07-16] (Microsoft Corporation)
R3 upnphost; C:\WINDOWS\SysWOW64\upnphost.dll [328192 2016-07-16] (Microsoft Corporation)
S3 UserDataSvc; C:\Windows\System32\userdataservice.dll [1512448 2016-07-16] (Microsoft Corporation)
R3 UserDataSvc_404bc; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 UserDataSvc_404bc; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 UserManager; C:\Windows\System32\usermgr.dll [1020928 2016-07-16] (Microsoft Corporation)
S3 UsoSvc; C:\Windows\system32\usocore.dll [539136 2016-07-16] (Microsoft Corporation)
R3 VaultSvc; C:\Windows\System32\vaultsvc.dll [358912 2016-07-16] (Microsoft Corporation)
S3 vds; C:\Windows\System32\vds.exe [649216 2016-07-16] (Microsoft Corporation)
S3 vmicguestinterface; C:\Windows\System32\icsvc.dll [305152 2016-07-16] (Microsoft Corporation)
S3 vmicheartbeat; C:\Windows\System32\icsvc.dll [305152 2016-07-16] (Microsoft Corporation)
S3 vmickvpexchange; C:\Windows\System32\icsvc.dll [305152 2016-07-16] (Microsoft Corporation)
S3 vmicrdv; C:\Windows\System32\icsvcext.dll [349696 2016-07-16] (Microsoft Corporation)
S3 vmicshutdown; C:\Windows\System32\icsvc.dll [305152 2016-07-16] (Microsoft Corporation)
S3 vmictimesync; C:\Windows\System32\icsvc.dll [305152 2016-07-16] (Microsoft Corporation)
S3 vmicvmsession; C:\Windows\System32\icsvc.dll [305152 2016-07-16] (Microsoft Corporation)
S3 vmicvss; C:\Windows\System32\icsvcext.dll [349696 2016-07-16] (Microsoft Corporation)
S3 VSS; C:\Windows\system32\vssvc.exe [1443328 2016-07-16] (Microsoft Corporation)
S3 W32Time; C:\Windows\system32\w32time.dll [520192 2016-07-16] (Microsoft Corporation)
S3 WalletService; C:\Windows\system32\WalletService.dll [436224 2016-07-16] (Microsoft Corporation)
S3 wbengine; C:\Windows\system32\wbengine.exe [1547264 2016-07-16] (Microsoft Corporation)
S2 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [837632 2016-07-16] (Microsoft Corporation)
R2 Wcmsvc; C:\Windows\System32\wcmsvc.dll [718848 2016-07-16] (Microsoft Corporation)
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [468992 2016-07-16] (Microsoft Corporation)
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [97792 2016-07-16] (Microsoft Corporation)
R3 WdiServiceHost; C:\WINDOWS\SysWOW64\wdi.dll [89088 2016-07-16] (Microsoft Corporation)
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [97792 2016-07-16] (Microsoft Corporation)
R3 WdiSystemHost; C:\WINDOWS\SysWOW64\wdi.dll [89088 2016-07-16] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WebClient; C:\Windows\System32\webclnt.dll [227328 2016-07-16] (Microsoft Corporation)
S3 WebClient; C:\WINDOWS\SysWOW64\webclnt.dll [198656 2016-07-16] (Microsoft Corporation)
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [206848 2016-07-16] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [27648 2016-07-16] (Microsoft Corporation)
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [94208 2016-07-16] (Microsoft Corporation)
S3 WerSvc; C:\Windows\System32\WerSvc.dll [156672 2016-07-16] (Microsoft Corporation)
S3 WiaRpc; C:\Windows\System32\wiarpc.dll [82944 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [814592 2016-07-16] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\WINDOWS\SysWOW64\winhttp.dll [631808 2016-07-16] (Microsoft Corporation)
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [222720 2016-07-16] (Microsoft Corporation)
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2716672 2016-07-16] (Microsoft Corporation)
S3 WinRM; C:\WINDOWS\SysWOW64\WsmSvc.dll [2333184 2016-07-16] (Microsoft Corporation)
S3 wisvc; C:\Windows\system32\flightsettings.dll [614912 2016-07-16] (Microsoft Corporation)
S3 WlanSvc; C:\Windows\System32\wlansvc.dll [2368512 2016-07-16] (Microsoft Corporation)
R3 wlidsvc; C:\Windows\system32\wlidsvc.dll [2104832 2016-07-16] (Microsoft Corporation)
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2016-07-16] (Microsoft Corporation)
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1184256 2016-07-16] (Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1836032 2016-07-16] (Microsoft Corporation)
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [88064 2016-07-16] (Microsoft Corporation)
R2 WpnService; C:\Windows\system32\WpnService.dll [234496 2016-07-16] (Microsoft Corporation)
S3 WpnUserService; C:\Windows\System32\WpnUserService.dll [74240 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_404bc; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S3 WpnUserService_404bc; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 wscsvc; C:\Windows\System32\wscsvc.dll [187904 2016-07-16] (Microsoft Corporation)
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [903680 2016-07-16] (Microsoft Corporation)
R2 WSearch; C:\WINDOWS\SysWOW64\SearchIndexer.exe [773120 2016-07-16] (Microsoft Corporation)
S3 wuauserv; C:\Windows\system32\wuaueng.dll [2314752 2016-07-16] (Microsoft Corporation)
R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [99840 2016-07-16] (Microsoft Corporation)
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [1281536 2016-07-16] (Microsoft Corporation)
S3 XblAuthManager; C:\Windows\System32\XblAuthManager.dll [1012224 2016-07-16] (Microsoft Corporation)
S3 XblGameSave; C:\Windows\System32\XblGameSave.dll [1159680 2016-07-16] (Microsoft Corporation)
S3 XboxNetApiSvc; C:\Windows\system32\XboxNetApiSvc.dll [1025536 2016-07-16] (Microsoft Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
S3 SophosVirusRemovalTool; C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [X]

==================== Treiber (Alle) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 1394ohci; C:\Windows\System32\drivers\1394ohci.sys [235520 2016-07-16] (Microsoft Corporation)
S0 3ware; C:\Windows\System32\drivers\3ware.sys [107360 2016-07-16] (LSI)
R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [705888 2016-07-16] (Microsoft Corporation)
S3 AcpiDev; C:\Windows\System32\drivers\AcpiDev.sys [18432 2016-07-16] (Microsoft Corporation)
R0 acpiex; C:\Windows\System32\Drivers\acpiex.sys [126816 2016-07-16] (Microsoft Corporation)
S3 acpipagr; C:\Windows\System32\drivers\acpipagr.sys [12288 2016-07-16] (Microsoft Corporation)
S3 AcpiPmi; C:\Windows\System32\drivers\acpipmi.sys [14336 2016-07-16] (Microsoft Corporation)
S3 acpitime; C:\Windows\System32\drivers\acpitime.sys [13312 2016-07-16] (Microsoft Corporation)
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [1135456 2016-07-16] (PMC-Sierra)
R1 AFD; C:\Windows\system32\drivers\afd.sys [583520 2016-07-16] (Microsoft Corporation)
R1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [227328 2016-07-16] (Microsoft Corporation)
S3 AmdK8; C:\Windows\System32\drivers\amdk8.sys [123392 2016-07-16] (Microsoft Corporation)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [26719376 2016-08-11] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [510096 2016-08-11] (Advanced Micro Devices, Inc.)
R3 AmdPPM; C:\Windows\System32\drivers\amdppm.sys [120832 2016-07-16] (Microsoft Corporation)
S0 amdsata; C:\Windows\System32\drivers\amdsata.sys [83296 2016-07-16] (Advanced Micro Devices)
R0 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [259424 2016-07-16] (AMD Technologies Inc.)
S0 amdxata; C:\Windows\System32\drivers\amdxata.sys [26976 2016-07-16] (Advanced Micro Devices)
S3 AppID; C:\Windows\System32\drivers\appid.sys [172896 2016-07-16] (Microsoft Corporation)
S3 applockerfltr; C:\Windows\System32\drivers\applockerfltr.sys [15360 2016-07-16] (Microsoft Corporation)
S0 arcsas; C:\Windows\System32\drivers\arcsas.sys [131936 2016-07-16] (PMC-Sierra, Inc.)
S3 AsrCDDrv; C:\Windows\SysWOW64\Drivers\AsrCDDrv.sys [16904 2016-02-25] (ASRock Incorporation)
S3 AsusVBus; C:\Windows\System32\drivers\AsusVBus.sys [39704 2015-10-07] (Windows (R) Win 7 DDK provider)
S3 AsyncMac; C:\Windows\System32\drivers\asyncmac.sys [28160 2016-07-16] (Microsoft Corporation)
R0 atapi; C:\Windows\System32\drivers\atapi.sys [28512 2016-07-16] (Microsoft Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [118848 2016-07-28] (Advanced Micro Devices)
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [84472 2015-10-07] (ASUS Corporation)
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [533856 2016-07-16] (QLogic Corporation)
R1 BasicDisplay; C:\Windows\System32\drivers\BasicDisplay.sys [56320 2016-07-16] (Microsoft Corporation)
R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [41472 2016-07-16] (Microsoft Corporation)
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [36192 2016-07-16] (Microsoft Corporation)
S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2016-07-16] (Windows (R) Win 7 DDK provider)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [9728 2016-07-16] (Windows (R) Win 7 DDK provider)
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [9728 2016-07-16] (Microsoft Corporation)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [115760 2015-04-29] (Rivet Networks, LLC.)
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [103424 2016-07-16] (Microsoft Corporation)
S3 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [43008 2016-07-16] (Microsoft Corporation)
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [65536 2016-07-16] (Microsoft Corporation)
S3 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [31232 2016-07-16] (Microsoft Corporation)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [66048 2016-07-16] (Microsoft Corporation)
S3 buttonconverter; C:\Windows\System32\drivers\buttonconverter.sys [38912 2016-07-16] (Microsoft Corporation)
S3 CapImg; C:\Windows\System32\drivers\capimg.sys [117248 2016-07-16] (Microsoft Corporation)
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2016-07-16] (Microsoft Corporation)
S1 cdrom; C:\Windows\System32\drivers\cdrom.sys [173056 2016-07-16] (Microsoft Corporation)
S3 cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [346976 2016-07-16] (Chelsio Communications)
S3 cht4vbd; C:\Windows\System32\drivers\cht4vx64.sys [2104160 2016-07-16] (Chelsio Communications)
S3 circlass; C:\Windows\System32\drivers\circlass.sys [48640 2016-07-16] (Microsoft Corporation)
R0 CLFS; C:\Windows\System32\drivers\CLFS.sys [376160 2016-07-16] (Microsoft Corporation)
R2 clreg; C:\Windows\System32\drivers\registry.sys [70144 2016-07-16] (Microsoft Corporation)
S3 CmBatt; C:\Windows\System32\drivers\CmBatt.sys [29696 2016-07-16] (Microsoft Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R0 CNG; C:\Windows\System32\Drivers\cng.sys [619368 2016-08-02] (Microsoft Corporation)
S4 cnghwassist; C:\Windows\System32\DRIVERS\cnghwassist.sys [38752 2016-07-16] (Microsoft Corporation)
R3 CompositeBus; C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys [39936 2016-07-16] (Microsoft Corporation)
R3 condrv; C:\Windows\System32\drivers\condrv.sys [53088 2016-07-16] (Microsoft Corporation)
S1 dam; C:\Windows\System32\drivers\dam.sys [62816 2016-08-10] (Microsoft Corporation)
R0 dcrypt; C:\Windows\System32\drivers\dcrypt.sys [210632 2014-07-09] ()
R1 Dfsc; C:\Windows\System32\Drivers\dfsc.sys [144384 2016-07-16] (Microsoft Corporation)
R0 disk; C:\Windows\System32\drivers\disk.sys [101720 2016-07-16] (Microsoft Corporation)
S3 dmvsc; C:\Windows\System32\drivers\dmvsc.sys [35840 2016-07-16] (Microsoft Corporation)
S3 drmkaud; C:\Windows\system32\DRIVERS\drmkaud.sys [16168 2016-07-16] (Microsoft Corporation)
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [2190688 2016-08-10] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3418976 2016-07-16] (QLogic Corporation)
R0 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [88416 2016-07-16] (Microsoft Corporation)
S0 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [118112 2016-07-16] (Microsoft Corporation)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
S3 ErrDev; C:\Windows\System32\drivers\errdev.sys [13312 2016-07-16] (Microsoft Corporation)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [334848 2016-07-16] (Microsoft Corporation)
S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [352096 2016-07-16] (Microsoft Corporation)
S3 fdc; C:\Windows\System32\drivers\fdc.sys [32256 2016-07-16] (Microsoft Corporation)
R1 FileCrypt; C:\Windows\System32\drivers\filecrypt.sys [88576 2016-07-16] (Microsoft Corporation)
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [85344 2016-07-16] (Microsoft Corporation)
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [35840 2016-07-16] (Microsoft Corporation)
S3 flpydisk; C:\Windows\System32\drivers\flpydisk.sys [26112 2016-07-16] (Microsoft Corporation)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [377696 2016-07-16] (Microsoft Corporation)
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [62816 2016-07-16] (Microsoft Corporation)
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [31584 2016-07-16] (Microsoft Corporation)
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [645472 2016-07-16] (Microsoft Corporation)
S3 gencounter; C:\Windows\System32\drivers\vmgencounter.sys [13312 2016-07-16] (Microsoft Corporation)
S3 genericusbfn; C:\Windows\System32\drivers\genericusbfn.sys [20480 2016-07-16] (Microsoft Corporation)
S3 GPIOClx0101; C:\Windows\System32\Drivers\msgpioclx.sys [168800 2016-07-16] (Microsoft Corporation)
R1 GpuEnergyDrv; C:\Windows\System32\drivers\gpuenergydrv.sys [8192 2016-07-16] (Microsoft Corporation)
R3 HDAudBus; C:\Windows\System32\drivers\HDAudBus.sys [83456 2016-07-16] (Microsoft Corporation)
S3 HidBatt; C:\Windows\System32\drivers\HidBatt.sys [36704 2016-07-16] (Microsoft Corporation)
S3 HidBth; C:\Windows\System32\drivers\hidbth.sys [108032 2016-07-16] (Microsoft Corporation)
S3 hidi2c; C:\Windows\System32\drivers\hidi2c.sys [51200 2016-07-16] (Microsoft Corporation)
S3 hidinterrupt; C:\Windows\System32\drivers\hidinterrupt.sys [50016 2016-07-16] (Microsoft Corporation)
S3 HidIr; C:\Windows\System32\drivers\hidir.sys [46592 2016-07-16] (Microsoft Corporation)
R3 HidUsb; C:\Windows\System32\drivers\hidusb.sys [38400 2016-07-16] (Microsoft Corporation)
S0 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64352 2016-07-16] (Hewlett-Packard Company)
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [1046368 2016-07-16] (Microsoft Corporation)
S3 hvservice; C:\Windows\System32\drivers\hvservice.sys [73568 2016-07-16] (Microsoft Corporation)
S0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [29536 2016-07-16] (Microsoft Corporation)
S3 hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [16384 2016-07-16] (Microsoft Corporation)
S3 i8042prt; C:\Windows\System32\drivers\i8042prt.sys [114176 2016-07-16] (Microsoft Corporation)
S3 iagpio; C:\Windows\System32\drivers\iagpio.sys [33280 2016-07-16] (Intel(R) Corporation)
S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [81408 2016-07-16] (Intel(R) Corporation)
S3 iaLPSS2i_GPIO2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [64512 2016-07-16] (Intel Corporation)
S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [176384 2016-07-16] (Intel Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [38128 2016-07-16] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [113152 2016-07-16] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [673120 2016-07-16] (Intel Corporation)
S0 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [412000 2016-07-16] (Intel Corporation)
S3 ibbus; C:\Windows\System32\drivers\ibbus.sys [526176 2016-07-16] (Mellanox)
S3 IndirectKmd; C:\Windows\System32\drivers\IndirectKmd.sys [35840 2016-07-16] (Microsoft Corporation)
R3 IntcAzAudAddService; C:\Windows\system32\drivers\RTKVHD64.sys [3564376 2013-07-30] (Realtek Semiconductor Corp.)
S0 intelide; C:\Windows\System32\drivers\intelide.sys [19296 2016-07-16] (Microsoft Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [48152 2016-07-16] (Microsoft Corporation)
S3 intelppm; C:\Windows\System32\drivers\intelppm.sys [134144 2016-07-16] (Microsoft Corporation)
R0 iorate; C:\Windows\System32\drivers\iorate.sys [45920 2016-07-16] (Microsoft Corporation)
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [85504 2016-07-16] (Microsoft Corporation)
S3 IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [89952 2016-07-16] (Microsoft Corporation)
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [212480 2016-07-16] (Microsoft Corporation)
S3 irda; C:\Windows\system32\drivers\irda.sys [120320 2016-07-16] (Microsoft Corporation)
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [19456 2016-07-16] (Microsoft Corporation)
S0 isapnp; C:\Windows\System32\drivers\isapnp.sys [22880 2016-07-16] (Microsoft Corporation)
S3 iScsiPrt; C:\Windows\System32\drivers\msiscsi.sys [277344 2016-07-16] (Microsoft Corporation)
R3 kbdclass; C:\Windows\System32\drivers\kbdclass.sys [62304 2016-07-16] (Microsoft Corporation)
R3 kbdhid; C:\Windows\System32\drivers\kbdhid.sys [39424 2016-07-16] (Microsoft Corporation)
R3 kdnic; C:\Windows\System32\drivers\kdnic.sys [25088 2016-07-16] (Microsoft Corporation)
R3 Ke2200; C:\Windows\System32\drivers\e22w8x64.sys [130224 2014-03-27] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79752 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [182664 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\drivers\klhk.sys [237400 2016-08-16] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2016-08-18] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [992600 2016-08-16] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [51288 2016-04-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87984 2016-08-16] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [110424 2016-08-16] (AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [133472 2016-07-16] (Microsoft Corporation)
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [168800 2016-08-02] (Microsoft Corporation)
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [26112 2016-07-16] (Microsoft Corporation)
R2 lltdio; C:\Windows\System32\drivers\lltdio.sys [66048 2016-07-16] (Microsoft Corporation)
S0 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [108896 2016-07-16] (LSI Corporation)
S0 LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [105824 2016-07-16] (LSI Corporation)
S0 LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [101216 2016-07-16] (Avago Technologies)
S0 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [82776 2016-07-16] (LSI Corporation)
R2 luafv; C:\Windows\system32\drivers\luafv.sys [125952 2016-07-16] (Microsoft Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-18] (Malwarebytes)
S0 megasas; C:\Windows\System32\drivers\megasas.sys [59744 2016-07-16] (Avago Technologies)
S0 megasr; C:\Windows\System32\drivers\megasr.sys [575840 2016-07-16] (LSI Corporation, Inc.)
S3 mlx4_bus; C:\Windows\System32\drivers\mlx4_bus.sys [842584 2016-07-16] (Mellanox)
R2 MMCSS; C:\Windows\system32\drivers\mmcss.sys [48128 2016-07-16] (Microsoft Corporation)
S3 Modem; C:\Windows\System32\drivers\modem.sys [42496 2016-07-16] (Microsoft Corporation)
R3 monitor; C:\Windows\System32\drivers\monitor.sys [38400 2016-07-16] (Microsoft Corporation)
R3 mouclass; C:\Windows\System32\drivers\mouclass.sys [59232 2016-07-16] (Microsoft Corporation)
R3 mouhid; C:\Windows\System32\drivers\mouhid.sys [32256 2016-07-16] (Microsoft Corporation)
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [104800 2016-07-16] (Microsoft Corporation)
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [75776 2016-07-16] (Microsoft Corporation)
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [143872 2016-07-16] (Microsoft Corporation)
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [449376 2016-07-16] (Microsoft Corporation)
R2 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [282112 2016-07-16] (Microsoft Corporation)
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [224096 2016-07-16] (Microsoft Corporation)
S3 MsBridge; C:\Windows\System32\drivers\bridge.sys [114688 2016-07-16] (Microsoft Corporation)
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [31232 2016-07-16] (Microsoft Corporation)
S3 msgpiowin32; C:\Windows\System32\drivers\msgpiowin32.sys [50528 2016-07-16] (Microsoft Corporation)
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8704 2016-07-16] (Microsoft Corporation)
S3 mshidumdf; C:\Windows\System32\drivers\mshidumdf.sys [11776 2016-07-16] (Microsoft Corporation)
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [18784 2016-07-16] (Microsoft Corporation)
S3 MSKSSRV; C:\Windows\system32\DRIVERS\MSKSSRV.sys [27136 2016-07-16] (Microsoft Corporation)
R2 MsLldp; C:\Windows\System32\drivers\mslldp.sys [78336 2016-07-16] (Microsoft Corporation)
S3 MSPCLOCK; C:\Windows\system32\DRIVERS\MSPCLOCK.sys [10752 2016-07-16] (Microsoft Corporation)
S3 MSPQM; C:\Windows\system32\DRIVERS\MSPQM.sys [10752 2016-07-16] (Microsoft Corporation)
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [361312 2016-07-16] (Microsoft Corporation)
R1 mssmbios; C:\Windows\System32\drivers\mssmbios.sys [43360 2016-07-16] (Microsoft Corporation)
S3 MSTEE; C:\Windows\system32\DRIVERS\MSTEE.sys [12800 2016-07-16] (Microsoft Corporation)
S3 MTConfig; C:\Windows\System32\drivers\MTConfig.sys [15872 2016-07-16] (Microsoft Corporation)
R0 Mup; C:\Windows\System32\Drivers\mup.sys [126304 2016-07-16] (Microsoft Corporation)
S0 mvumis; C:\Windows\System32\drivers\mvumis.sys [63840 2016-07-16] (Marvell Semiconductor, Inc.)
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [533504 2016-07-16] (Microsoft Corporation)
S3 ndfltr; C:\Windows\System32\drivers\ndfltr.sys [108896 2016-07-16] (Mellanox)
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [1182048 2016-07-16] (Microsoft Corporation)
S3 NdisCap; C:\Windows\System32\drivers\ndiscap.sys [50176 2016-07-16] (Microsoft Corporation)
S3 NdisImPlatform; C:\Windows\System32\drivers\NdisImPlatform.sys [126464 2016-07-16] (Microsoft Corporation)
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [26112 2016-07-16] (Microsoft Corporation)
S3 Ndisuio; C:\Windows\System32\drivers\ndisuio.sys [63488 2016-07-16] (Microsoft Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [20480 2016-07-16] (Microsoft Corporation)
R3 NdisWan; C:\Windows\System32\drivers\ndiswan.sys [189440 2016-07-16] (Microsoft Corporation)
S3 ndiswanlegacy; C:\Windows\System32\DRIVERS\ndiswan.sys [189440 2016-07-16] (Microsoft Corporation)
R3 ndproxy; C:\Windows\System32\DRIVERS\NDProxy.sys [60928 2016-07-16] (Microsoft Corporation)
R2 Ndu; C:\Windows\System32\drivers\Ndu.sys [125440 2016-07-16] (Microsoft Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 NetBIOS; C:\Windows\System32\drivers\netbios.sys [57184 2016-07-16] (Microsoft Corporation)
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [279040 2016-07-16] (Microsoft Corporation)
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [68608 2016-07-16] (Microsoft Corporation)
R1 npsvctrig; C:\Windows\System32\drivers\npsvctrig.sys [26624 2016-07-16] (Microsoft Corporation)
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [41984 2016-07-16] (Microsoft Corporation)
R3 NTFS; C:\Windows\System32\Drivers\NTFS.sys [2257248 2016-07-16] (Microsoft Corporation)
R1 Null; C:\Windows\System32\Drivers\Null.sys [7168 2016-07-16] (Microsoft Corporation)
S0 nvraid; C:\Windows\System32\drivers\nvraid.sys [150368 2016-07-16] (NVIDIA Corporation)
S0 nvstor; C:\Windows\System32\drivers\nvstor.sys [166240 2016-07-16] (NVIDIA Corporation)
S3 Parport; C:\Windows\System32\drivers\parport.sys [96768 2016-07-16] (Microsoft Corporation)
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [128352 2016-07-16] (Microsoft Corporation)
R0 pci; C:\Windows\System32\drivers\pci.sys [336224 2016-07-16] (Microsoft Corporation)
R0 pciide; C:\Windows\System32\drivers\pciide.sys [16224 2016-07-16] (Microsoft Corporation)
S0 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [118112 2016-07-16] (Microsoft Corporation)
R0 pcw; C:\Windows\System32\drivers\pcw.sys [51552 2016-07-16] (Microsoft Corporation)
R0 pdc; C:\Windows\System32\drivers\pdc.sys [108384 2016-07-16] (Microsoft Corporation)
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [723968 2016-07-16] (Microsoft Corporation)
S0 percsas2i; C:\Windows\System32\drivers\percsas2i.sys [58720 2016-07-16] (Avago Technologies)
S0 percsas3i; C:\Windows\System32\drivers\percsas3i.sys [61792 2016-07-16] (Avago Technologies)
R3 PptpMiniport; C:\Windows\System32\drivers\raspptp.sys [96256 2016-07-16] (Microsoft Corporation)
S3 Processor; C:\Windows\System32\drivers\processr.sys [119808 2016-07-16] (Microsoft Corporation)
R1 Psched; C:\Windows\System32\drivers\pacer.sys [160608 2016-07-16] (Microsoft Corporation)
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [48640 2016-07-16] (Microsoft Corporation)
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [17408 2016-07-16] (Microsoft Corporation)
R3 RasAgileVpn; C:\Windows\System32\drivers\AgileVpn.sys [107520 2016-07-16] (Microsoft Corporation)
R3 Rasl2tp; C:\Windows\System32\drivers\rasl2tp.sys [104960 2016-07-16] (Microsoft Corporation)
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [81408 2016-07-16] (Microsoft Corporation)
R3 RasSstp; C:\Windows\System32\drivers\rassstp.sys [77824 2016-07-16] (Microsoft Corporation)
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [435040 2016-07-16] (Microsoft Corporation)
R3 rdpbus; C:\Windows\System32\drivers\rdpbus.sys [26112 2016-07-17] (Microsoft Corporation)
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [177152 2016-07-17] (Microsoft Corporation)
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [29536 2016-07-17] (Microsoft Corporation)
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [267104 2016-07-16] (Microsoft Corporation)
S3 ReFSv1; C:\Windows\System32\Drivers\ReFSv1.sys [928608 2016-07-16] (Microsoft Corporation)
R2 rspndr; C:\Windows\System32\drivers\rspndr.sys [81408 2016-07-16] (Microsoft Corporation)
S3 s3cap; C:\Windows\System32\drivers\vms3cap.sys [9216 2016-07-16] (Microsoft Corporation)
S0 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [110432 2016-07-16] (Microsoft Corporation)
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [43008 2016-07-16] (Microsoft Corporation)
S0 scmbus; C:\Windows\System32\drivers\scmbus.sys [88416 2016-07-16] (Microsoft Corporation)
S3 scmdisk0101; C:\Windows\System32\drivers\scmdisk0101.sys [123904 2016-07-16] (Microsoft Corporation)
S3 sdbus; C:\Windows\System32\drivers\sdbus.sys [279904 2016-07-16] (Microsoft Corporation)
S3 sdstor; C:\Windows\System32\drivers\sdstor.sys [95072 2016-07-16] (Microsoft Corporation)
S3 SerCx; C:\Windows\System32\drivers\SerCx.sys [74592 2016-07-16] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [151904 2016-07-16] (Microsoft Corporation)
R3 Serenum; C:\Windows\System32\drivers\serenum.sys [25088 2016-07-16] (Microsoft Corporation)
R3 Serial; C:\Windows\System32\drivers\serial.sys [83968 2016-07-16] (Microsoft Corporation)
S3 sermouse; C:\Windows\System32\drivers\sermouse.sys [27648 2016-07-16] (Microsoft Corporation)
S3 sfloppy; C:\Windows\System32\drivers\sfloppy.sys [18432 2016-07-16] (Microsoft Corporation)
S0 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44896 2016-07-16] (Silicon Integrated Systems Corp.)
S0 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81760 2016-07-16] (Silicon Integrated Systems)
R0 spaceport; C:\Windows\System32\drivers\spaceport.sys [544608 2016-07-16] (Microsoft Corporation)
S3 SpbCx; C:\Windows\System32\drivers\SpbCx.sys [79200 2016-07-16] (Microsoft Corporation)
R2 srv; C:\Windows\System32\DRIVERS\srv.sys [409088 2016-07-16] (Microsoft Corporation)
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [714240 2016-07-16] (Microsoft Corporation)
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [247808 2016-07-16] (Microsoft Corporation)
S0 stexstor; C:\Windows\System32\drivers\stexstor.sys [31072 2016-07-16] (Promise Technology, Inc.)
S0 storahci; C:\Windows\System32\drivers\storahci.sys [131424 2016-07-16] (Microsoft Corporation)
S0 storflt; C:\Windows\System32\drivers\vmstorfl.sys [46944 2016-07-16] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [82784 2016-07-16] (Microsoft Corporation)
R2 storqosflt; C:\Windows\System32\drivers\storqosflt.sys [78336 2016-07-16] (Microsoft Corporation)
S0 storufs; C:\Windows\System32\drivers\storufs.sys [32096 2016-07-16] (Microsoft Corporation)
S0 storvsc; C:\Windows\System32\drivers\storvsc.sys [36192 2016-07-16] (Microsoft Corporation)
R3 swenum; C:\Windows\System32\drivers\swenum.sys [17760 2016-07-16] (Microsoft Corporation)
S3 Synth3dVsc; C:\Windows\System32\drivers\Synth3dVsc.sys [64000 2016-07-16] (Microsoft Corporation)
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2538848 2016-07-16] (Microsoft Corporation)
S3 Tcpip6; C:\Windows\System32\drivers\tcpip.sys [2538848 2016-07-16] (Microsoft Corporation)
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [52224 2016-07-16] (Microsoft Corporation)
R1 tdx; C:\Windows\system32\DRIVERS\tdx.sys [118112 2016-07-16] (Microsoft Corporation)
S3 terminpt; C:\Windows\System32\drivers\terminpt.sys [38752 2016-07-17] (Microsoft Corporation)
S3 TPM; C:\Windows\System32\drivers\tpm.sys [220000 2016-07-16] (Microsoft Corporation)
S3 tsusbflt; C:\Windows\System32\drivers\TsUsbFlt.sys [61440 2016-07-16] (Microsoft Corporation)
S3 TsUsbGD; C:\Windows\System32\drivers\TsUsbGD.sys [34304 2016-07-16] (Microsoft Corporation)
R3 tunnel; C:\Windows\System32\drivers\tunnel.sys [158208 2016-07-16] (Microsoft Corporation)
S3 UASPStor; C:\Windows\System32\drivers\uaspstor.sys [77152 2016-07-16] (Microsoft Corporation)
S3 UcmCx0101; C:\Windows\System32\Drivers\UcmCx.sys [95744 2016-07-16] (Microsoft Corporation)
S3 UcmTcpciCx0101; C:\Windows\System32\Drivers\UcmTcpciCx.sys [108544 2016-07-16] (Microsoft Corporation)
S3 UcmUcsi; C:\Windows\System32\drivers\UcmUcsi.sys [50688 2016-07-16] (Microsoft Corporation)
R3 Ucx01000; C:\Windows\System32\drivers\ucx01000.sys [210272 2016-07-16] (Microsoft Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45568 2016-07-16] (Microsoft Corporation)
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [320000 2016-07-16] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [28512 2016-07-16] (Microsoft Corporation)*

moreply · 18.08.2016, 20:15

Teil 2

Code:

ATTFilter

S3 Ufx01000; C:\Windows\System32\drivers\ufx01000.sys [263008 2016-07-16] (Microsoft Corporation)
S3 UfxChipidea; C:\Windows\System32\drivers\UfxChipidea.sys [96608 2016-07-16] (Microsoft Corporation)
S3 ufxsynopsys; C:\Windows\System32\drivers\ufxsynopsys.sys [137056 2016-07-16] (Microsoft Corporation)
R3 umbus; C:\Windows\System32\drivers\umbus.sys [56832 2016-07-16] (Microsoft Corporation)
R3 UmPass; C:\Windows\System32\drivers\umpass.sys [13824 2016-07-16] (Microsoft Corporation)
S3 UrsChipidea; C:\Windows\System32\drivers\urschipidea.sys [28512 2016-07-16] (Microsoft Corporation)
S3 UrsCx01000; C:\Windows\System32\drivers\urscx01000.sys [57696 2016-07-16] (Microsoft Corporation)
S3 UrsSynopsys; C:\Windows\System32\drivers\urssynopsys.sys [27488 2016-07-16] (Microsoft Corporation)
R3 usbccgp; C:\Windows\System32\drivers\usbccgp.sys [169312 2016-07-16] (Microsoft Corporation)
S3 usbcir; C:\Windows\System32\drivers\usbcir.sys [102400 2016-07-16] (Microsoft Corporation)
R3 usbehci; C:\Windows\System32\drivers\usbehci.sys [96096 2016-07-16] (Microsoft Corporation)
R3 usbfilter; C:\Windows\system32\DRIVERS\usbfilter.sys [61464 2016-07-30] (Advanced Micro Devices)
R3 usbhub; C:\Windows\System32\drivers\usbhub.sys [501088 2016-07-16] (Microsoft Corporation)
R3 USBHUB3; C:\Windows\System32\drivers\UsbHub3.sys [535904 2016-07-16] (Microsoft Corporation)
R3 usbohci; C:\Windows\System32\drivers\usbohci.sys [30208 2016-07-16] (Microsoft Corporation)
S3 usbprint; C:\Windows\System32\drivers\usbprint.sys [27648 2016-07-16] (Microsoft Corporation)
S3 usbser; C:\Windows\System32\drivers\usbser.sys [69120 2016-07-16] (Microsoft Corporation)
S3 USBSTOR; C:\Windows\System32\drivers\USBSTOR.SYS [129888 2016-07-16] (Microsoft Corporation)
S3 usbuhci; C:\Windows\System32\drivers\usbuhci.sys [35328 2016-07-16] (Microsoft Corporation)
R3 USBXHCI; C:\Windows\System32\drivers\USBXHCI.SYS [381792 2016-07-16] (Microsoft Corporation)
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [53088 2016-07-16] (Microsoft Corporation)
S3 VerifierExt; C:\Windows\System32\drivers\VerifierExt.sys [201056 2016-07-16] (Microsoft Corporation)
S3 vhdmp; C:\Windows\System32\drivers\vhdmp.sys [714080 2016-07-16] (Microsoft Corporation)
S3 vhf; C:\Windows\System32\drivers\vhf.sys [32256 2016-07-16] (Microsoft Corporation)
S0 vmbus; C:\Windows\System32\drivers\vmbus.sys [104288 2016-07-16] (Microsoft Corporation)
S3 VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [25088 2016-07-16] (Microsoft Corporation)
S3 vmgid; C:\Windows\System32\drivers\vmgid.sys [10240 2016-07-16] (Microsoft Corporation)
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [80224 2016-07-16] (Microsoft Corporation)
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [367456 2016-07-16] (Microsoft Corporation)
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [391520 2016-07-16] (Microsoft Corporation)
R0 volume; C:\Windows\System32\drivers\volume.sys [16224 2016-07-16] (Microsoft Corporation)
S3 vpci; C:\Windows\System32\drivers\vpci.sys [74080 2016-07-16] (Microsoft Corporation)
S0 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [166752 2016-07-16] (VIA Technologies Inc.,Ltd)
S0 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [305504 2016-07-16] (VIA Corporation)
S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [26624 2016-07-16] (Microsoft Corporation)
R1 vwififlt; C:\Windows\System32\drivers\vwififlt.sys [73216 2016-07-16] (Microsoft Corporation)
S3 WacomPen; C:\Windows\System32\drivers\wacompen.sys [30208 2016-07-16] (Microsoft Corporation)
R2 wanarp; C:\Windows\System32\DRIVERS\wanarp.sys [79872 2016-07-16] (Microsoft Corporation)
S3 wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [79872 2016-07-16] (Microsoft Corporation)
R2 wcifs; C:\Windows\system32\drivers\wcifs.sys [119648 2016-07-16] (Microsoft Corporation)
R2 wcnfs; C:\Windows\system32\drivers\wcnfs.sys [66560 2016-07-16] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [26880 2015-11-12] (Western Digital Technologies, Inc.)
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [861296 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdiwifi; C:\Windows\System32\DRIVERS\wdiwifi.sys [719360 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R0 WFPLWFS; C:\Windows\System32\drivers\wfplwfs.sys [156000 2016-07-16] (Microsoft Corporation)
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [35680 2016-07-16] (Microsoft Corporation)
R0 WindowsTrustedRT; C:\Windows\System32\drivers\WindowsTrustedRT.sys [107032 2016-07-16] (Microsoft Corporation)
R0 WindowsTrustedRTProxy; C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [17944 2016-07-16] (Microsoft Corporation)
S3 WinMad; C:\Windows\System32\drivers\winmad.sys [32096 2016-07-16] (Mellanox)
S3 WINUSB; C:\Windows\System32\drivers\WinUSB.SYS [89088 2016-07-16] (Microsoft Corporation)
S3 WinVerbs; C:\Windows\System32\drivers\winverbs.sys [64864 2016-07-16] (Mellanox)
R3 WmiAcpi; C:\Windows\System32\drivers\wmiacpi.sys [18432 2016-07-16] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [198496 2016-07-16] (Microsoft Corporation)
S3 WpdUpFltr; C:\Windows\System32\drivers\WpdUpFltr.sys [30560 2016-07-16] (Microsoft Corporation)
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [22528 2016-07-16] (Microsoft Corporation)
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [99328 2016-07-16] (Microsoft Corporation)
S3 WUDFRd; C:\Windows\System32\drivers\WudfRd.sys [216064 2016-07-16] (Microsoft Corporation)
S3 WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
S3 xboxgip; C:\Windows\System32\drivers\xboxgip.sys [258560 2016-07-16] (Microsoft Corporation)
S3 xinputhid; C:\Windows\System32\drivers\xinputhid.sys [43520 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

NETSVC: shpamsvc -> C:\Windows\system32\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
NETSVC: wisvc -> C:\Windows\system32\flightsettings.dll (Microsoft Corporation)
NETSVC: WpnService -> C:\Windows\system32\WpnService.dll (Microsoft Corporation)

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-18 20:23 - 2016-08-18 20:24 - 00073082 _____ C:\Users\Luca Rauch\Desktop\FRST.txt
2016-08-18 13:43 - 2016-08-18 13:43 - 00000028 _____ C:\WINDOWS\OutLog.txt
2016-08-18 07:29 - 2016-08-18 07:29 - 00001557 _____ C:\Users\Luca Rauch\Desktop\MalwareBytes.txt
2016-08-18 06:28 - 2016-08-18 06:38 - 02394624 _____ (Farbar) C:\Users\Luca Rauch\Desktop\FRST64.exe
2016-08-18 06:17 - 2016-08-18 06:17 - 00218324 _____ C:\Users\Luca Rauch\Desktop\cc_20160818_061654.reg
2016-08-18 05:22 - 2016-08-18 05:22 - 00000000 _____ C:\SophosBootTasks.txt
2016-08-18 05:20 - 2016-08-18 05:20 - 00000000 ____D C:\ProgramData\Sophos
2016-08-18 05:20 - 2016-08-18 05:20 - 00000000 ____D C:\Program Files (x86)\Sophos
2016-08-18 05:12 - 2016-08-18 05:12 - 00002340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-18 05:12 - 2016-08-18 05:12 - 00002328 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-18 01:42 - 2016-08-18 01:42 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\Amazon_FireTV_Utility_App
2016-08-18 01:42 - 2016-08-18 01:42 - 00000000 ____D C:\Users\Luca Rauch\.android
2016-08-18 01:40 - 2016-08-18 20:23 - 00000000 ____D C:\FRST
2016-08-17 21:05 - 2016-08-17 21:05 - 00000000 ____D C:\Users\Luca Rauch\AppData\LocalLow\Temp
2016-08-17 21:02 - 2016-08-17 21:02 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\HP
2016-08-16 23:10 - 2016-08-16 23:10 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\WinRAR
2016-08-16 23:09 - 2016-08-18 00:37 - 00000000 ____D C:\Program Files\WinRAR
2016-08-16 02:14 - 2016-08-18 06:21 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\CrashDumps
2016-08-16 02:08 - 2016-08-16 02:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2016-08-16 01:01 - 2016-08-16 01:01 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Trimble Connect for SketchUp
2016-08-16 00:57 - 2016-08-16 00:57 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\SketchUp
2016-08-16 00:57 - 2016-08-16 00:57 - 00000000 ____D C:\ProgramData\SketchUp
2016-08-16 00:57 - 2016-08-16 00:57 - 00000000 ____D C:\ProgramData\Reprise
2016-08-16 00:49 - 2016-08-16 00:49 - 00000000 ___RD C:\Users\Luca Rauch\3D Objects
2016-08-14 21:18 - 2016-08-14 21:39 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\FileZilla
2016-08-14 19:12 - 2016-08-14 19:12 - 00000000 ____D C:\Users\Luca Rauch\Desktop\procon_1.5.1.1
2016-08-13 17:33 - 2016-08-18 00:20 - 00000000 ____D C:\WINDOWS\Panther
2016-08-12 19:17 - 2016-08-13 17:54 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\.minecraft
2016-08-12 19:17 - 2016-08-13 17:37 - 00000000 ____D C:\Users\Luca Rauch\.oracle_jre_usage
2016-08-12 19:17 - 2016-08-12 19:17 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Sun
2016-08-12 19:17 - 2016-08-12 19:17 - 00000000 ____D C:\Users\Luca Rauch\AppData\LocalLow\Sun
2016-08-12 19:14 - 2016-08-12 19:17 - 00000000 ____D C:\ProgramData\Oracle
2016-08-12 17:33 - 2016-08-12 17:33 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\java
2016-08-11 18:22 - 2016-08-11 18:22 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Macromedia
2016-08-11 17:46 - 2016-08-11 17:46 - 09311368 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2016-08-11 17:46 - 2016-08-11 17:46 - 00149984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2016-08-11 17:45 - 2016-08-11 17:45 - 10285472 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2016-08-11 17:45 - 2016-08-11 17:45 - 09110856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2016-08-11 17:45 - 2016-08-11 17:45 - 08864688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2016-08-11 17:45 - 2016-08-11 17:45 - 08653760 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2016-08-11 17:45 - 2016-08-11 17:45 - 07234888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2016-08-11 17:45 - 2016-08-11 17:45 - 01273072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-08-11 17:45 - 2016-08-11 17:45 - 00161432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2016-08-11 17:45 - 2016-08-11 17:45 - 00134448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2016-08-11 17:45 - 2016-08-11 17:45 - 00120376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-08-11 17:45 - 2016-08-11 17:45 - 00102672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-08-11 17:44 - 2016-08-11 17:44 - 00475632 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-08-11 17:44 - 2016-08-11 17:44 - 00260744 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-08-11 17:44 - 2016-08-11 17:44 - 00156248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-08-11 17:44 - 2016-08-11 17:44 - 00151696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2016-08-11 17:44 - 2016-08-11 17:44 - 00135920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-08-11 17:44 - 2016-08-11 17:44 - 00127120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2016-08-11 17:44 - 2016-08-11 17:44 - 00122504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2016-08-11 17:44 - 2016-08-11 17:44 - 00102672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-08-11 17:44 - 2016-08-11 17:44 - 00101520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-08-11 17:43 - 2016-08-11 17:43 - 26633872 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2016-08-11 17:43 - 2016-08-11 17:43 - 00342160 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2016-08-11 17:43 - 2016-08-11 17:43 - 00284304 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-08-11 17:43 - 2016-08-11 17:43 - 00279696 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2016-08-11 17:43 - 2016-08-11 17:43 - 00267920 _____ C:\WINDOWS\system32\GameManager64.dll
2016-08-11 17:43 - 2016-08-11 17:43 - 00262288 _____ C:\WINDOWS\system32\clinfo.exe
2016-08-11 17:43 - 2016-08-11 17:43 - 00233104 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-08-11 17:43 - 2016-08-11 17:43 - 00226448 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-08-11 17:43 - 2016-08-11 17:43 - 00129160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-08-11 17:43 - 2016-08-11 17:43 - 00110736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-08-11 17:43 - 2016-08-11 17:43 - 00103056 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-08-11 17:43 - 2016-08-11 17:43 - 00060560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2016-08-11 17:43 - 2016-08-11 17:43 - 00013456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2016-08-11 17:43 - 2016-08-11 17:43 - 00013456 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 15721104 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 14312080 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 08828560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 07085712 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 02139792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 01829520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 01321104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 00987280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 00513680 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-08-11 17:42 - 2016-08-11 17:42 - 00451728 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 00394896 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-08-11 17:42 - 2016-08-11 17:42 - 00279184 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2016-08-11 17:42 - 2016-08-11 17:42 - 00223368 _____ C:\WINDOWS\system32\atieah64.exe
2016-08-11 17:42 - 2016-08-11 17:42 - 00201360 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-08-11 17:42 - 2016-08-11 17:42 - 00194704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 00115856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 00071824 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 00061584 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 00058512 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 00052880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2016-08-11 17:41 - 2016-08-11 17:41 - 48811664 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2016-08-11 17:41 - 2016-08-11 17:41 - 27481232 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2016-08-11 17:41 - 2016-08-11 17:41 - 08620176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2016-08-11 17:41 - 2016-08-11 17:41 - 02370704 _____ C:\WINDOWS\system32\amdoclvp9lib64.dll
2016-08-11 17:41 - 2016-08-11 17:41 - 02281096 _____ C:\WINDOWS\SysWOW64\amdoclvp9lib32.dll
2016-08-11 17:41 - 2016-08-11 17:41 - 00075920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2016-08-11 17:41 - 2016-08-11 17:41 - 00060048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2016-08-11 17:41 - 2016-08-11 17:41 - 00059536 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2016-08-11 17:41 - 2016-08-11 17:41 - 00047760 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2016-08-11 17:40 - 2016-08-11 17:40 - 06947984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2016-08-11 17:40 - 2016-08-11 17:40 - 00743568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-08-11 17:40 - 2016-08-11 17:40 - 00619152 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-08-11 17:40 - 2016-08-11 17:40 - 00314392 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdacpksd.sys
2016-08-11 17:40 - 2016-08-11 17:40 - 00241296 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-08-11 17:40 - 2016-08-11 17:40 - 00214160 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-08-11 17:40 - 2016-08-11 17:40 - 00193680 _____ C:\WINDOWS\system32\amdhdl64.dll
2016-08-11 17:40 - 2016-08-11 17:40 - 00173712 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2016-08-11 17:40 - 2016-08-11 17:40 - 00105616 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-08-11 17:40 - 2016-08-11 17:40 - 00096400 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-08-11 17:38 - 2016-08-11 17:38 - 07045344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2016-08-11 17:38 - 2016-08-11 17:38 - 00120376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-08-11 17:37 - 2016-08-11 17:37 - 32550032 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2016-08-11 17:37 - 2016-08-11 17:37 - 00100496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2016-08-11 17:37 - 2016-08-11 17:37 - 00100496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2016-08-11 17:37 - 2016-08-11 17:37 - 00065168 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2016-08-11 06:29 - 2016-08-11 06:29 - 00732056 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2016-08-11 06:29 - 2016-08-11 06:29 - 00732056 _____ C:\WINDOWS\system32\atiapfxx.blb
2016-08-11 06:24 - 2016-08-11 06:24 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2016-08-11 06:19 - 2016-08-11 06:19 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2016-08-10 17:20 - 2016-08-02 10:48 - 22219328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 17:20 - 2016-08-02 10:44 - 00151232 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-10 17:20 - 2016-08-02 10:44 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-08-10 17:20 - 2016-08-02 10:20 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-10 17:20 - 2016-08-02 09:58 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 17:20 - 2016-08-02 09:55 - 03617280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 17:20 - 2016-08-02 06:51 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 17:20 - 2016-08-02 06:37 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-08-10 17:20 - 2016-08-02 06:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-10 17:20 - 2016-08-02 06:27 - 07623168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-10 17:20 - 2016-08-02 06:25 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-08-10 17:20 - 2016-08-02 06:25 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 17:20 - 2016-08-02 06:23 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-08-10 17:20 - 2016-08-02 06:13 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-10 17:20 - 2016-08-02 06:09 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-10 17:19 - 2016-08-02 10:58 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 17:19 - 2016-08-02 10:53 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 17:19 - 2016-08-02 10:52 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 17:19 - 2016-08-02 10:48 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-10 17:19 - 2016-08-02 10:23 - 22572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-10 17:19 - 2016-08-02 10:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-08-10 17:19 - 2016-08-02 10:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-08-10 17:19 - 2016-08-02 10:20 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-10 17:19 - 2016-08-02 10:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-08-10 17:19 - 2016-08-02 10:15 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-10 17:19 - 2016-08-02 10:14 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-08-10 17:19 - 2016-08-02 10:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 17:19 - 2016-08-02 10:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-08-10 17:19 - 2016-08-02 10:11 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-10 17:19 - 2016-08-02 10:11 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-10 17:19 - 2016-08-02 10:10 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-10 17:19 - 2016-08-02 10:09 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-10 17:19 - 2016-08-02 10:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 17:19 - 2016-08-02 10:07 - 09125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-10 17:19 - 2016-08-02 10:03 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-08-10 17:19 - 2016-08-02 10:00 - 05511168 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-10 17:19 - 2016-08-02 09:59 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 17:19 - 2016-08-02 09:57 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 17:19 - 2016-08-02 09:56 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-08-10 17:19 - 2016-08-02 09:56 - 01785856 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 17:19 - 2016-08-02 09:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-10 17:19 - 2016-08-02 09:55 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-10 17:19 - 2016-08-02 09:52 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-10 17:19 - 2016-08-02 06:56 - 02251440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 17:19 - 2016-08-02 06:47 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-08-10 17:19 - 2016-08-02 06:39 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-08-10 17:19 - 2016-08-02 06:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-08-10 17:19 - 2016-08-02 06:36 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-08-10 17:19 - 2016-08-02 06:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-08-10 17:19 - 2016-08-02 06:28 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-10 17:19 - 2016-08-02 06:26 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 17:19 - 2016-08-02 06:26 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-08-10 17:19 - 2016-08-02 06:16 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 17:19 - 2016-08-02 06:13 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 17:19 - 2016-08-02 06:12 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-08-10 12:32 - 2016-08-10 12:32 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 12:32 - 2016-08-10 12:32 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-10 12:32 - 2016-08-10 12:32 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-10 12:32 - 2016-08-10 12:32 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-10 12:32 - 2016-08-10 12:32 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-08-10 12:32 - 2016-08-10 12:32 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-08-10 12:32 - 2016-08-10 12:32 - 01260384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-08-10 12:32 - 2016-08-10 12:32 - 00843104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-08-10 12:32 - 2016-08-10 12:32 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-10 12:32 - 2016-08-10 12:32 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 12:32 - 2016-08-10 12:32 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 12:32 - 2016-08-10 12:32 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-10 12:32 - 2016-08-10 12:32 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-10 12:32 - 2016-08-10 12:32 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 12:32 - 2016-08-10 12:32 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-10 12:31 - 2016-08-10 12:31 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-10 12:30 - 2016-08-10 12:30 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-08-10 12:30 - 2016-08-10 12:30 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-10 12:30 - 2016-08-10 12:30 - 00000000 ____D C:\Program Files\MSBuild
2016-08-10 12:30 - 2016-08-10 12:30 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-10 12:30 - 2016-08-10 12:30 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-10 12:29 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-10 12:29 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-10 12:29 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-10 12:29 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-08-10 12:29 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-10 12:29 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-08-10 11:48 - 2016-08-10 11:48 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-10 11:47 - 2016-08-10 11:47 - 00000000 ____D C:\ProgramData\USOShared
2016-08-10 11:46 - 2016-08-10 12:56 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\ConnectedDevicesPlatform
2016-08-10 11:46 - 2016-08-10 11:46 - 00000020 ___SH C:\Users\Luca Rauch\ntuser.ini
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-08-10 11:45 - 2016-08-10 11:45 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-08-10 11:45 - 2016-08-10 11:45 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-08-10 11:43 - 2016-08-18 13:57 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-10 11:43 - 2016-08-16 02:13 - 00004296 _____ C:\WINDOWS\System32\Tasks\AMD Updater
2016-08-10 11:43 - 2016-08-10 11:43 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-10 11:43 - 2016-08-10 11:43 - 00003646 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-10 11:43 - 2016-08-10 11:43 - 00003422 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-10 11:43 - 2016-08-10 11:43 - 00003324 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A1EE2406-B607-47D7-846C-0F7A042C8007}
2016-08-10 11:41 - 2016-08-10 11:41 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-10 11:40 - 2016-08-10 11:41 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-08-10 11:37 - 2016-08-18 13:57 - 00000000 ____D C:\Users\Luca Rauch
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\Vorlagen
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\Startmenü
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\Netzwerkumgebung
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\Lokale Einstellungen
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\Eigene Dateien
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\Druckumgebung
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\Documents\Eigene Videos
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\Documents\Eigene Musik
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\Documents\Eigene Bilder
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\AppData\Local\Verlauf
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\AppData\Local\Anwendungsdaten
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\Anwendungsdaten
2016-08-10 11:37 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-10 11:36 - 2016-08-10 11:36 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-08-10 11:36 - 2016-08-10 11:36 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-08-10 11:36 - 2016-08-10 11:36 - 00000000 ____D C:\Program Files\Realtek
2016-08-10 11:35 - 2016-08-18 20:10 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-10 11:35 - 2016-08-18 13:57 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-08-10 11:35 - 2016-08-16 02:11 - 00000000 ____D C:\Program Files\AMD
2016-08-10 11:35 - 2016-08-13 17:34 - 00197800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-10 11:35 - 2016-08-10 11:35 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-10 11:35 - 2016-08-10 11:35 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-08-05 21:20 - 2016-08-10 11:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-08-05 21:20 - 2016-08-05 21:20 - 00002275 _____ C:\Users\Public\Desktop\Sicherer Zahlungsverkehr.lnk
2016-08-05 21:20 - 2016-08-05 21:20 - 00002213 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2016-08-05 21:20 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2016-08-05 21:19 - 2016-08-18 19:38 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-08-05 21:19 - 2016-08-16 11:45 - 00992600 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2016-08-05 21:19 - 2016-08-16 11:45 - 00237400 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2016-08-05 21:19 - 2016-08-05 21:19 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-08-05 21:19 - 2015-12-11 17:31 - 00182664 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2016-08-05 21:17 - 2016-08-05 21:17 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-08-05 16:26 - 2016-08-18 13:58 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-05 16:25 - 2016-08-05 16:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-03 00:07 - 2016-08-03 00:07 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2016-08-03 00:06 - 2016-08-10 11:41 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2016-08-03 00:06 - 2016-08-03 00:15 - 00000000 ____D C:\Program Files\Image-Line
2016-08-03 00:06 - 2016-08-03 00:06 - 00000000 ____D C:\Users\Luca Rauch\Documents\Image-Line
2016-08-03 00:06 - 2016-08-03 00:06 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Image-Line
2016-08-03 00:06 - 2016-08-03 00:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2016-08-02 23:50 - 2016-08-03 00:15 - 00000000 ____D C:\Program Files (x86)\Image-Line
2016-08-02 00:12 - 2016-08-02 00:12 - 00000000 ____D C:\Users\Luca Rauch\.fontconfig
2016-08-02 00:11 - 2016-08-10 11:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Converter 16
2016-08-02 00:11 - 2016-08-02 00:12 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\Movavi
2016-08-02 00:11 - 2016-08-02 00:11 - 00000820 _____ C:\Users\Public\Desktop\Movavi Video Converter 16.lnk
2016-08-02 00:11 - 2016-08-02 00:11 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\converter
2016-08-02 00:11 - 2016-08-02 00:11 - 00000000 ____D C:\ProgramData\Movavi
2016-08-02 00:10 - 2016-08-02 00:10 - 00000016 _____ C:\ProgramData\mntemp
2016-08-02 00:10 - 2016-08-02 00:10 - 00000000 ____D C:\ProgramData\Movavi Video Converter 16
2016-08-01 09:21 - 2016-08-01 09:21 - 00892015 _____ C:\WINDOWS\system32\amdicdxx.dat
2016-07-30 23:04 - 2016-07-30 23:04 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-07-30 23:04 - 2016-06-23 20:22 - 00264992 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-07-30 23:04 - 2016-06-23 20:21 - 00257824 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-07-30 23:04 - 2016-06-23 20:21 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-07-30 23:04 - 2016-06-23 20:20 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-07-30 22:53 - 2016-08-10 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Killer Networking
2016-07-30 22:53 - 2016-07-30 22:55 - 00000000 ____D C:\ProgramData\Killer
2016-07-30 22:53 - 2016-07-30 22:53 - 00002801 _____ C:\Users\Public\Desktop\Killer Network Manager.lnk
2016-07-30 22:53 - 2016-07-30 22:53 - 00000000 ____D C:\Program Files\Killer Networking
2016-07-30 22:48 - 2016-07-30 22:44 - 00061464 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\usbfilter.sys
2016-07-30 14:50 - 2016-07-30 14:17 - 00000600 _____ C:\Users\Luca Rauch\AppData\Local\PUTTY.RND
2016-07-28 13:37 - 2016-07-28 13:37 - 00123400 _____ (Advanced Micro Devices) C:\WINDOWS\system32\DelayAPO.dll
2016-07-26 20:09 - 2016-07-26 20:11 - 00000000 ____D C:\Users\Luca Rauch\Documents\STAR WARS Battlefront
2016-07-26 16:43 - 2016-07-26 16:43 - 00000977 _____ C:\Users\Public\Desktop\STAR WARS Battlefront.lnk
2016-07-25 22:56 - 2016-08-11 17:46 - 00181064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2016-07-25 22:56 - 2016-07-25 22:56 - 00180432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SETF87B.tmp
2016-07-25 22:55 - 2016-08-11 17:45 - 01548000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-07-25 22:55 - 2016-08-11 17:44 - 00152096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-07-25 22:55 - 2016-08-11 17:38 - 10970120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2016-07-25 22:55 - 2016-07-25 22:55 - 10967952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SETD40C.tmp
2016-07-25 22:55 - 2016-07-25 22:55 - 01546848 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SETF8DD.tmp
2016-07-25 22:55 - 2016-07-25 22:55 - 00151456 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\SETF506.tmp
2016-07-25 22:54 - 2016-08-11 17:44 - 00135408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-07-25 22:54 - 2016-07-25 22:54 - 00134776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SETF528.tmp
2016-07-25 22:53 - 2016-08-11 17:43 - 00875152 _____ (AMD) C:\WINDOWS\system32\coinst_16.30.dll
2016-07-25 22:53 - 2016-07-25 22:53 - 00874520 _____ (AMD) C:\WINDOWS\system32\SETEAE.tmp
2016-07-25 22:52 - 2016-08-11 17:43 - 26719376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2016-07-25 22:52 - 2016-08-11 17:43 - 00510096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2016-07-25 22:52 - 2016-08-11 17:42 - 00168592 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2016-07-25 22:52 - 2016-07-25 22:52 - 26717720 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\SETBBE7.tmp
2016-07-25 22:52 - 2016-07-25 22:52 - 00509464 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\SETF5A9.tmp
2016-07-25 22:52 - 2016-07-25 22:52 - 00167952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SETB0D.tmp
2016-07-25 22:51 - 2016-08-11 17:42 - 00987280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-07-25 22:51 - 2016-07-25 22:51 - 00985104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\SETD76D.tmp
2016-07-25 22:50 - 2016-08-11 17:41 - 38258832 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2016-07-25 22:50 - 2016-08-11 17:41 - 21633168 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2016-07-25 22:50 - 2016-07-25 22:50 - 38257680 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\SETA7A.tmp
2016-07-25 22:50 - 2016-07-25 22:50 - 21632528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\SETF336.tmp
2016-07-25 18:26 - 2016-07-25 18:26 - 00000001 _____ C:\Users\Luca Rauch\AppData\Local\llftool.4.40.agreement
2016-07-25 16:26 - 2016-07-25 16:26 - 00000724 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2016-07-25 13:40 - 2016-07-25 13:40 - 00149008 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2016-07-25 13:40 - 2016-07-25 13:40 - 00138832 _____ C:\WINDOWS\system32\samu_krnl_isv_ci.sbin
2016-07-25 13:40 - 2016-07-25 13:40 - 00117808 _____ C:\WINDOWS\system32\kapp_ci.sbin
2016-07-25 13:40 - 2016-07-25 13:40 - 00112336 _____ C:\WINDOWS\system32\kapp_si.sbin
2016-07-25 13:39 - 2016-07-25 13:39 - 00737410 _____ C:\WINDOWS\system32\atiicdxx.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00368672 _____ C:\WINDOWS\system32\ativvaxy_el_nd.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00322996 _____ C:\WINDOWS\system32\ativvaxy_vi.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00322736 _____ C:\WINDOWS\system32\ativvaxy_vi_nd.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00270912 _____ C:\WINDOWS\system32\ativvaxy_stn_nd.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00266816 _____ C:\WINDOWS\system32\ativvaxy_cz_nd.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00260980 _____ C:\WINDOWS\system32\ativvaxy_FJ.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00260720 _____ C:\WINDOWS\system32\ativvaxy_FJ_nd.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00234292 _____ C:\WINDOWS\system32\ativvaxy_cik.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00234032 _____ C:\WINDOWS\system32\ativvaxy_cik_nd.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00177280 _____ C:\WINDOWS\system32\ativce03.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00157144 _____ C:\WINDOWS\system32\ativvsva.dat
2016-07-25 13:39 - 2016-07-25 13:39 - 00100816 _____ C:\WINDOWS\system32\ativce02.dat
2016-07-25 13:37 - 2016-07-25 13:37 - 00175584 _____ C:\WINDOWS\system32\amde31a.dat
2016-07-25 13:37 - 2016-07-25 13:37 - 00166624 _____ C:\WINDOWS\system32\amde34b.dat
2016-07-25 13:37 - 2016-07-25 13:37 - 00166624 _____ C:\WINDOWS\system32\amde34a.dat
2016-07-25 13:37 - 2016-07-25 13:37 - 00016827 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2016-07-25 13:37 - 2016-07-25 13:37 - 00000144 _____ C:\WINDOWS\SysWOW64\amd-vulkan32.json
2016-07-25 13:37 - 2016-07-25 13:37 - 00000144 _____ C:\WINDOWS\system32\amd-vulkan64.json
2016-07-24 19:35 - 2016-07-24 19:48 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\Micro-Star_Int'l_Co.,_Ltd
2016-07-24 18:58 - 2016-07-24 18:59 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2016-07-24 15:03 - 2016-07-25 00:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-07-24 15:03 - 2016-07-24 15:03 - 00000000 ____D C:\Program Files\DIFX
2016-07-23 19:44 - 2016-07-23 19:52 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\Plex Media Server
2016-07-23 19:28 - 2016-08-16 14:11 - 00001014 _____ C:\Users\Luca Rauch\Desktop\Filme und Serien.txt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-18 20:23 - 2016-04-09 14:40 - 00000000 ____D C:\Program Files (x86)\Netease
2016-08-18 20:13 - 2016-04-09 13:00 - 00000000 ____D C:\ProgramData\Origin
2016-08-18 19:08 - 2016-04-09 13:13 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Spotify
2016-08-18 14:03 - 2016-07-17 00:51 - 00668568 _____ C:\WINDOWS\system32\perfh007.dat
2016-08-18 14:03 - 2016-07-17 00:51 - 00137660 _____ C:\WINDOWS\system32\perfc007.dat
2016-08-18 14:03 - 2016-02-25 16:47 - 01787270 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-18 13:58 - 2016-04-09 13:13 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\Spotify
2016-08-18 13:57 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-08-18 13:57 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-08-18 11:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-18 06:24 - 2016-05-14 15:12 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\ElevatedDiagnostics
2016-08-18 04:55 - 2016-04-09 12:38 - 00000000 ____D C:\Program Files (x86)\Google
2016-08-18 04:42 - 2016-05-14 21:56 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-08-18 01:11 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-18 00:21 - 2016-04-09 15:11 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-17 23:54 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-17 21:07 - 2016-02-13 19:36 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\Packages
2016-08-17 11:46 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-17 05:20 - 2016-05-14 21:56 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2016-08-16 11:45 - 2015-12-03 11:12 - 00110424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2016-08-16 11:45 - 2015-10-06 22:30 - 00087984 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwfp.sys
2016-08-16 02:46 - 2016-04-09 12:59 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\AMD
2016-08-16 02:10 - 2016-04-09 13:01 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\PlaysTV
2016-08-16 02:09 - 2016-04-09 12:59 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Raptr
2016-08-16 02:06 - 2016-04-09 12:41 - 00000000 ____D C:\AMD
2016-08-13 19:38 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-08-13 17:30 - 2016-04-09 12:37 - 00000000 ____D C:\Program Files (x86)\AMD
2016-08-13 01:57 - 2016-05-14 22:33 - 00348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2016-08-12 18:49 - 2016-02-13 19:36 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\VirtualStore
2016-08-12 04:44 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-11 17:53 - 2016-02-13 19:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-11 17:52 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-11 17:52 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-08-11 17:52 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-08-11 17:52 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-08-11 17:52 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-08-11 17:52 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-08-11 17:52 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-11 17:52 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-08-11 04:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-10 13:32 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-08-10 12:34 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-10 12:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-08-10 12:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-08-10 12:25 - 2016-05-16 20:24 - 00000000 ____D C:\Users\Luca Rauch\Documents\Battlefield 4
2016-08-10 11:48 - 2016-02-13 19:38 - 00002439 _____ C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-10 11:48 - 2016-02-13 19:38 - 00000000 ___RD C:\Users\Luca Rauch\OneDrive
2016-08-10 11:47 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-10 11:46 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-08-10 11:45 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-10 11:45 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-08-10 11:45 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-10 11:43 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-10 11:41 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-10 11:41 - 2016-05-16 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2016-08-10 11:41 - 2016-05-16 20:01 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nadim Kobeissi
2016-08-10 11:41 - 2016-05-14 21:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2016-08-10 11:41 - 2016-04-10 15:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
2016-08-10 11:41 - 2016-04-10 15:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.8
2016-08-10 11:41 - 2016-04-09 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-10 11:41 - 2016-04-09 14:35 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2016-08-10 11:41 - 2016-04-09 14:34 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2016-08-10 11:41 - 2016-04-09 13:09 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2016-08-10 11:41 - 2016-04-09 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskCryptor
2016-08-10 11:41 - 2016-04-09 13:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2016-08-10 11:41 - 2016-04-09 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-08-10 11:41 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2016-08-10 11:40 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-08-10 11:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-10 11:40 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-10 11:40 - 2016-04-10 11:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2016-08-10 11:40 - 2016-04-09 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT
2016-08-10 11:40 - 2016-04-09 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2016-08-10 11:40 - 2016-04-09 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-08-10 11:37 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-10 11:36 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-10 11:36 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-08-10 11:06 - 2016-04-09 12:39 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-10 10:58 - 2016-04-09 12:39 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-10 01:43 - 2016-04-09 12:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 01:39 - 2016-04-09 12:51 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-09 23:23 - 2016-04-09 16:34 - 00000046 _____ C:\WINDOWS\SysWOW64\DonationCoder_urlsnooper_InstallInfo.dat
2016-08-01 18:30 - 2016-04-09 15:09 - 00000000 ____D C:\Program Files\Rockstar Games
2016-08-01 18:30 - 2016-04-09 15:09 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-08-01 18:25 - 2016-04-10 10:09 - 00000978 _____ C:\Users\Luca Rauch\Desktop\GTA V.lnk
2016-07-30 22:51 - 2016-02-25 16:48 - 00000000 ____D C:\ProgramData\Downloaded Installations
2016-07-30 22:51 - 2016-02-25 16:48 - 00000000 _____ C:\Users\Luca Rauch\AppData\Local\Driver_LOM_8161Present.flag
2016-07-30 22:47 - 2016-04-09 12:37 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2016-07-28 13:37 - 2016-05-11 00:41 - 00118848 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdWT6.sys
2016-07-27 21:25 - 2016-04-09 12:53 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-26 12:37 - 2016-04-09 14:40 - 00001254 _____ C:\Users\Public\Desktop\Musik Download.lnk
2016-07-25 18:37 - 2016-04-09 14:32 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\MediaFire Desktop
2016-07-25 18:37 - 2016-04-09 14:32 - 00000000 ____D C:\Program Files (x86)\MediaFire Desktop
2016-07-25 16:25 - 2015-10-30 09:17 - 00006656 _____ C:\WINDOWS\system32\lpcio.dll
2016-07-24 18:59 - 2016-04-09 14:34 - 00001159 _____ C:\Users\Luca Rauch\Desktop\MSI Afterburner.lnk
2016-07-24 11:54 - 2016-04-09 14:44 - 00000000 ___RD C:\Users\Luca Rauch\Documents\MediaFire
2016-07-23 20:09 - 2016-04-09 12:41 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-23 19:02 - 2016-04-09 13:00 - 00000000 ____D C:\Program Files (x86)\Origin

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-02-25 16:48 - 2016-07-30 22:51 - 0000000 _____ () C:\Users\Luca Rauch\AppData\Local\Driver_LOM_8161Present.flag
2016-07-25 18:26 - 2016-07-25 18:26 - 0000001 _____ () C:\Users\Luca Rauch\AppData\Local\llftool.4.40.agreement
2016-07-30 14:50 - 2016-07-30 14:17 - 0000600 _____ () C:\Users\Luca Rauch\AppData\Local\PUTTY.RND
2016-04-09 23:57 - 2016-04-09 23:57 - 0005520 _____ () C:\Users\Luca Rauch\AppData\Local\recently-used.xbel
2016-08-10 11:36 - 2016-08-10 11:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-02 00:10 - 2016-08-02 00:10 - 0000016 _____ () C:\ProgramData\mntemp

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-08-10 11:34

==================== Ende von FRST.txt ============================

Addition.txt

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-08-2016
durchgeführt von Luca Rauch (18-08-2016 20:24:31)
Gestartet von C:\Users\Luca Rauch\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-10 09:46:22)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3002617405-3168553486-2606252797-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3002617405-3168553486-2606252797-503 - Limited - Disabled)
Gast (S-1-5-21-3002617405-3168553486-2606252797-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3002617405-3168553486-2606252797-1006 - Limited - Enabled)
Luca Rauch (S-1-5-21-3002617405-3168553486-2606252797-1001 - Administrator - Enabled) => C:\Users\Luca Rauch

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.0.3.1025 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Catalyst Control Center Next Localization BR (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.29 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Cryptocat (HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\...\Cryptocat) (Version: 3.1.24 - Nadim Kobeissi)
DiskCryptor 1.1 (HKLM\...\DiskCryptor_is1) (Version: 1.1 - hxxp://diskcryptor.net/)
EaseUS Partition Master 10.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden
Killer Bandwidth Control Filter Driver (Version: 1.1.52.1451 - Rivet Networks) Hidden
Killer E220x Drivers (Version: 1.1.52.1451 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.52.1451 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{55237225-2063-4B7D-81DF-5096D6696109}) (Version: 1.1.52.1451 - Qualcomm Atheros)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Movavi Video Converter 16 (HKLM-x32\...\Movavi Video Converter 16) (Version: 16.2.0 - Movavi)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Origin (HKLM-x32\...\Origin) (Version: 9.11.6.18139 - Electronic Arts, Inc.)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.13.1-r115223-release - Plays.tv, LLC)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.5-r115042-release - Raptr, Inc)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
ROCCAT Kone Pure Mouse Driver (HKLM-x32\...\{4905245D-56E7-4176-BE68-962728B803D6}) (Version:  - Roccat GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
Spotify (HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\...\Spotify) (Version: 1.0.34.146.g28f9eda2 - Spotify AB)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.5.56688 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0-3) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.17.0 (Version: 1.0.17.0 - LunarG, Inc.) Hidden
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3002617405-3168553486-2606252797-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Luca Rauch\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0285996A-780C-48DB-98C5-2BCA8CCD73CE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-09] (Google Inc.)
Task: {03896D04-23AB-4F74-A27D-B1B71EE41E2C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2016-07-16] (Microsoft Corporation)
Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {184784E2-6ACB-4154-BD0F-A955BE13F177} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {5BE91AA6-4313-4E4B-9C09-33DBE53D8152} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
Task: {6232090F-3BD0-4E1F-960B-78CBA797F685} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {6B1AE720-1359-4B9E-9C0F-60167361EF01} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {6E8AE752-C5D2-4B34-B351-338B4370A342} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {7AC5E1E2-2FD3-40CD-8842-88CE53A3609C} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {9851188E-AC07-4F36-BA28-6D00BB2C9C46} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2016-07-16] (Microsoft Corporation)
Task: {B4F19D60-375C-4637-9FD7-6478D6946F82} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-09] (Google Inc.)
Task: {B6EA9EC4-D38C-4459-B30D-748D9CD570AA} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-08-11] (Advanced Micro Devices, Inc.)
Task: {B6EE76B2-4F82-4E15-9345-C867A29CBAD0} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2016-07-16] (Microsoft Corporation)
Task: {CC636E49-0109-402B-A40B-A37C29069A95} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {CD19BC8A-E9FE-49ED-92A5-0E1194F69F00} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
Task: {D394BE25-2E16-45D4-AAB2-3E8861A09351} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {D3C4106A-D511-42C6-9716-465644534C87} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)
Task: {D941F53F-7907-4FBE-B1E7-69EBD5B3A5D8} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {EA9BAA00-6604-4A27-8A73-AFA65F0EE1B3} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {ECEDC57D-8965-4EB1-BD6F-84791D928E23} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-16 22:30 - 2016-05-16 22:30 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-07-23 17:29 - 2016-05-06 18:41 - 00235008 _____ () C:\Users\Luca Rauch\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayError.dll
2016-07-23 17:29 - 2016-05-06 18:41 - 00235008 _____ () C:\Users\Luca Rauch\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySynced.dll
2016-07-23 17:29 - 2016-05-06 18:41 - 00235008 _____ () C:\Users\Luca Rauch\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayReadOnly.dll
2016-07-23 17:29 - 2016-05-06 18:41 - 00235008 _____ () C:\Users\Luca Rauch\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayLock.dll
2016-07-23 17:29 - 2016-05-06 18:41 - 00235008 _____ () C:\Users\Luca Rauch\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySyncing.dll
2016-08-10 11:48 - 2016-08-10 11:48 - 00959168 _____ () C:\Users\Luca Rauch\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-08-10 17:19 - 2016-08-02 10:15 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-08-10 17:19 - 2016-08-02 10:15 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-07-17 01:00 - 2016-07-17 01:00 - 03790336 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1605.1582.0_x64__8wekyb3d8bbwe\Calculator.exe
2016-07-17 01:00 - 2016-07-17 01:00 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1605.1582.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-08-10 17:20 - 2016-08-02 10:01 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-08-10 17:20 - 2016-08-02 09:53 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-10 17:20 - 2016-08-02 09:53 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-08-10 17:20 - 2016-08-02 09:54 - 01033728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-08-10 17:20 - 2016-08-02 09:54 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-08-10 17:20 - 2016-08-02 09:56 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-10 17:20 - 2016-08-02 09:52 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2015-12-22 02:47 - 2015-12-22 02:47 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\kpcengine.2.3.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 22:57 - 2015-12-07 22:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2016-04-09 13:13 - 2016-08-04 15:48 - 52042352 _____ () C:\Users\Luca Rauch\AppData\Roaming\Spotify\libcef.dll
2016-04-09 18:15 - 2012-06-23 14:54 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\hiddriver.dll
2016-05-14 14:47 - 2016-07-23 19:02 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2016-04-09 13:02 - 2016-07-23 19:01 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2016-04-09 13:02 - 2016-07-23 19:01 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2016-04-09 13:02 - 2016-07-23 19:01 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2016-04-09 13:02 - 2016-07-23 19:01 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2016-04-09 13:02 - 2016-07-23 19:01 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2016-04-09 13:02 - 2016-07-23 19:01 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2016-04-09 13:03 - 2016-07-23 19:01 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2016-04-09 13:03 - 2016-07-23 19:01 - 00243200 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SophosVirusRemovalTool => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SophosVirusRemovalTool => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\Software\Classes\regfile: regedit.exe "%1" <===== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 09:24 - 2015-10-30 09:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Luca Rauch\Pictures\Camera Roll\New-York-Wallpaper-Background-5.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\...\StartupApproved\Run: => "cloudmusic"
HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\...\StartupApproved\Run: => "Steam"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [UDP Query User{65C489D6-4286-4A05-A84F-6D3749875585}E:\programme\origin games\star wars battlefront\starwarsbattlefronttrial.exe] => (Allow) E:\programme\origin games\star wars battlefront\starwarsbattlefronttrial.exe
FirewallRules: [TCP Query User{6DF80F22-6573-406F-A2E1-A7DFE9A01571}E:\programme\origin games\star wars battlefront\starwarsbattlefronttrial.exe] => (Allow) E:\programme\origin games\star wars battlefront\starwarsbattlefronttrial.exe
FirewallRules: [{33D7F8E5-7153-41E8-AFAA-AE0DA59C9F9B}] => (Allow) LPort=82
FirewallRules: [{66503E7F-3B7A-4BBC-A87C-9D1121B213EF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{37BC57D3-4E2F-42E7-837F-187855427D17}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E0346DDE-4591-4FCB-8883-785DE4699309}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{137BF7F9-C9D9-4E3D-9CC4-B892C33D0990}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [UDP Query User{C99F0C66-3CD5-46A8-8392-6049CE83EFBB}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{7CB30102-71C7-421F-9083-B7DF4BE43401}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{C9104DF2-FC5A-4BE7-AC96-0B457762C2D8}C:\users\luca rauch\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\luca rauch\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{8D7FC28D-4DF7-423C-8DE8-AB8683B1AC98}C:\users\luca rauch\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\luca rauch\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D2166DF0-3D8B-4F6D-9DE2-54EFBA700A60}] => (Allow) E:\Programme\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{4B165B13-C54B-47DD-91EA-A28D8AEAC89A}] => (Allow) E:\Programme\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{2D204D5A-77E2-44FD-8B9F-49AC8A5BFF33}] => (Allow) LPort=5000
FirewallRules: [{F3EDC8ED-7C6C-4F98-A22D-906BAA88566C}] => (Allow) LPort=64094
FirewallRules: [{3CAE594D-2157-42A0-A416-DCA6D5EB07C1}] => (Allow) E:\Programme\GTA5.exe
FirewallRules: [{F5C1BBD3-7C36-4544-812A-D8E2AF808C95}] => (Allow) E:\Programme\GTA5.exe
FirewallRules: [{D7AFEE2B-C6FD-4820-AE9B-0E9BB71659AF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E57AE8E7-1C9E-4704-A929-AD5EF5F69903}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{11833B8A-2A6E-4A57-A189-36869810551A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6A7DE008-82E7-4C09-9C39-FD5741E2B6B9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{C1036373-1824-4C91-9885-BAFA0ECA2ACC}C:\users\luca rauch\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\luca rauch\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{28034C94-7EBF-43BF-9D77-48E9D99998DE}C:\users\luca rauch\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\luca rauch\appdata\roaming\spotify\spotify.exe
FirewallRules: [{BC23B959-0CB2-4964-9751-BC3E35BF64B3}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{9AAA4E3D-7E86-4EC5-9713-9A01102F400C}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{CA0084C4-8AE0-4720-9A6F-51683DA861A3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{D7747F3C-4D79-4D53-98D5-2385EBE01ABE}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{1F0BF939-2F28-491E-BEB2-6F951393190B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{EBCF2256-9233-4B90-BE20-0A0EABCEE8CF}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{B8D96DB6-24E2-4A04-ABEA-AB30D7D61EC5}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{65DC7EF8-E04E-479F-9EC1-7FBAC98A6912}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{5CF6B187-C842-4296-8565-C7A5A6C44E5B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{165390F1-8F6B-4ACA-A533-786505FEDB8D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{8A971062-BFCD-42A8-AB7C-29F1E2F19169}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{50AE06CA-F9D4-46D5-8CE0-FD70704B247C}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{CFC36A81-A8A6-4188-A892-325F2CEAA967}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/18/2016 01:58:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_74bc87d3d22d9abe.manifest.

Error: (08/18/2016 09:10:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LUCA-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/18/2016 07:44:01 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_74bc87d3d22d9abe.manifest.

Error: (08/18/2016 05:35:37 AM) (Source: MsiInstaller) (EventID: 11606) (User: LUCA-PC)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.

Error: (08/18/2016 05:35:19 AM) (Source: MsiInstaller) (EventID: 11606) (User: LUCA-PC)
Description: Product: Sophos Virus Removal Tool -- Error 1606.Could not access network location data.

Error: (08/18/2016 05:07:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 52.0.2743.116, Zeitstempel: 0x57a12717
Name des fehlerhaften Moduls: apphelp.dll, Version: 10.0.14393.0, Zeitstempel: 0x578999e1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003685b
ID des fehlerhaften Prozesses: 0x26b8
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (08/18/2016 04:59:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 52.0.2743.116, Zeitstempel: 0x57a12717
Name des fehlerhaften Moduls: apphelp.dll, Version: 10.0.14393.0, Zeitstempel: 0x578999e1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003685b
ID des fehlerhaften Prozesses: 0x804
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (08/18/2016 04:57:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 52.0.2743.116, Zeitstempel: 0x57a12717
Name des fehlerhaften Moduls: apphelp.dll, Version: 10.0.14393.0, Zeitstempel: 0x578999e1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003685b
ID des fehlerhaften Prozesses: 0x2f38
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (08/18/2016 04:53:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 52.0.2743.116, Zeitstempel: 0x57a12717
Name des fehlerhaften Moduls: apphelp.dll, Version: 10.0.14393.0, Zeitstempel: 0x578999e1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003685b
ID des fehlerhaften Prozesses: 0x19d0
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (08/18/2016 04:51:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 52.0.2743.116, Zeitstempel: 0x57a12717
Name des fehlerhaften Moduls: apphelp.dll, Version: 10.0.14393.0, Zeitstempel: 0x578999e1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003685b
ID des fehlerhaften Prozesses: 0x21c4
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5


Systemfehler:
=============
Error: (08/18/2016 01:57:57 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/18/2016 10:00:37 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/18/2016 09:11:50 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/18/2016 09:10:42 AM) (Source: DCOM) (EventID: 10010) (User: LUCA-PC)
Description: App.AppXryc2qd338f5728r9gzzazav8206ba77s.mca

Error: (08/18/2016 05:19:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/18/2016 05:11:39 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/18/2016 05:10:02 AM) (Source: DCOM) (EventID: 10010) (User: LUCA-PC)
Description: {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D}

Error: (08/18/2016 05:10:02 AM) (Source: DCOM) (EventID: 10010) (User: LUCA-PC)
Description: {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D}

Error: (08/18/2016 05:09:44 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/18/2016 05:08:53 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Modules Installer konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.


==================== Speicherinformationen =========================== 

Prozessor: AMD FX(tm)-6300 Six-Core Processor 
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 12179.36 MB
Verfügbarer physikalischer RAM: 8309.02 MB
Summe virtueller Speicher: 14611.36 MB
Verfügbarer virtueller Speicher: 10371.16 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:109.41 GB) (Free:12.15 GB) NTFS
Drive e: (HDD-2(NO MBR)) (Fixed) (Total:416.49 GB) (Free:261.08 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 109.9 GB) (Disk ID: AFEE18F5)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=109.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1F52CC16)
Partition 1: (Not Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=416.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Ende von Addition.txt ============================

moreply · 18.08.2016, 20:16

Shortcut.txt

Code:

ATTFilter

Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 17-08-2016
durchgeführt von Luca Rauch (18-08-2016 20:25:01)
Gestartet von C:\Users\Luca Rauch\Desktop
Start-Modus: Normal

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)





Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\01 - File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\03 - Documents.lnk -> C:\Users\Luca Rauch\Documents ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\04 - Downloads.lnk -> C:\Users\Luca Rauch\Downloads ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\05 - Music.lnk -> C:\Users\Luca Rauch\Music ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\06 - Pictures.lnk -> C:\Users\Luca Rauch\Pictures ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\07 - Videos.lnk -> C:\Users\Luca Rauch\Videos ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\08 - Homegroup.lnk -> Microsoft.Windows.Homegroup
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\09 - Network.lnk -> Microsoft.Windows.Network
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\10 - UserProfile.lnk -> C:\Users\Luca Rauch ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.8.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk -> C:\Windows\MiracastView\MiracastView.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk -> C:\Windows\PrintDialog\PrintDialog.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Grand Theft Auto V\Grand Theft Auto V.lnk -> E:\Programme\PlayGTAV.exe (Rockstar Games)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin Fehlermelder.lnk -> C:\Program Files (x86)\Origin\OriginER.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Converter 16\Movavi Video Converter 16 deinstallieren.lnk -> E:\Programme\Movavi Video Converter 16\uninst.exe (Movavi)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Converter 16\Movavi Video Converter 16.lnk -> E:\Programme\Movavi Video Converter 16\converter.exe (Movavi)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Converter 16\Movavi Video Converter-Homepage.lnk -> E:\Programme\Movavi Video Converter 16\Movavi Video Converter 16.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Killer Networking\Network Manager\Killer Diagnostics.lnk -> C:\Program Files\Killer Networking\Network Manager\KillerDiagnose\KillerDiagnose.exe (Microsoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Killer Networking\Network Manager\Killer Network Manager.lnk -> C:\Windows\Installer\{7978C294-4939-484C-8D7E-B721C4B6F7A9}\NetworkManager.exe_57A52662FCCD47C9AAA02E5E7FCEFD5C.exe (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Hilfe für Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\Doc\de-DE\kis\context.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avpui.exe (AO Kaspersky Lab)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Kaspersky Lab im Internet.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\kl.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Lizenzvertrag.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\Doc\de\license.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer\Uninstall Win32DiskImager.lnk -> E:\Programme\ImageWriter\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer\Win32DiskImager.lnk -> E:\Programme\ImageWriter\Win32DiskImager.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.8\EaseUS Partition Master 10.8 entfernen.lnk -> E:\Programme\EaseUS Partition Master 10.8\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.8\EaseUS Partition Master 10.8.lnk -> E:\Programme\EaseUS Partition Master 10.8\bin\EPMStartLoader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskCryptor\DiskCryptor.lnk -> C:\Program Files\dcrypt\dcrypt.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskCryptor\License.lnk -> C:\Program Files\dcrypt\license.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskCryptor\Uninstall DiskCryptor.lnk -> C:\Program Files\dcrypt\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\HWMonitor.lnk -> E:\Programme\HWMonitor\HWMonitor.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\HWMonitor\Uninstall HWMonitor.lnk -> E:\Programme\HWMonitor\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Edit CPU-Z Config File.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.ini ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\CPU-Z\Uninstall CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Battlefield 4 Endbenutzer-Lizenzvertrag.lnk -> C:\Program Files (x86)\Origin Games\Battlefield 4\Support\eula\de_DE_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Battlefield 4.lnk -> C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe (EA Digital Illusions CE AB)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Kundendienst.lnk -> C:\Program Files (x86)\Origin Games\Battlefield 4\Support\EA Help\Kundendienst.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Battlefield 3.lnk -> E:\Programme\Origin Games\Battlefield 3\bf3.exe (EA Digital Illusions CE AB)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\EA-EULA.lnk -> E:\Programme\Origin Games\Battlefield 3\Support\eula\de_DE_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Kundendienst.lnk -> E:\Programme\Origin Games\Battlefield 3\Support\EA Help\Electronic_Arts_Technical_Support.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3\Readme.lnk -> E:\Programme\Origin Games\Battlefield 3\Support\readme\readme.de.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam\Bandicam.lnk -> C:\Program Files (x86)\Bandicam\bdcam.exe (www.Bandisoft.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam\BandiFix.lnk -> C:\Program Files (x86)\Bandicam\bdfix.exe (Bandisoft.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings\AMD Radeon Settings.lnk -> C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Advanced Micro Devices, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved\AMD Gaming Evolved.lnk -> C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe (Raptr, Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved\PlaysTV.lnk -> C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe (Plays.tv, LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft® Windows® Operating System)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-304
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\Links\Desktop.lnk -> C:\Users\Luca Rauch\Desktop ()
Shortcut: C:\Users\Luca Rauch\Links\Downloads.lnk -> C:\Users\Luca Rauch\Downloads ()
Shortcut: C:\Users\Luca Rauch\Desktop\DiskCryptor.lnk -> C:\Program Files\dcrypt\dcrypt.exe ()
Shortcut: C:\Users\Luca Rauch\Desktop\GTA V.lnk -> E:\Programme\GTAVLauncher.exe (Rockstar Games)
Shortcut: C:\Users\Luca Rauch\Desktop\MSI Afterburner.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ()
Shortcut: C:\Users\Luca Rauch\Desktop\Spotify.lnk -> C:\Users\Luca Rauch\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\Luca Rauch\Desktop\TechPowerUp GPU-Z.lnk -> C:\Program Files (x86)\GPU-Z\GPU-Z.exe (techPowerUp (www.techpowerup.com))
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Luca Rauch\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Users\Luca Rauch\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Z.lnk -> Z:\ (Keine Datei)
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z\TechPowerUp GPU-Z.lnk -> C:\Program Files (x86)\GPU-Z\GPU-Z.exe (techPowerUp (www.techpowerup.com))
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z\Uninstall.lnk -> C:\Program Files (x86)\GPU-Z\uninstall.exe ()
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-304
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\ReadMe.lnk -> E:\RivaTuner Statistics Server\Doc\ReadMe.pdf ()
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\RivaTuner Statistics Server.lnk -> E:\RivaTuner Statistics Server\RTSS.exe ()
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\Uninstall.lnk -> E:\RivaTuner Statistics Server\Uninstall.exe ()
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\RivaTuner Statistics Server localization reference.lnk -> E:\RivaTuner Statistics Server\SDK\Doc\Localization reference.pdf ()
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\RivaTuner Statistics Server skin format reference.lnk -> E:\RivaTuner Statistics Server\SDK\Doc\USF skin format reference.pdf ()
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server\SDK\Samples.lnk -> E:\RivaTuner Statistics Server\SDK\Samples ()
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\MSI Afterburner.lnk -> C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ()
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\ReadMe.lnk -> C:\Program Files (x86)\MSI Afterburner\Doc\ReadMe.pdf ()
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\Uninstall.lnk -> C:\Program Files (x86)\MSI Afterburner\Uninstall.exe ()
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\MSI Afterburner localization reference.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Doc\Localization reference.pdf ()
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\MSI Afterburner skin format reference.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Doc\USF skin format reference.pdf ()
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner\SDK\Samples.lnk -> C:\Program Files (x86)\MSI Afterburner\SDK\Samples ()
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\More....lnk -> C:\Program Files (x86)\Image-Line\Shared\Start ()
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\CPUID CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.exe (CPUID)
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\MSI Afterburner.lnk -> E:\MSI Afterburner\MSIAfterburner.exe ()
Shortcut: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TechPowerUp GPU-Z.lnk -> C:\Program Files (x86)\GPU-Z\GPU-Z.exe (techPowerUp (www.techpowerup.com))
Shortcut: C:\Users\Luca Rauch\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Luca Rauch\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Luca Rauch\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Luca Rauch\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Bandicam.lnk -> C:\Program Files (x86)\Bandicam\bdcam.exe (www.Bandisoft.com)
Shortcut: C:\Users\Public\Desktop\Battlefield 3.lnk -> E:\Programme\Origin Games\Battlefield 3\bf3.exe (EA Digital Illusions CE AB)
Shortcut: C:\Users\Public\Desktop\Battlefield 4.lnk -> C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe (EA Digital Illusions CE AB)
Shortcut: C:\Users\Public\Desktop\CPUID CPU-Z.lnk -> C:\Program Files\CPUID\CPU-Z\cpuz.exe (CPUID)
Shortcut: C:\Users\Public\Desktop\CPUID HWMonitor.lnk -> E:\Programme\HWMonitor\HWMonitor.exe (CPUID)
Shortcut: C:\Users\Public\Desktop\EaseUS Partition Master 10.8.lnk -> E:\Programme\EaseUS Partition Master 10.8\bin\EPMStartLoader.exe ()
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Kaspersky Internet Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avpui.exe (AO Kaspersky Lab)
Shortcut: C:\Users\Public\Desktop\Killer Network Manager.lnk -> C:\Windows\Installer\{7978C294-4939-484C-8D7E-B721C4B6F7A9}\NetworkManager.exe_E38B8113745D486384C281C6EE6C49DB.exe (Flexera Software LLC)
Shortcut: C:\Users\Public\Desktop\Movavi Video Converter 16.lnk -> E:\Programme\Movavi Video Converter 16\converter.exe (Movavi)
Shortcut: C:\Users\Public\Desktop\Musik Download.lnk -> C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe (Keine Datei)
Shortcut: C:\Users\Public\Desktop\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\Users\Public\Desktop\Raptr.lnk -> C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe (Raptr, Inc)
Shortcut: C:\Users\Public\Desktop\STAR WARS Battlefront.lnk -> E:\Programme\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe (Electronic Arts)
Shortcut: C:\Users\Public\Desktop\Steam.lnk -> C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Public\Desktop\Win32DiskImager.lnk -> E:\Programme\ImageWriter\Win32DiskImager.exe ()




ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks) -> -minimize
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games\Grand Theft Auto V\GTA Online.lnk -> E:\Programme\PlayGTAV.exe (Rockstar Games) -> -StraightIntoFreemode
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT\Kone Pure Mouse\Kone Pure Driver.lnk -> C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe (ROCCAT GmbH) -> 1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT\Kone Pure Mouse\Uninstall Driver.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{4905245D-56E7-4176-BE68-962728B803D6}\Setup.exe"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security\Kaspersky Internet Security entfernen.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i{F575F386-57EF-4943-B003-A13F13B05EEB} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Luca Rauch\Desktop\Cryptocat.lnk -> C:\Users\Luca Rauch\AppData\Local\Cryptocat\Update.exe () -> --processStart Cryptocat.exe
ShortcutWithArgument: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults
ShortcutWithArgument: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices
ShortcutWithArgument: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nadim Kobeissi\Cryptocat.lnk -> C:\Users\Luca Rauch\AppData\Local\Cryptocat\Update.exe () -> --processStart Cryptocat.exe
ShortcutWithArgument: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Luca Rauch\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Luca Rauch\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Luca Rauch\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Luca Rauch\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Luca Rauch\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Luca Rauch\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Luca Rauch\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Luca Rauch\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Luca Rauch\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /0
ShortcutWithArgument: C:\Users\Luca Rauch\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Public\Desktop\Sicherer Zahlungsverkehr.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avpui.exe (AO Kaspersky Lab) -> -safebanking


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam Support Center.url -> URL: hxxp://support.steampowered.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer\Win32DiskImager on the Web.url -> URL: hxxp://win32diskimager.sourceforge.net
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.8\Besuchen EaseUS im Internet.url -> URL: hxxp://de.easeus.com/partition-manager/index.html
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.8\EaseUS Partition Master 10.8 Help.url -> URL: hxxp://de.easeus.com/tutorial/partition-master-free-user-guide.html
InternetURL: C:\Users\Luca Rauch\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142

==================== Ende von Shortcut.txt =============================

Deathkid535 · 26.08.2016, 09:28

Mein Name ist Dennis und ich werde dir bei der Bereinigung helfen.

Bitte beachte, dass es ein paar Regeln gibt:

Bitte lies meine Posts komplett durch bevor du sie abarbeitest
Wenn ein Problem auftauchen sollte, unterbreche deine Arbeit, poste die entstandenen Logs und schildere dieses so genau wie möglich.
Bitte kein Crossposting
Installiere oder Deinstalliere keine Software ohne Aufforderung
Bitte verwende nur die Tools welche hier im Thread erwähnt werden
Antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen

Sollte ich nicht innerhalb von 48h antworten, schreibe mir eine PM!

Posten in CODE-Tags

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Los gehts!

Also grundsätzlich waren das einfach nur 2 Adwaredateien die kein Mensch braucht. Ich seh jetzt auch nicht wirklich was auf dem Rechner, aber wir machen einen Scan mit AdwCleaner.

Schritt # 1: AdwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt # 2: FRST

Bitte noch ein frisches FRST-Log.

Schritt # 3: Bitte Posten

Das Log von AdwCleaner
Das frische FRST-Log

moreply · 26.08.2016, 10:57

Danke das mich übernimmst

:

Adware Cleaner hat 19 Dateien gefunden 2 davon waren Registrierungsschlüssel.

Log:

Code:

ATTFilter

# AdwCleaner v6.010 - Bericht erstellt am 26/08/2016 um 11:44:57
# Aktualisiert am 12/08/2016 von ToolsLib
# Datenbank : 2016-08-25.1 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Luca Rauch - LUCA-PC
# Gestartet von : C:\Users\Luca Rauch\Desktop\AdwCleaner_6.010.exe
# Modus: Löschen
# Unterstützung : https://toolslib.net/forum



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\Software\OCS
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\OCS


***** [ Browser ] *****

[-] [websearch.ask.com] [Search Provider] Gelöscht: websearch.ask.com
[-] [search.sweetim.com] [Search Provider] Gelöscht: search.sweetim.com
[-] [qone8] [Search Provider] Gelöscht: qone8
[-] [search.softonic.com] [Search Provider] Gelöscht: search.softonic.com
[-] [search.babylon.com] [Search Provider] Gelöscht: search.babylon.com
[-] [search-results.com] [Search Provider] Gelöscht: search-results.com
[-] [start.funmoods.com] [Search Provider] Gelöscht: start.funmoods.com
[-] [delta-search.com] [Search Provider] Gelöscht: delta-search.com
[-] [dts.search-results.com] [Search Provider] Gelöscht: dts.search-results.com
[-] [search.chatzum.com] [Search Provider] Gelöscht: search.chatzum.com
[-] [search.mywebsearch.com] [Search Provider] Gelöscht: search.mywebsearch.com
[-] [mystart.incredibar.com] [Search Provider] Gelöscht: mystart.incredibar.com
[-] [mysearchdial.com] [Search Provider] Gelöscht: mysearchdial.com
[-] [isearch.avg.com] [Search Provider] Gelöscht: isearch.avg.com
[-] [dts.search.ask.com] [Search Provider] Gelöscht: dts.search.ask.com
[-] [ask.com] [Search Provider] Gelöscht: ask.com
[-] [sweet-page] [Search Provider] Gelöscht: sweet-page


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2274 Bytes] - [26/08/2016 11:44:57]
C:\AdwCleaner\AdwCleaner[S0].txt - [3352 Bytes] - [26/08/2016 11:44:02]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2420 Bytes] ##########

Addition.txt

Code:

ATTFilter

usätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
durchgeführt von Luca Rauch (26-08-2016 11:55:14)
Gestartet von C:\Users\Luca Rauch\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-10 09:46:22)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3002617405-3168553486-2606252797-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3002617405-3168553486-2606252797-503 - Limited - Disabled)
Gast (S-1-5-21-3002617405-3168553486-2606252797-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3002617405-3168553486-2606252797-1006 - Limited - Enabled)
Luca Rauch (S-1-5-21-3002617405-3168553486-2606252797-1001 - Administrator - Enabled) => C:\Users\Luca Rauch

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.0.3.1025 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Catalyst Control Center Next Localization BR (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform)
CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.29 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
CrystalDiskMark 5.1.2 (HKLM\...\CrystalDiskMark5_is1) (Version: 5.1.2 - Crystal Dew World)
DiskCryptor 1.1 (HKLM\...\DiskCryptor_is1) (Version: 1.1 - hxxp://diskcryptor.net/)
EaseUS Partition Master 10.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden
Killer Bandwidth Control Filter Driver (Version: 1.1.52.1451 - Rivet Networks) Hidden
Killer E220x Drivers (Version: 1.1.52.1451 - Rivet Networks) Hidden
Killer Network Manager (Version: 1.1.52.1451 - Rivet Networks) Hidden
Killer Performance Suite (HKLM-x32\...\{55237225-2063-4B7D-81DF-5096D6696109}) (Version: 1.1.52.1451 - Qualcomm Atheros)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Movavi Video Converter 16 (HKLM-x32\...\Movavi Video Converter 16) (Version: 16.2.0 - Movavi)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Origin (HKLM-x32\...\Origin) (Version: 9.11.6.18139 - Electronic Arts, Inc.)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.13.1-r115223-release - Plays.tv, LLC)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.5-r115042-release - Raptr, Inc)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
ROCCAT Kone Pure Mouse Driver (HKLM-x32\...\{4905245D-56E7-4176-BE68-962728B803D6}) (Version:  - Roccat GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
Spotify (HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\...\Spotify) (Version: 1.0.36.124.g1cba1920 - Spotify AB)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.5.56688 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0-3) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.17.0 (Version: 1.0.17.0 - LunarG, Inc.) Hidden
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3002617405-3168553486-2606252797-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Luca Rauch\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0285996A-780C-48DB-98C5-2BCA8CCD73CE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-09] (Google Inc.)
Task: {3B9CA007-B67C-4EE9-9FC1-3EDCD78E0390} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-05] (Piriform Ltd)
Task: {B4F19D60-375C-4637-9FD7-6478D6946F82} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-09] (Google Inc.)
Task: {B6EA9EC4-D38C-4459-B30D-748D9CD570AA} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-08-11] (Advanced Micro Devices, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-16 22:30 - 2016-05-16 22:30 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-07-23 17:29 - 2016-05-06 18:41 - 00235008 _____ () C:\Users\Luca Rauch\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayError.dll
2016-07-23 17:29 - 2016-05-06 18:41 - 00235008 _____ () C:\Users\Luca Rauch\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySynced.dll
2016-07-23 17:29 - 2016-05-06 18:41 - 00235008 _____ () C:\Users\Luca Rauch\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayReadOnly.dll
2016-07-23 17:29 - 2016-05-06 18:41 - 00235008 _____ () C:\Users\Luca Rauch\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayLock.dll
2016-07-23 17:29 - 2016-05-06 18:41 - 00235008 _____ () C:\Users\Luca Rauch\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySyncing.dll
2016-08-10 11:48 - 2016-08-10 11:48 - 00959168 _____ () C:\Users\Luca Rauch\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-08-24 08:53 - 2016-08-06 05:43 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-08-24 08:54 - 2016-08-06 05:28 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-08-24 08:54 - 2016-08-06 05:21 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-24 08:54 - 2016-08-06 05:21 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-08-24 08:54 - 2016-08-06 05:21 - 01033728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-08-24 08:54 - 2016-08-06 05:23 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-08-24 08:54 - 2016-08-06 05:23 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-01-06 18:41 - 2016-01-06 18:41 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll
2016-08-24 08:54 - 2016-08-06 05:20 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2015-12-22 02:47 - 2015-12-22 02:47 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\kpcengine.2.3.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 22:57 - 2015-12-07 22:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2016-05-14 14:47 - 2016-07-23 19:02 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2016-04-09 13:02 - 2016-07-23 19:01 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2016-04-09 13:02 - 2016-07-23 19:01 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2016-04-09 13:02 - 2016-07-23 19:01 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2016-04-09 13:02 - 2016-07-23 19:01 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2016-04-09 13:02 - 2016-07-23 19:01 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2016-04-09 13:02 - 2016-07-23 19:01 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2016-04-09 13:03 - 2016-07-23 19:01 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2016-04-09 13:13 - 2016-08-24 05:20 - 51330160 _____ () C:\Users\Luca Rauch\AppData\Roaming\Spotify\libcef.dll
2016-04-09 18:15 - 2012-06-23 14:54 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\hiddriver.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SophosVirusRemovalTool => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SophosVirusRemovalTool => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\Software\Classes\regfile: regedit.exe "%1" <===== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 09:24 - 2015-10-30 09:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Luca Rauch\Pictures\Camera Roll\New-York-Wallpaper-Background-5.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\...\StartupApproved\Run: => "cloudmusic"
HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\...\StartupApproved\Run: => "Steam"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{65C489D6-4286-4A05-A84F-6D3749875585}E:\programme\origin games\star wars battlefront\starwarsbattlefronttrial.exe] => (Allow) E:\programme\origin games\star wars battlefront\starwarsbattlefronttrial.exe
FirewallRules: [TCP Query User{6DF80F22-6573-406F-A2E1-A7DFE9A01571}E:\programme\origin games\star wars battlefront\starwarsbattlefronttrial.exe] => (Allow) E:\programme\origin games\star wars battlefront\starwarsbattlefronttrial.exe
FirewallRules: [{33D7F8E5-7153-41E8-AFAA-AE0DA59C9F9B}] => (Allow) LPort=82
FirewallRules: [{66503E7F-3B7A-4BBC-A87C-9D1121B213EF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{37BC57D3-4E2F-42E7-837F-187855427D17}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E0346DDE-4591-4FCB-8883-785DE4699309}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{137BF7F9-C9D9-4E3D-9CC4-B892C33D0990}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [UDP Query User{C99F0C66-3CD5-46A8-8392-6049CE83EFBB}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{7CB30102-71C7-421F-9083-B7DF4BE43401}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{C9104DF2-FC5A-4BE7-AC96-0B457762C2D8}C:\users\luca rauch\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\luca rauch\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{8D7FC28D-4DF7-423C-8DE8-AB8683B1AC98}C:\users\luca rauch\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\luca rauch\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D2166DF0-3D8B-4F6D-9DE2-54EFBA700A60}] => (Allow) E:\Programme\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{4B165B13-C54B-47DD-91EA-A28D8AEAC89A}] => (Allow) E:\Programme\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{2D204D5A-77E2-44FD-8B9F-49AC8A5BFF33}] => (Allow) LPort=5000
FirewallRules: [{F3EDC8ED-7C6C-4F98-A22D-906BAA88566C}] => (Allow) LPort=64094
FirewallRules: [{3CAE594D-2157-42A0-A416-DCA6D5EB07C1}] => (Allow) E:\Programme\GTA5.exe
FirewallRules: [{F5C1BBD3-7C36-4544-812A-D8E2AF808C95}] => (Allow) E:\Programme\GTA5.exe
FirewallRules: [{D7AFEE2B-C6FD-4820-AE9B-0E9BB71659AF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E57AE8E7-1C9E-4704-A929-AD5EF5F69903}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{11833B8A-2A6E-4A57-A189-36869810551A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6A7DE008-82E7-4C09-9C39-FD5741E2B6B9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{C1036373-1824-4C91-9885-BAFA0ECA2ACC}C:\users\luca rauch\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\luca rauch\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{28034C94-7EBF-43BF-9D77-48E9D99998DE}C:\users\luca rauch\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\luca rauch\appdata\roaming\spotify\spotify.exe
FirewallRules: [{B8D96DB6-24E2-4A04-ABEA-AB30D7D61EC5}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{65DC7EF8-E04E-479F-9EC1-7FBAC98A6912}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{5CF6B187-C842-4296-8565-C7A5A6C44E5B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{165390F1-8F6B-4ACA-A533-786505FEDB8D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{8A971062-BFCD-42A8-AB7C-29F1E2F19169}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{50AE06CA-F9D4-46D5-8CE0-FD70704B247C}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{CFC36A81-A8A6-4188-A892-325F2CEAA967}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{112BB85C-B0D9-4708-8188-36E6F4DBB6FB}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{C7E6D76B-9EF4-452E-9FA1-5C83C7218AEE}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{522C3BCA-E4E7-42D1-8A55-667FAF7E4A5D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{064093FE-3E3A-4270-AC30-1901CB7D1E67}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{62583DAC-DC58-4692-AB9A-435112032FC2}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{2404B99B-4558-4511-BE37-CFB3AAA9BAB0}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/26/2016 09:27:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 52.0.2743.116, Zeitstempel: 0x57a12717
Name des fehlerhaften Moduls: apphelp.dll, Version: 10.0.14393.0, Zeitstempel: 0x578999e1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003685b
ID des fehlerhaften Prozesses: 0x2f0c
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (08/26/2016 09:18:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bf4.exe, Version: 1.7.2.45672, Zeitstempel: 0x5654c99c
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.82, Zeitstempel: 0x57a55744
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a4820
ID des fehlerhaften Prozesses: 0x5b0
Startzeit der fehlerhaften Anwendung: 0xbf4.exe0
Pfad der fehlerhaften Anwendung: bf4.exe1
Pfad des fehlerhaften Moduls: bf4.exe2
Berichtskennung: bf4.exe3
Vollständiger Name des fehlerhaften Pakets: bf4.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bf4.exe5

Error: (08/26/2016 08:05:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 52.0.2743.116, Zeitstempel: 0x57a12717
Name des fehlerhaften Moduls: apphelp.dll, Version: 10.0.14393.0, Zeitstempel: 0x578999e1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003685b
ID des fehlerhaften Prozesses: 0x2018
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (08/26/2016 08:05:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 52.0.2743.116, Zeitstempel: 0x57a12717
Name des fehlerhaften Moduls: apphelp.dll, Version: 10.0.14393.0, Zeitstempel: 0x578999e1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000003685b
ID des fehlerhaften Prozesses: 0x1184
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (08/24/2016 08:16:42 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 12) (User: LUCA-PC)
Description: Microsoft.MicrosoftOfficeHub_8wekyb3d8bbwe1018

Error: (08/24/2016 12:07:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LUCA-PC)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/23/2016 12:19:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm dcrypt.exe, Version 1.1.846.118 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ddc

Startzeit: 01d1fcc3dc15bc49

Beendigungszeit: 2937

Anwendungspfad: C:\Program Files\dcrypt\dcrypt.exe

Berichts-ID: 037c31f0-691b-11e6-b77c-d050992e8047

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (08/23/2016 07:11:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bf4.exe, Version: 1.7.2.45672, Zeitstempel: 0x5654c99c
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.0, Zeitstempel: 0x578997b2
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a4820
ID des fehlerhaften Prozesses: 0x2ad0
Startzeit der fehlerhaften Anwendung: 0xbf4.exe0
Pfad der fehlerhaften Anwendung: bf4.exe1
Pfad des fehlerhaften Moduls: bf4.exe2
Berichtskennung: bf4.exe3
Vollständiger Name des fehlerhaften Pakets: bf4.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bf4.exe5

Error: (08/23/2016 01:48:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LUCA-PC)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/22/2016 05:54:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bf4.exe, Version: 1.7.2.45672, Zeitstempel: 0x5654c99c
Name des fehlerhaften Moduls: bf4.exe, Version: 1.7.2.45672, Zeitstempel: 0x5654c99c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000618efe
ID des fehlerhaften Prozesses: 0x23e8
Startzeit der fehlerhaften Anwendung: 0xbf4.exe0
Pfad der fehlerhaften Anwendung: bf4.exe1
Pfad des fehlerhaften Moduls: bf4.exe2
Berichtskennung: bf4.exe3
Vollständiger Name des fehlerhaften Pakets: bf4.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bf4.exe5


Systemfehler:
=============
Error: (08/26/2016 11:46:08 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/26/2016 11:44:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrB" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/26/2016 11:44:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/26/2016 11:44:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/26/2016 11:44:43 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/26/2016 11:44:43 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Plays.tv Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/26/2016 11:44:43 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Killer Service V2" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/26/2016 11:44:43 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/26/2016 11:44:43 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AMD External Events Utility" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/26/2016 06:27:21 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


==================== Speicherinformationen =========================== 

Prozessor: AMD FX(tm)-6300 Six-Core Processor 
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 12179.36 MB
Verfügbarer physikalischer RAM: 8799.41 MB
Summe virtueller Speicher: 14035.36 MB
Verfügbarer virtueller Speicher: 10474.81 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:109.41 GB) (Free:10.92 GB) NTFS
Drive e: (HDD-2(NO MBR)) (Fixed) (Total:416.49 GB) (Free:261.07 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 109.9 GB) (Disk ID: AFEE18F5)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=109.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1F52CC16)
Partition 1: (Not Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=416.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Ende von Addition.txt ============================

FRST.txt folgt

gruss

moreply · 26.08.2016, 10:59

FRST.txt

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
durchgeführt von Luca Rauch (Administrator) auf LUCA-PC (26-08-2016 11:54:45)
Gestartet von C:\Users\Luca Rauch\Desktop
Geladene Profile: Luca Rauch (Verfügbare Profile: Luca Rauch)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe
() C:\Windows\System32\PnkBstrA.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\KillerService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avpui.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Luca Rauch\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\Luca Rauch\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Luca Rauch\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Luca Rauch\AppData\Roaming\Spotify\Spotify.exe
(Rivet Networks) C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6625672 2016-08-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-08-09] (Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-08-05] (Raptr, Inc)
HKLM-x32\...\Run: [RoccatKonePure] => C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.EXE [561152 2014-01-20] (ROCCAT GmbH)
HKLM-x32\...\Run: [EaseUS EPM tray] => E:\Programme\EaseUS Partition Master 10.8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd)
HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-07-23] (Electronic Arts)
HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\...\Run: [Spotify Web Helper] => C:\Users\Luca Rauch\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1523312 2016-08-24] (Spotify Ltd)
HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\...\Run: [Spotify] => C:\Users\Luca Rauch\AppData\Roaming\Spotify\Spotify.exe [6930544 2016-08-24] (Spotify Ltd)
HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2852128 2016-08-03] (Valve Corporation)
HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8894680 2016-08-05] (Piriform Ltd)
HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\...\RunOnce: [Uninstall C:\Users\Luca Rauch\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Luca Rauch\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-3002617405-3168553486-2606252797-1001\...\RunOnce: [Uninstall C:\Users\Luca Rauch\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Luca Rauch\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64"
ShellIconOverlayIdentifiers: [] -> {b5458932-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Luca Rauch\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayError.dll [2016-05-06] ()
ShellIconOverlayIdentifiers: [] -> {b5458930-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Luca Rauch\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySynced.dll [2016-05-06] ()
ShellIconOverlayIdentifiers: [] -> {b5458934-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Luca Rauch\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayReadOnly.dll [2016-05-06] ()
ShellIconOverlayIdentifiers: [] -> {b5458933-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Luca Rauch\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayLock.dll [2016-05-06] ()
ShellIconOverlayIdentifiers: [] -> {b5458931-3c8c-4131-ba1e-f0b5350e4e1e} => C:\Users\Luca Rauch\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySyncing.dll [2016-05-06] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2016-07-30]
ShortcutTarget: Killer Network Manager.lnk -> C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe (Rivet Networks)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5-x64 07 C:\Windows\system32\wlidnsp.dll [66048 2016-07-16] (Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Windows\system32\wlidnsp.dll [66048 2016-07-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{177e6d71-f112-4f6b-9206-f24be18284e1}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================

FireFox:
========
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-08-16]

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.de/"
CHR Profile: C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-09]
CHR Extension: (Flash Video Downloader) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2016-08-18]
CHR Extension: (Google Docs) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-09]
CHR Extension: (Google Drive) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-09]
CHR Extension: (YouTube) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-09]
CHR Extension: (Google Cast) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-08-16]
CHR Extension: (TrafficLight) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfnpidifppmenkapgihekkeednfoenal [2016-08-05]
CHR Extension: (Google Play Musik) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2016-08-18]
CHR Extension: (Google Tabellen) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-09]
CHR Extension: (Play to Kodi) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\fncjhcjfnnooidlkijollckpakkebden [2016-08-17]
CHR Extension: (Google Play Filme & Serien) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdijeikdkaembjbdobgfkoidjkpbmlkd [2016-04-09]
CHR Extension: (Google Docs Offline) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-09]
CHR Extension: (AdBlock) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-24]
CHR Extension: (Google Notizen – Notizen & Listen) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-08-24]
CHR Extension: (SmallringFX DarkBlue Theme) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfijmgohofmpjlcgmjplbpmkpchdhpk [2016-04-09]
CHR Extension: (Kaspersky Protection) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpeeaghdjmhlakojjcgfdhgcejdaefmi [2016-08-05]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-09]
CHR Extension: (Battlelog Emblem Editor Extended) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\noagedoiolkfaoaknohhepocfeooibjb [2016-08-21]
CHR Extension: (Google Mail) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-09]
CHR Extension: (Chrome Media Router) - C:\Users\Luca Rauch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-20]
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1863688 2016-05-14] ()
R2 Killer Service V2; C:\Program Files\Killer Networking\Network Manager\KillerService.exe [395776 2015-05-04] (Rivet Networks) [Datei ist nicht signiert]
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-07-23] (Electronic Arts)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-08-09] (Plays.tv, LLC)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-05-16] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-05-16] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S3 SophosVirusRemovalTool; C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\SVRTservice.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
S3 AsrCDDrv; C:\Windows\SysWOW64\Drivers\AsrCDDrv.sys [16904 2016-02-25] (ASRock Incorporation)
S3 AsusVBus; C:\Windows\System32\drivers\AsusVBus.sys [39704 2015-10-07] (Windows (R) Win 7 DDK provider)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [118848 2016-07-28] (Advanced Micro Devices)
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [84472 2015-10-07] (ASUS Corporation)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [115760 2015-04-29] (Rivet Networks, LLC.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R0 dcrypt; C:\Windows\System32\drivers\dcrypt.sys [210632 2014-07-09] ()
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R3 Ke2200; C:\Windows\System32\drivers\e22w8x64.sys [130224 2014-03-27] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79752 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [182664 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\drivers\klhk.sys [237400 2016-08-16] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2016-08-18] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [992600 2016-08-16] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [51288 2016-04-29] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87984 2016-08-16] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [110424 2016-08-16] (AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-18] (Malwarebytes)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-26 11:52 - 2016-08-26 11:54 - 00017184 _____ C:\Users\Luca Rauch\Desktop\FRST.txt
2016-08-26 11:52 - 2016-08-26 11:52 - 02396160 _____ (Farbar) C:\Users\Luca Rauch\Downloads\FRST64.exe
2016-08-26 11:52 - 2016-08-26 11:52 - 02396160 _____ (Farbar) C:\Users\Luca Rauch\Desktop\FRST64.exe
2016-08-26 11:41 - 2016-08-26 11:44 - 00000000 ____D C:\AdwCleaner
2016-08-26 11:41 - 2016-08-26 11:41 - 03826240 _____ C:\Users\Luca Rauch\Downloads\AdwCleaner_6.010.exe
2016-08-26 11:41 - 2016-08-26 11:41 - 03826240 _____ C:\Users\Luca Rauch\Desktop\AdwCleaner_6.010.exe
2016-08-26 09:27 - 2016-08-26 09:27 - 00002864 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-08-26 09:27 - 2016-08-26 09:27 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-08-26 09:27 - 2016-08-26 09:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-08-26 09:27 - 2016-08-26 09:27 - 00000000 ____D C:\Program Files\CCleaner
2016-08-25 14:48 - 2016-08-25 14:48 - 00001584 _____ C:\WINDOWS\SysWOW64\nativelog.txt
2016-08-24 08:54 - 2016-08-06 06:30 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-08-24 08:54 - 2016-08-06 06:17 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-08-24 08:54 - 2016-08-06 06:17 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-08-24 08:54 - 2016-08-06 06:16 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-24 08:54 - 2016-08-06 05:40 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-08-24 08:54 - 2016-08-06 05:35 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-08-24 08:54 - 2016-08-06 05:33 - 01304576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-08-24 08:54 - 2016-08-06 05:33 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-08-24 08:54 - 2016-08-06 05:31 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-08-24 08:54 - 2016-08-06 05:24 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-24 08:54 - 2016-08-06 05:19 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-08-24 08:53 - 2016-08-06 06:33 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-08-24 08:53 - 2016-08-06 06:32 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-08-24 08:53 - 2016-08-06 06:32 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-08-24 08:53 - 2016-08-06 06:31 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-08-24 08:53 - 2016-08-06 06:31 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-08-24 08:53 - 2016-08-06 06:30 - 07814496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-24 08:53 - 2016-08-06 06:30 - 01349128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-08-24 08:53 - 2016-08-06 06:30 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-08-24 08:53 - 2016-08-06 06:29 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-08-24 08:53 - 2016-08-06 06:29 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-08-24 08:53 - 2016-08-06 06:26 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-08-24 08:53 - 2016-08-06 06:26 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-08-24 08:53 - 2016-08-06 06:24 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-08-24 08:53 - 2016-08-06 06:23 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-24 08:53 - 2016-08-06 06:18 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-24 08:53 - 2016-08-06 06:18 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-08-24 08:53 - 2016-08-06 06:18 - 01260384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-08-24 08:53 - 2016-08-06 06:18 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-24 08:53 - 2016-08-06 06:18 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-08-24 08:53 - 2016-08-06 06:17 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-08-24 08:53 - 2016-08-06 06:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-24 08:53 - 2016-08-06 06:16 - 01099104 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-08-24 08:53 - 2016-08-06 06:16 - 00987488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-08-24 08:53 - 2016-08-06 06:16 - 00942432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-08-24 08:53 - 2016-08-06 06:16 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-08-24 08:53 - 2016-08-06 06:16 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-08-24 08:53 - 2016-08-06 06:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-24 08:53 - 2016-08-06 06:16 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-08-24 08:53 - 2016-08-06 06:15 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-08-24 08:53 - 2016-08-06 06:13 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-24 08:53 - 2016-08-06 06:13 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-08-24 08:53 - 2016-08-06 06:13 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-08-24 08:53 - 2016-08-06 06:13 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-08-24 08:53 - 2016-08-06 06:13 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-08-24 08:53 - 2016-08-06 06:13 - 01066096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-08-24 08:53 - 2016-08-06 06:13 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-08-24 08:53 - 2016-08-06 06:13 - 00381760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-24 08:53 - 2016-08-06 06:13 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-08-24 08:53 - 2016-08-06 06:09 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-24 08:53 - 2016-08-06 06:08 - 02537816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-08-24 08:53 - 2016-08-06 06:08 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-24 08:53 - 2016-08-06 06:08 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-24 08:53 - 2016-08-06 06:08 - 01430208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-08-24 08:53 - 2016-08-06 06:08 - 00843104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-08-24 08:53 - 2016-08-06 06:08 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-08-24 08:53 - 2016-08-06 06:08 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-24 08:53 - 2016-08-06 06:08 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-08-24 08:53 - 2016-08-06 06:08 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-24 08:53 - 2016-08-06 06:04 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-08-24 08:53 - 2016-08-06 06:03 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-24 08:53 - 2016-08-06 06:03 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-08-24 08:53 - 2016-08-06 06:03 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-08-24 08:53 - 2016-08-06 06:03 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-08-24 08:53 - 2016-08-06 06:03 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-08-24 08:53 - 2016-08-06 06:03 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-08-24 08:53 - 2016-08-06 06:03 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-08-24 08:53 - 2016-08-06 06:03 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-08-24 08:53 - 2016-08-06 06:02 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-24 08:53 - 2016-08-06 05:50 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-08-24 08:53 - 2016-08-06 05:49 - 22570496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-24 08:53 - 2016-08-06 05:48 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-08-24 08:53 - 2016-08-06 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-08-24 08:53 - 2016-08-06 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-08-24 08:53 - 2016-08-06 05:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-08-24 08:53 - 2016-08-06 05:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-08-24 08:53 - 2016-08-06 05:48 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-08-24 08:53 - 2016-08-06 05:48 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-08-24 08:53 - 2016-08-06 05:48 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-08-24 08:53 - 2016-08-06 05:48 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-08-24 08:53 - 2016-08-06 05:48 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-08-24 08:53 - 2016-08-06 05:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-08-24 08:53 - 2016-08-06 05:48 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-08-24 08:53 - 2016-08-06 05:47 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-24 08:53 - 2016-08-06 05:47 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-08-24 08:53 - 2016-08-06 05:47 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-08-24 08:53 - 2016-08-06 05:47 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-08-24 08:53 - 2016-08-06 05:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-08-24 08:53 - 2016-08-06 05:47 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-08-24 08:53 - 2016-08-06 05:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-08-24 08:53 - 2016-08-06 05:46 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-08-24 08:53 - 2016-08-06 05:46 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-08-24 08:53 - 2016-08-06 05:46 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-08-24 08:53 - 2016-08-06 05:46 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-08-24 08:53 - 2016-08-06 05:46 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-08-24 08:53 - 2016-08-06 05:45 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-08-24 08:53 - 2016-08-06 05:45 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-08-24 08:53 - 2016-08-06 05:45 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-08-24 08:53 - 2016-08-06 05:45 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-08-24 08:53 - 2016-08-06 05:45 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-08-24 08:53 - 2016-08-06 05:45 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-08-24 08:53 - 2016-08-06 05:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-08-24 08:53 - 2016-08-06 05:45 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-08-24 08:53 - 2016-08-06 05:44 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-08-24 08:53 - 2016-08-06 05:44 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-08-24 08:53 - 2016-08-06 05:44 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-08-24 08:53 - 2016-08-06 05:43 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-08-24 08:53 - 2016-08-06 05:43 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-08-24 08:53 - 2016-08-06 05:43 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-08-24 08:53 - 2016-08-06 05:43 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-08-24 08:53 - 2016-08-06 05:43 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-08-24 08:53 - 2016-08-06 05:42 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-24 08:53 - 2016-08-06 05:42 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-08-24 08:53 - 2016-08-06 05:42 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-08-24 08:53 - 2016-08-06 05:42 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-08-24 08:53 - 2016-08-06 05:41 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-24 08:53 - 2016-08-06 05:41 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-08-24 08:53 - 2016-08-06 05:41 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-08-24 08:53 - 2016-08-06 05:41 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-08-24 08:53 - 2016-08-06 05:41 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-08-24 08:53 - 2016-08-06 05:41 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-08-24 08:53 - 2016-08-06 05:41 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-08-24 08:53 - 2016-08-06 05:41 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-08-24 08:53 - 2016-08-06 05:41 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-08-24 08:53 - 2016-08-06 05:41 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-08-24 08:53 - 2016-08-06 05:40 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-24 08:53 - 2016-08-06 05:40 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-24 08:53 - 2016-08-06 05:40 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-08-24 08:53 - 2016-08-06 05:40 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-08-24 08:53 - 2016-08-06 05:40 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-08-24 08:53 - 2016-08-06 05:40 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-08-24 08:53 - 2016-08-06 05:39 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-08-24 08:53 - 2016-08-06 05:39 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-08-24 08:53 - 2016-08-06 05:39 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-08-24 08:53 - 2016-08-06 05:39 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-08-24 08:53 - 2016-08-06 05:39 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-08-24 08:53 - 2016-08-06 05:38 - 17187328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-24 08:53 - 2016-08-06 05:38 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-24 08:53 - 2016-08-06 05:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-24 08:53 - 2016-08-06 05:38 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-24 08:53 - 2016-08-06 05:37 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-24 08:53 - 2016-08-06 05:37 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-08-24 08:53 - 2016-08-06 05:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-08-24 08:53 - 2016-08-06 05:36 - 19422720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-24 08:53 - 2016-08-06 05:36 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-08-24 08:53 - 2016-08-06 05:35 - 09127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-24 08:53 - 2016-08-06 05:35 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-24 08:53 - 2016-08-06 05:34 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-24 08:53 - 2016-08-06 05:34 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-08-24 08:53 - 2016-08-06 05:34 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-08-24 08:53 - 2016-08-06 05:34 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-08-24 08:53 - 2016-08-06 05:34 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-08-24 08:53 - 2016-08-06 05:33 - 23682560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-24 08:53 - 2016-08-06 05:33 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-08-24 08:53 - 2016-08-06 05:33 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-08-24 08:53 - 2016-08-06 05:33 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-08-24 08:53 - 2016-08-06 05:32 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-08-24 08:53 - 2016-08-06 05:31 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-24 08:53 - 2016-08-06 05:31 - 03244032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-08-24 08:53 - 2016-08-06 05:31 - 02710528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-08-24 08:53 - 2016-08-06 05:31 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-08-24 08:53 - 2016-08-06 05:31 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-08-24 08:53 - 2016-08-06 05:31 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-08-24 08:53 - 2016-08-06 05:31 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-08-24 08:53 - 2016-08-06 05:30 - 13080576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-24 08:53 - 2016-08-06 05:30 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-24 08:53 - 2016-08-06 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-08-24 08:53 - 2016-08-06 05:30 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-08-24 08:53 - 2016-08-06 05:29 - 13433856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-24 08:53 - 2016-08-06 05:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-08-24 08:53 - 2016-08-06 05:29 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-08-24 08:53 - 2016-08-06 05:29 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-08-24 08:53 - 2016-08-06 05:29 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-08-24 08:53 - 2016-08-06 05:29 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-08-24 08:53 - 2016-08-06 05:28 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-08-24 08:53 - 2016-08-06 05:28 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-08-24 08:53 - 2016-08-06 05:28 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-08-24 08:53 - 2016-08-06 05:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-08-24 08:53 - 2016-08-06 05:27 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-08-24 08:53 - 2016-08-06 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-08-24 08:53 - 2016-08-06 05:26 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-08-24 08:53 - 2016-08-06 05:26 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-24 08:53 - 2016-08-06 05:26 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-24 08:53 - 2016-08-06 05:25 - 03116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-08-24 08:53 - 2016-08-06 05:25 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-24 08:53 - 2016-08-06 05:24 - 02680832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-24 08:53 - 2016-08-06 05:24 - 02314752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-24 08:53 - 2016-08-06 05:24 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-24 08:53 - 2016-08-06 05:24 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-24 08:53 - 2016-08-06 05:23 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-08-24 08:53 - 2016-08-06 05:23 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-24 08:53 - 2016-08-06 05:23 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-24 08:53 - 2016-08-06 05:23 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-24 08:53 - 2016-08-06 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-08-24 08:53 - 2016-08-06 05:23 - 01062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-08-24 08:53 - 2016-08-06 05:23 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-08-24 08:53 - 2016-08-06 05:23 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-08-24 08:53 - 2016-08-06 05:23 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-24 08:53 - 2016-08-06 05:21 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-24 08:53 - 2016-08-06 05:19 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-24 08:53 - 2016-08-05 11:14 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-08-24 08:53 - 2016-08-05 11:12 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-24 08:53 - 2016-08-05 11:10 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-08-24 08:53 - 2016-08-05 11:05 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-08-24 08:53 - 2016-08-05 10:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-08-24 08:53 - 2016-08-05 10:29 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-08-24 08:53 - 2016-08-05 10:29 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-08-24 08:53 - 2016-08-05 10:28 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-08-24 08:53 - 2016-08-05 10:23 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-08-24 08:53 - 2016-08-05 10:22 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-08-24 08:53 - 2016-08-05 10:20 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-08-24 08:53 - 2016-08-05 10:20 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-08-24 08:53 - 2016-08-05 10:18 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-08-24 08:53 - 2016-08-05 10:08 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-08-24 08:53 - 2016-08-05 10:07 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-08-24 08:53 - 2016-08-05 10:07 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-08-21 08:28 - 2016-08-21 08:28 - 00000898 _____ C:\Users\Luca Rauch\Desktop\CrystalDiskMark 5.lnk
2016-08-21 08:28 - 2016-08-21 08:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskMark5
2016-08-21 07:37 - 2016-08-21 07:37 - 00009728 ___SH C:\Users\Luca Rauch\Desktop\Thumbs.db
2016-08-18 23:39 - 2016-08-18 23:39 - 00000000 ____D C:\Users\Luca Rauch\Documents\Fritzing
2016-08-18 23:39 - 2016-08-18 23:39 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Fritzing
2016-08-18 23:37 - 2016-08-18 23:37 - 00000000 ____D C:\Users\Luca Rauch\Desktop\fritzing.0.9.3b.64.pc
2016-08-18 05:20 - 2016-08-18 05:20 - 00000000 ____D C:\ProgramData\Sophos
2016-08-18 05:12 - 2016-08-18 05:12 - 00002340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-18 05:12 - 2016-08-18 05:12 - 00002328 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-18 01:42 - 2016-08-18 01:42 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\Amazon_FireTV_Utility_App
2016-08-18 01:42 - 2016-08-18 01:42 - 00000000 ____D C:\Users\Luca Rauch\.android
2016-08-18 01:40 - 2016-08-26 11:54 - 00000000 ____D C:\FRST
2016-08-17 21:05 - 2016-08-17 21:05 - 00000000 ____D C:\Users\Luca Rauch\AppData\LocalLow\Temp
2016-08-17 21:02 - 2016-08-17 21:02 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\HP
2016-08-16 23:10 - 2016-08-16 23:10 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\WinRAR
2016-08-16 23:09 - 2016-08-24 13:40 - 00000000 ____D C:\Program Files\WinRAR
2016-08-16 02:14 - 2016-08-26 09:28 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\CrashDumps
2016-08-16 02:08 - 2016-08-16 02:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2016-08-16 01:01 - 2016-08-16 01:01 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Trimble Connect for SketchUp
2016-08-16 00:57 - 2016-08-16 00:57 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\SketchUp
2016-08-16 00:57 - 2016-08-16 00:57 - 00000000 ____D C:\ProgramData\SketchUp
2016-08-16 00:57 - 2016-08-16 00:57 - 00000000 ____D C:\ProgramData\Reprise
2016-08-16 00:49 - 2016-08-16 00:49 - 00000000 ___RD C:\Users\Luca Rauch\3D Objects
2016-08-14 21:18 - 2016-08-14 21:39 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\FileZilla
2016-08-14 19:12 - 2016-08-14 19:12 - 00000000 ____D C:\Users\Luca Rauch\Desktop\procon_1.5.1.1
2016-08-13 17:33 - 2016-08-18 00:20 - 00000000 ____D C:\WINDOWS\Panther
2016-08-12 19:17 - 2016-08-13 17:54 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\.minecraft
2016-08-12 19:17 - 2016-08-13 17:37 - 00000000 ____D C:\Users\Luca Rauch\.oracle_jre_usage
2016-08-12 19:17 - 2016-08-12 19:17 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Sun
2016-08-12 19:17 - 2016-08-12 19:17 - 00000000 ____D C:\Users\Luca Rauch\AppData\LocalLow\Sun
2016-08-12 19:14 - 2016-08-12 19:17 - 00000000 ____D C:\ProgramData\Oracle
2016-08-12 17:33 - 2016-08-12 17:33 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\java
2016-08-11 18:22 - 2016-08-11 18:22 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Macromedia
2016-08-11 17:46 - 2016-08-11 17:46 - 09311368 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2016-08-11 17:46 - 2016-08-11 17:46 - 00149984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2016-08-11 17:45 - 2016-08-11 17:45 - 10285472 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2016-08-11 17:45 - 2016-08-11 17:45 - 09110856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2016-08-11 17:45 - 2016-08-11 17:45 - 08864688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2016-08-11 17:45 - 2016-08-11 17:45 - 08653760 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2016-08-11 17:45 - 2016-08-11 17:45 - 07234888 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2016-08-11 17:45 - 2016-08-11 17:45 - 01273072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-08-11 17:45 - 2016-08-11 17:45 - 00161432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2016-08-11 17:45 - 2016-08-11 17:45 - 00134448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2016-08-11 17:45 - 2016-08-11 17:45 - 00120376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-08-11 17:45 - 2016-08-11 17:45 - 00102672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-08-11 17:44 - 2016-08-11 17:44 - 00475632 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-08-11 17:44 - 2016-08-11 17:44 - 00260744 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-08-11 17:44 - 2016-08-11 17:44 - 00156248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-08-11 17:44 - 2016-08-11 17:44 - 00151696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2016-08-11 17:44 - 2016-08-11 17:44 - 00135920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-08-11 17:44 - 2016-08-11 17:44 - 00127120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2016-08-11 17:44 - 2016-08-11 17:44 - 00122504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2016-08-11 17:44 - 2016-08-11 17:44 - 00102672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-08-11 17:44 - 2016-08-11 17:44 - 00101520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-08-11 17:43 - 2016-08-11 17:43 - 26633872 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2016-08-11 17:43 - 2016-08-11 17:43 - 00342160 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2016-08-11 17:43 - 2016-08-11 17:43 - 00284304 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-08-11 17:43 - 2016-08-11 17:43 - 00279696 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2016-08-11 17:43 - 2016-08-11 17:43 - 00267920 _____ C:\WINDOWS\system32\GameManager64.dll
2016-08-11 17:43 - 2016-08-11 17:43 - 00262288 _____ C:\WINDOWS\system32\clinfo.exe
2016-08-11 17:43 - 2016-08-11 17:43 - 00233104 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-08-11 17:43 - 2016-08-11 17:43 - 00226448 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-08-11 17:43 - 2016-08-11 17:43 - 00129160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-08-11 17:43 - 2016-08-11 17:43 - 00110736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-08-11 17:43 - 2016-08-11 17:43 - 00103056 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-08-11 17:43 - 2016-08-11 17:43 - 00060560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2016-08-11 17:43 - 2016-08-11 17:43 - 00013456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2016-08-11 17:43 - 2016-08-11 17:43 - 00013456 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 15721104 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 14312080 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 08828560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 07085712 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 02139792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 01829520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 01321104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 00987280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 00513680 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-08-11 17:42 - 2016-08-11 17:42 - 00451728 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 00394896 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-08-11 17:42 - 2016-08-11 17:42 - 00279184 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2016-08-11 17:42 - 2016-08-11 17:42 - 00223368 _____ C:\WINDOWS\system32\atieah64.exe
2016-08-11 17:42 - 2016-08-11 17:42 - 00201360 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-08-11 17:42 - 2016-08-11 17:42 - 00194704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 00115856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 00071824 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 00061584 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 00058512 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2016-08-11 17:42 - 2016-08-11 17:42 - 00052880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2016-08-11 17:41 - 2016-08-11 17:41 - 48811664 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2016-08-11 17:41 - 2016-08-11 17:41 - 27481232 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2016-08-11 17:41 - 2016-08-11 17:41 - 08620176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2016-08-11 17:41 - 2016-08-11 17:41 - 02370704 _____ C:\WINDOWS\system32\amdoclvp9lib64.dll
2016-08-11 17:41 - 2016-08-11 17:41 - 02281096 _____ C:\WINDOWS\SysWOW64\amdoclvp9lib32.dll
2016-08-11 17:41 - 2016-08-11 17:41 - 00075920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2016-08-11 17:41 - 2016-08-11 17:41 - 00060048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2016-08-11 17:41 - 2016-08-11 17:41 - 00059536 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2016-08-11 17:41 - 2016-08-11 17:41 - 00047760 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2016-08-11 17:40 - 2016-08-11 17:40 - 06947984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2016-08-11 17:40 - 2016-08-11 17:40 - 00743568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-08-11 17:40 - 2016-08-11 17:40 - 00619152 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-08-11 17:40 - 2016-08-11 17:40 - 00314392 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdacpksd.sys
2016-08-11 17:40 - 2016-08-11 17:40 - 00241296 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-08-11 17:40 - 2016-08-11 17:40 - 00214160 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-08-11 17:40 - 2016-08-11 17:40 - 00193680 _____ C:\WINDOWS\system32\amdhdl64.dll
2016-08-11 17:40 - 2016-08-11 17:40 - 00173712 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2016-08-11 17:40 - 2016-08-11 17:40 - 00105616 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-08-11 17:40 - 2016-08-11 17:40 - 00096400 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-08-11 17:38 - 2016-08-11 17:38 - 07045344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2016-08-11 17:38 - 2016-08-11 17:38 - 00120376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-08-11 17:37 - 2016-08-11 17:37 - 32550032 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2016-08-11 17:37 - 2016-08-11 17:37 - 00100496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2016-08-11 17:37 - 2016-08-11 17:37 - 00100496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2016-08-11 17:37 - 2016-08-11 17:37 - 00065168 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2016-08-11 06:29 - 2016-08-11 06:29 - 00732056 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2016-08-11 06:29 - 2016-08-11 06:29 - 00732056 _____ C:\WINDOWS\system32\atiapfxx.blb
2016-08-11 06:24 - 2016-08-11 06:24 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2016-08-11 06:19 - 2016-08-11 06:19 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2016-08-10 17:20 - 2016-08-02 10:44 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-08-10 17:20 - 2016-08-02 10:20 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-10 17:20 - 2016-08-02 09:58 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 17:20 - 2016-08-02 09:55 - 03617280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-10 17:20 - 2016-08-02 06:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-10 17:20 - 2016-08-02 06:25 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-08-10 17:20 - 2016-08-02 06:25 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 17:20 - 2016-08-02 06:23 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-08-10 17:20 - 2016-08-02 06:13 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-10 17:19 - 2016-08-02 10:48 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-10 17:19 - 2016-08-02 10:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-08-10 17:19 - 2016-08-02 10:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-08-10 17:19 - 2016-08-02 10:15 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-10 17:19 - 2016-08-02 10:14 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-08-10 17:19 - 2016-08-02 10:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-10 17:19 - 2016-08-02 10:11 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-10 17:19 - 2016-08-02 10:10 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-10 17:19 - 2016-08-02 10:09 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-10 17:19 - 2016-08-02 10:00 - 05511168 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-10 17:19 - 2016-08-02 09:59 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-10 17:19 - 2016-08-02 09:56 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-08-10 17:19 - 2016-08-02 09:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-10 17:19 - 2016-08-02 06:47 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-08-10 17:19 - 2016-08-02 06:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-08-10 17:19 - 2016-08-02 06:36 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-08-10 17:19 - 2016-08-02 06:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-08-10 17:19 - 2016-08-02 06:16 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-10 17:19 - 2016-08-02 06:12 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-08-10 12:32 - 2016-08-10 12:32 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-10 12:32 - 2016-08-10 12:32 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-10 12:32 - 2016-08-10 12:32 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-10 12:32 - 2016-08-10 12:32 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-10 12:32 - 2016-08-10 12:32 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-08-10 12:32 - 2016-08-10 12:32 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-08-10 12:32 - 2016-08-10 12:32 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-10 12:32 - 2016-08-10 12:32 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-10 12:32 - 2016-08-10 12:32 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-10 12:32 - 2016-08-10 12:32 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-10 12:32 - 2016-08-10 12:32 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-10 12:32 - 2016-08-10 12:32 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-10 12:32 - 2016-08-10 12:32 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-10 12:31 - 2016-08-10 12:31 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-10 12:30 - 2016-08-10 12:30 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-08-10 12:30 - 2016-08-10 12:30 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-10 12:30 - 2016-08-10 12:30 - 00000000 ____D C:\Program Files\MSBuild
2016-08-10 12:30 - 2016-08-10 12:30 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-10 12:30 - 2016-08-10 12:30 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-10 12:29 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-10 12:29 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-10 12:29 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-10 12:29 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-08-10 12:29 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-10 12:29 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-08-10 11:48 - 2016-08-10 11:48 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-10 11:47 - 2016-08-10 11:47 - 00000000 ____D C:\ProgramData\USOShared
2016-08-10 11:46 - 2016-08-10 12:56 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\ConnectedDevicesPlatform
2016-08-10 11:46 - 2016-08-10 11:46 - 00000020 ___SH C:\Users\Luca Rauch\ntuser.ini
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-08-10 11:46 - 2016-08-10 11:46 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-08-10 11:45 - 2016-08-10 11:45 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-08-10 11:45 - 2016-08-10 11:45 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-08-10 11:43 - 2016-08-26 11:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-10 11:43 - 2016-08-16 02:13 - 00004296 _____ C:\WINDOWS\System32\Tasks\AMD Updater
2016-08-10 11:43 - 2016-08-10 11:43 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-10 11:43 - 2016-08-10 11:43 - 00003646 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-10 11:43 - 2016-08-10 11:43 - 00003422 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-10 11:43 - 2016-08-10 11:43 - 00003324 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A1EE2406-B607-47D7-846C-0F7A042C8007}
2016-08-10 11:41 - 2016-08-10 11:41 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-10 11:40 - 2016-08-10 11:41 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-08-10 11:37 - 2016-08-26 11:45 - 00000000 ____D C:\Users\Luca Rauch
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\Vorlagen
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\Startmenü
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\Netzwerkumgebung
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\Lokale Einstellungen
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\Eigene Dateien
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\Druckumgebung
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\Documents\Eigene Videos
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\Documents\Eigene Musik
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\Documents\Eigene Bilder
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\AppData\Local\Verlauf
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\AppData\Local\Anwendungsdaten
2016-08-10 11:37 - 2016-08-10 11:37 - 00000000 _SHDL C:\Users\Luca Rauch\Anwendungsdaten
2016-08-10 11:37 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-10 11:36 - 2016-08-10 11:36 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-08-10 11:36 - 2016-08-10 11:36 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-08-10 11:36 - 2016-08-10 11:36 - 00000000 ____D C:\Program Files\Realtek
2016-08-10 11:35 - 2016-08-26 11:45 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-08-10 11:35 - 2016-08-26 07:45 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-10 11:35 - 2016-08-16 02:11 - 00000000 ____D C:\Program Files\AMD
2016-08-10 11:35 - 2016-08-13 17:34 - 00197800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-10 11:35 - 2016-08-10 11:35 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-10 11:35 - 2016-08-10 11:35 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-08-05 21:20 - 2016-08-10 11:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-08-05 21:20 - 2016-08-05 21:20 - 00002275 _____ C:\Users\Public\Desktop\Sicherer Zahlungsverkehr.lnk
2016-08-05 21:20 - 2016-08-05 21:20 - 00002213 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2016-08-05 21:20 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2016-08-05 21:19 - 2016-08-26 11:46 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-08-05 21:19 - 2016-08-16 11:45 - 00992600 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2016-08-05 21:19 - 2016-08-16 11:45 - 00237400 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2016-08-05 21:19 - 2016-08-05 21:19 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-08-05 21:19 - 2015-12-11 17:31 - 00182664 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2016-08-05 21:17 - 2016-08-05 21:17 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-08-05 16:26 - 2016-08-18 13:58 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-05 16:25 - 2016-08-05 16:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-03 00:07 - 2016-08-03 00:07 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2016-08-03 00:06 - 2016-08-10 11:41 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2016-08-03 00:06 - 2016-08-03 00:15 - 00000000 ____D C:\Program Files\Image-Line
2016-08-03 00:06 - 2016-08-03 00:06 - 00000000 ____D C:\Users\Luca Rauch\Documents\Image-Line
2016-08-03 00:06 - 2016-08-03 00:06 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Image-Line
2016-08-03 00:06 - 2016-08-03 00:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
2016-08-02 23:50 - 2016-08-03 00:15 - 00000000 ____D C:\Program Files (x86)\Image-Line
2016-08-02 00:12 - 2016-08-02 00:12 - 00000000 ____D C:\Users\Luca Rauch\.fontconfig
2016-08-02 00:11 - 2016-08-10 11:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Converter 16
2016-08-02 00:11 - 2016-08-02 00:12 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\Movavi
2016-08-02 00:11 - 2016-08-02 00:11 - 00000820 _____ C:\Users\Public\Desktop\Movavi Video Converter 16.lnk
2016-08-02 00:11 - 2016-08-02 00:11 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\converter
2016-08-02 00:11 - 2016-08-02 00:11 - 00000000 ____D C:\ProgramData\Movavi
2016-08-02 00:10 - 2016-08-02 00:10 - 00000016 _____ C:\ProgramData\mntemp
2016-08-02 00:10 - 2016-08-02 00:10 - 00000000 ____D C:\ProgramData\Movavi Video Converter 16
2016-08-01 09:21 - 2016-08-01 09:21 - 00892015 _____ C:\WINDOWS\system32\amdicdxx.dat
2016-07-30 23:04 - 2016-07-30 23:04 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-07-30 23:04 - 2016-06-23 20:22 - 00264992 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-07-30 23:04 - 2016-06-23 20:21 - 00257824 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-07-30 23:04 - 2016-06-23 20:21 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-07-30 23:04 - 2016-06-23 20:20 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-07-30 22:53 - 2016-08-10 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Killer Networking
2016-07-30 22:53 - 2016-07-30 22:55 - 00000000 ____D C:\ProgramData\Killer
2016-07-30 22:53 - 2016-07-30 22:53 - 00002801 _____ C:\Users\Public\Desktop\Killer Network Manager.lnk
2016-07-30 22:53 - 2016-07-30 22:53 - 00000000 ____D C:\Program Files\Killer Networking
2016-07-30 22:48 - 2016-07-30 22:44 - 00061464 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\usbfilter.sys
2016-07-30 14:50 - 2016-07-30 14:17 - 00000600 _____ C:\Users\Luca Rauch\AppData\Local\PUTTY.RND
2016-07-28 13:37 - 2016-07-28 13:37 - 00123400 _____ (Advanced Micro Devices) C:\WINDOWS\system32\DelayAPO.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-26 11:54 - 2016-05-16 20:01 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\Cryptocat
2016-08-26 11:51 - 2016-07-17 00:51 - 00762696 _____ C:\WINDOWS\system32\perfh007.dat
2016-08-26 11:51 - 2016-07-17 00:51 - 00164768 _____ C:\WINDOWS\system32\perfc007.dat
2016-08-26 11:51 - 2016-02-25 16:47 - 01962410 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-26 11:46 - 2016-04-09 13:13 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Spotify
2016-08-26 11:46 - 2016-04-09 13:13 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\Spotify
2016-08-26 11:46 - 2016-04-09 13:00 - 00000000 ____D C:\ProgramData\Origin
2016-08-26 11:45 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-08-26 11:45 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-08-26 11:00 - 2016-05-14 21:56 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-08-26 10:34 - 2016-05-14 21:56 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2016-08-26 06:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-25 19:16 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-25 12:58 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-08-24 14:37 - 2016-02-13 19:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-24 13:39 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-08-24 13:39 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-24 13:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-24 13:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-08-24 08:56 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-21 08:10 - 2016-04-09 13:05 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Origin
2016-08-21 06:55 - 2016-07-24 15:03 - 00000000 ____D C:\Program Files\DIFX
2016-08-21 03:53 - 2016-04-09 15:11 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-18 20:23 - 2016-04-09 14:40 - 00000000 ____D C:\Program Files (x86)\Netease
2016-08-18 06:24 - 2016-05-14 15:12 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\ElevatedDiagnostics
2016-08-18 04:55 - 2016-04-09 12:38 - 00000000 ____D C:\Program Files (x86)\Google
2016-08-17 23:54 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-17 21:07 - 2016-02-13 19:36 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\Packages
2016-08-16 14:11 - 2016-07-23 19:28 - 00001014 _____ C:\Users\Luca Rauch\Desktop\Filme und Serien.txt
2016-08-16 11:45 - 2015-12-03 11:12 - 00110424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2016-08-16 11:45 - 2015-10-06 22:30 - 00087984 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwfp.sys
2016-08-16 02:46 - 2016-04-09 12:59 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\AMD
2016-08-16 02:10 - 2016-04-09 13:01 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\PlaysTV
2016-08-16 02:09 - 2016-04-09 12:59 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Raptr
2016-08-16 02:06 - 2016-04-09 12:41 - 00000000 ____D C:\AMD
2016-08-13 17:30 - 2016-04-09 12:37 - 00000000 ____D C:\Program Files (x86)\AMD
2016-08-13 01:57 - 2016-05-14 22:33 - 00348360 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2016-08-12 18:49 - 2016-02-13 19:36 - 00000000 ____D C:\Users\Luca Rauch\AppData\Local\VirtualStore
2016-08-12 04:44 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-11 17:52 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-08-11 17:52 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-08-11 17:52 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-08-11 17:52 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-08-11 17:52 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-08-11 17:46 - 2016-07-25 22:56 - 00181064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2016-08-11 17:45 - 2016-07-25 22:55 - 01548000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-08-11 17:44 - 2016-07-25 22:55 - 00152096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-08-11 17:44 - 2016-07-25 22:54 - 00135408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-08-11 17:43 - 2016-07-25 22:53 - 00875152 _____ (AMD) C:\WINDOWS\system32\coinst_16.30.dll
2016-08-11 17:43 - 2016-07-25 22:52 - 26719376 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2016-08-11 17:43 - 2016-07-25 22:52 - 00510096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2016-08-11 17:42 - 2016-07-25 22:52 - 00168592 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2016-08-11 17:42 - 2016-07-25 22:51 - 00987280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-08-11 17:41 - 2016-07-25 22:50 - 38258832 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2016-08-11 17:41 - 2016-07-25 22:50 - 21633168 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2016-08-11 17:38 - 2016-07-25 22:55 - 10970120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2016-08-11 04:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-10 13:32 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-08-10 12:34 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-10 12:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-08-10 12:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-08-10 12:25 - 2016-05-16 20:24 - 00000000 ____D C:\Users\Luca Rauch\Documents\Battlefield 4
2016-08-10 11:48 - 2016-02-13 19:38 - 00002439 _____ C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-10 11:48 - 2016-02-13 19:38 - 00000000 ___RD C:\Users\Luca Rauch\OneDrive
2016-08-10 11:47 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-10 11:46 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-08-10 11:45 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-10 11:45 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-08-10 11:45 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-10 11:43 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-10 11:41 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-10 11:41 - 2016-05-16 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2016-08-10 11:41 - 2016-05-16 20:01 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nadim Kobeissi
2016-08-10 11:41 - 2016-05-14 21:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2016-08-10 11:41 - 2016-04-10 15:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
2016-08-10 11:41 - 2016-04-10 15:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.8
2016-08-10 11:41 - 2016-04-09 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-10 11:41 - 2016-04-09 14:35 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2016-08-10 11:41 - 2016-04-09 14:34 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2016-08-10 11:41 - 2016-04-09 13:09 - 00000000 ____D C:\Users\Luca Rauch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2016-08-10 11:41 - 2016-04-09 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskCryptor
2016-08-10 11:41 - 2016-04-09 13:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2016-08-10 11:41 - 2016-04-09 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2016-08-10 11:41 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2016-08-10 11:40 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-08-10 11:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-10 11:40 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-10 11:40 - 2016-04-10 11:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2016-08-10 11:40 - 2016-04-09 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT
2016-08-10 11:40 - 2016-04-09 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2016-08-10 11:40 - 2016-04-09 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-08-10 11:37 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-10 11:36 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-10 11:36 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-08-10 11:06 - 2016-04-09 12:39 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-10 10:58 - 2016-04-09 12:39 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-10 01:43 - 2016-04-09 12:51 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 01:39 - 2016-04-09 12:51 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-09 23:23 - 2016-04-09 16:34 - 00000046 _____ C:\WINDOWS\SysWOW64\DonationCoder_urlsnooper_InstallInfo.dat
2016-08-01 18:30 - 2016-04-09 15:09 - 00000000 ____D C:\Program Files\Rockstar Games
2016-08-01 18:30 - 2016-04-09 15:09 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-08-01 18:25 - 2016-04-10 10:09 - 00000978 _____ C:\Users\Luca Rauch\Desktop\GTA V.lnk
2016-07-30 22:51 - 2016-02-25 16:48 - 00000000 ____D C:\ProgramData\Downloaded Installations
2016-07-30 22:51 - 2016-02-25 16:48 - 00000000 _____ C:\Users\Luca Rauch\AppData\Local\Driver_LOM_8161Present.flag
2016-07-30 22:47 - 2016-04-09 12:37 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2016-07-28 13:37 - 2016-05-11 00:41 - 00118848 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdWT6.sys
2016-07-27 21:25 - 2016-04-09 12:53 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-02-25 16:48 - 2016-07-30 22:51 - 0000000 _____ () C:\Users\Luca Rauch\AppData\Local\Driver_LOM_8161Present.flag
2016-07-25 18:26 - 2016-07-25 18:26 - 0000001 _____ () C:\Users\Luca Rauch\AppData\Local\llftool.4.40.agreement
2016-07-30 14:50 - 2016-07-30 14:17 - 0000600 _____ () C:\Users\Luca Rauch\AppData\Local\PUTTY.RND
2016-04-09 23:57 - 2016-04-09 23:57 - 0005520 _____ () C:\Users\Luca Rauch\AppData\Local\recently-used.xbel
2016-08-10 11:36 - 2016-08-10 11:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-02 00:10 - 2016-08-02 00:10 - 0000016 _____ () C:\ProgramData\mntemp

Einige Dateien in TEMP:
====================
C:\Users\Luca Rauch\AppData\Local\Temp\cpuz165.exe
C:\Users\Luca Rauch\AppData\Local\Temp\libeay32.dll
C:\Users\Luca Rauch\AppData\Local\Temp\msvcr120.dll
C:\Users\Luca Rauch\AppData\Local\Temp\pi.exe
C:\Users\Luca Rauch\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-08-20 11:52

==================== Ende von FRST.txt ============================

Deathkid535 · 26.08.2016, 16:09

Hi,

Schritt # 1: ESET

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt # 2: Frage

Gibts noch Probleme?

Schritt # 3: Bitte Posten

Das Log von ESET
Die Antwort auf meine Frage

moreply · 27.08.2016, 09:00

Hey,

An sich verhält sich das System normal und ESET hat jetzt auch nichts weiteres gefunden

.

Hier noch der log

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b69d209733dd0146a1b295786dbff07e
# end=init
# utc_time=2016-08-27 05:08:01
# local_time=2016-08-27 07:08:01 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 30556
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b69d209733dd0146a1b295786dbff07e
# end=updated
# utc_time=2016-08-27 05:10:24
# local_time=2016-08-27 07:10:24 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=b69d209733dd0146a1b295786dbff07e
# engine=30556
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-08-27 06:04:36
# local_time=2016-08-27 08:04:36 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1309 16777213 100 100 3522 36500128 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 801594 5731200 0 0
# scanned=246001
# found=0
# cleaned=0
# scan_time=3252

Danke nochmal für deine Hilfe

Deathkid535 · 29.08.2016, 07:45

Hi,

Dann wären wir hier durch. Deine Logs sind sauber

Falls du deine Passwörter nicht regelmäßig änderst - jetzt ist der Zeitpunkt dafür!

Schritt # 1: Entfernen unserer Tools

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Abschließend noch ein paar Tipps von mir:

Schritt # 2: Empfohlene Software

Habe immer ein aktuelles Antivirenprogramm deiner Wahl installiert und aktiviere die automatischen Updates (standardmäßig eingeschaltet).

Ich empfehle:

Emsisoft Anti-Malware. (-25% für TB-Mitglieder)
Microsoft Security Essentials (Ab Windows 8 Microsoft Defender)

Verwende nach Möglichkeit nicht den Internet Explorer, da dieser viele Sicherheitslücken enthält. Achte aber darauf, dass er immer up to date bleibt, weil viele Programme diesen zum Anzeigen von Websites benutzen.

Alternativ kannst du verwenden:

Dazu sind folgende Add-ons empfehlenswert:

uBlock Origin (Chrome) --> Blockiert Werbung. Werbung kann sehr nervig sein, aber auch auf schädliche Links verweisen. uBlock ist effizienter als der Konkurrent AdblockPlus.

Ghostery --> Blockiert Tracker und Cookies, welche dich im Internet nachverfolgen können. Stelle jedoch bei der Installation sicher, dass du Ghostrank nicht zustimmst.

Du kannst auch

Malwarebytes Anti-Exploit verwenden, um aktuelle Sicherheitslücken zu stopfen.

Halte immer deine Plug-ins und Software aktuell, vor allem:

Deinen Browser
Flash Player
Java
PDF Reader

Du kannst diese komfortabel regelmäßig hiermit überprüfen:

PluginCheck
Filehippo App Manager

Schritt # 3: Tipps um eine Neuinfektion zu vermeiden

Downloade nach Möglichkeit immer direkt von der Herstellerseite oder alternativ von einem sauberen Download-Portal wie FilePony.de. Von Downloadern wie die von Chip, Softonic und Sourceforge raten wir ab: CHIP-Installer - was ist das? - Anleitungen

Auch versuchen sich immer mehr Programme durch Installationsroutinen auf den PC "durchzumogeln". Das klappt ganz gut, weil viele Anwender sich diese nicht genau durchlesen und schnell durchklicken. Manchmal steht auch in den Lizenzvereinbarungen, dass ein Programm, was eigentlich als Freeware angepriesen wird, nur genutzt werden kann, wenn man sich bestimmte Toolbars oder andere Programme mitinstallieren lässt.
Da hilft es nur aufmerksam zu sein.

Ein Tool, welches dich dabei gut unterstützen kann, ist:

Unchecky. Dieses überwacht im Hintergrund Installationsprozesse und hakt automatisch nervige Adwarekomponenten wie Toolbars ab. Falls man etwas übersieht, warnt noch ein Pop-up, bevor man fortfahren kann.

Wir raten von jeglichen Optimizern, Cleanern, SpeedUps und Ähnlichem ab, da diese Softwareprodukte meist keinen Performancegewinn bringen. Du kannst jedoch regelmäßig deinen PC mit der windowsinternen Datenträgerbereinigung behandeln.

Überprüfe regelmäßig (mind. 1x pro Monat) deinen PC mit

Malwarebytes Anti-Malware und

ESET.

Falls du dir unsicher bist, ob ein Download wirklich sauber ist, kannst du immer https://www.virustotal.com/ zurate ziehen.

Schritt # 4: Unterstütze uns!

Wenn du uns mit einer kleinen Spende unterstützen möchtest, so kannst du dies hier tun: http://www.trojaner-board.de/79994-s...ndenkonto.html

Es reicht aber auch schon ein simples

hier, wenn du mit uns zufrieden warst.

unsere Facebook-Seite!

Bitte gib mir bescheid, wenn du das alles gelesen hast und alles klar ist, damit ich dieses Thema aus meinen Abos löschen kann.

moreply · 29.08.2016, 11:07

Alle Komponenten entfernt alles läuft DANKE!

Die meisten Sicherheits tipps kannte ich schon nur leider helfen die nicht viel wenn man trotzdem auf installieren klickt war halt meine eigene Schuld

:

Aber Super kompetente Hilfe danke dir!

Deathkid535 · 29.08.2016, 15:14

Gerne

29.08.2016, 15:14	#11
Deathkid535 /// Malwareteam	System Clean? Malwarebytes erkennt 2 Schadhafte Dateien laut Kaspersky ist das System Sicher Gerne __________________ mfg, Dennis Lob, Kritik oder Wünsche Unterstütze uns mit einer kleinen Spende

System Clean? Malwarebytes erkennt 2 Schadhafte Dateien laut Kaspersky ist das System Sicher

Plagegeister aller Art und deren Bekämpfung: System Clean? Malwarebytes erkennt 2 Schadhafte Dateien laut Kaspersky ist das System Sicher