| |
| |||||||
Log-Analyse und Auswertung: WIN10 DNS Keeper lässt sich nicht entfernen/Verdacht auf andere MalwareWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
06.09.2015, 13:42
| #1 |
| |  WIN10 DNS Keeper lässt sich nicht entfernen/Verdacht auf andere Malware Hallo, zu Anfang erstmal ein paar Infos zu meinem System: WIN 10 Home x64 (Upgrade von WIN 8.1 Home x64) Intel Xeon E3-1231v3 16GB RAM AMD R9 290X 4GB 2 SSDs + 1 HDD Internet per Gigabit-LAN (WLAN möglich) Router FritzBox 7272 So, nun zu meinem Problem, ich habe mir vor ein paar Tagen wohl einen Trojaner eingefangen, laut Avira Trojan.Dropper.VBxxxxxx (Nummer nicht genau bekannt). Dieser hat wohl meinen CCleaner entführt, dies habe ich zu spät bemerkt und nach einem Klick ins CCleaner-Fenster öffneten sich ca. 20 cmd-Fenster, welche sich sofort wieder schlossen. Danach hatte ich in Chrome auf einmal diese tollen DNS Keeper Ad-Links. Den Trojaner habe ich (hoffentlich) erfolgreich beseitigt, aber am DNS Keeper beiße ich mir seit knapp 12 Stunden die Zähne aus, er taucht weder in der Systemsteuerung unter installierten Programmen auf, noch im Chrome oder Firefox als Addon, dubiose *.exe-Dateien finde ich auch keine und die Registry sieht auch sauber aus. Die FRST-Logs sehen für mich eigentlich auch OK aus, selbige füge ich natürlich an. GMER will leider überhaupt nicht bei mir, beim Start kommt die Fehlermeldung: "C:\WINDOWS\system32\config\system: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.". Wenn ich dann laut eurer Anleitung die Haken entferne und auf Scan klicke, bekomme ich einen tollen Bluescreen mit dem Fehler: Attempted_to_Write_on_Readonly_Memory - win32k.sys. Ich hoffe damit könnt ihr schon mal was anfangen und bedanke mich im Vorraus für die Hilfe, die Logs muss ich leider separat posten, zu viele Zeichen. So hier die jeweiligen Logs ohne Addition.txt (zu lang...): Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 13:47 on 06/09/2015 (Timo)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:04-09-2015
durchgeführt von Timo (Administrator) auf KAMINSKI-GAMING (06-09-2015 14:02:05)
Gestartet von F:\Download
Geladene Profile: Timo (Verfügbare Profile: Timo & .NET v4.5 & DefaultAppPool & .NET v4.5 Classic)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Mr. John aka japamd) C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) I:\Program Files\VMware\VMware Player\vmware-authd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Valve Corporation) G:\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) G:\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\nacl64.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sysinternals - www.sysinternals.com) C:\Windows\System32\procexp.exe
(Sysinternals - www.sysinternals.com) C:\Users\Timo\AppData\Local\Temp\procexp64.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1508.17010.0_x64__8wekyb3d8bbwe\CompanionApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\ProgramData\Avira\Launcher\Temp\avira_antivirus_de-de.exe
(Avira Operations GmbH & Co. KG) C:\Windows\Temp\RarSFX0\presetup.exe
(Avira Operations GmbH & Co. KG) C:\Windows\Temp\RarSFX0\setup.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\update.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (Der Dateneintrag hat 36 mehr Zeichen).
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <===== ACHTUNG
HKU\S-1-5-21-1138910457-3556438696-3793022017-1001\...\Run: [Steam] => G:\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-1138910457-3556438696-3793022017-1001\...\Run: [GoogleChromeAutoLaunch_AD54CFC87F4151BEE93C17CC93ABA7D3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-08-28] (Google Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Timo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Timo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Timo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Timo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Timo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Timo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Timo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Timo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei
Startup: C:\Users\Timo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-03]
ShortcutTarget: Dropbox.lnk -> C:\Users\Timo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{babc3a38-cb19-4844-ae38-45cddf7ad71c}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{d67626b9-a875-4c94-907c-aa5a87a8eef1}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
HKU\S-1-5-21-1138910457-3556438696-3793022017-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1138910457-3556438696-3793022017-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.hyrican.de
HKU\S-1-5-21-1138910457-3556438696-3793022017-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Timo\AppData\Roaming\Mozilla\Firefox\Profiles\mkufmqa3.default
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF NewTab: about:newtab
FF SelectedSearchEngine: Google (avast)
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2013-09-04] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-08-05] (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1138910457-3556438696-3793022017-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-07-10] ()
FF SearchPlugin: C:\Users\Timo\AppData\Roaming\Mozilla\Firefox\Profiles\mkufmqa3.default\searchplugins\google-avast.xml [2015-09-02]
FF Extension: Avira Browser Safety - C:\Users\Timo\AppData\Roaming\Mozilla\Firefox\Profiles\mkufmqa3.default\Extensions\abs@avira.com [2015-09-06]
FF Extension: NoScript - C:\Users\Timo\AppData\Roaming\Mozilla\Firefox\Profiles\mkufmqa3.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-08-21]
FF Extension: Adblock Plus - C:\Users\Timo\AppData\Roaming\Mozilla\Firefox\Profiles\mkufmqa3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-08-21]
StartMenuInternet: FIREFOX.EXE - I:\Program Files (x86)\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR DefaultSearchURL: Default -> "url":"{google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}{google:contextualSearchVersion}ie={inputEncoding}"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Web Store) - ", Keine Datei
CHR Profile: C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-20]
CHR Extension: (TooManyTabs for Chrome) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2015-09-01]
CHR Extension: (Google Docs) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-20]
CHR Extension: (Google Drive) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-20]
CHR Extension: (Please enter your password) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2015-09-01]
CHR Extension: (YouTube) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-20]
CHR Extension: (Bypass \) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceoahfhinjgldgpfkjmjghpaidolbeag [2015-09-01]
CHR Extension: (Adblock Plus) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-01]
CHR Extension: (Google Search) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-20]
CHR Extension: (Tampermonkey) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-09-01]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2015-09-01]
CHR Extension: (Google Play Music) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-09-01]
CHR Extension: (Google Sheets) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-20]
CHR Extension: (FoxyProxy Standard) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp [2015-09-01]
CHR Extension: (Google Docs Offline) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-20]
CHR Extension: (Gmail) - C:\Users\Timo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-20]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-07-22] (Adobe Systems Incorporated)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-06-22] (Advanced Micro Devices) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1277680 2015-03-31] (Disc Soft Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 Origin Client Service; I:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-07-25] (Electronic Arts)
R2 RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [20608 2013-11-04] (Mr. John aka japamd) [Datei ist nicht signiert]
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
R2 VMAuthdService; I:\Program Files\VMware\VMware Player\vmware-authd.exe [87744 2015-05-31] (VMware, Inc.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-04] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S4 UPDATESRV; "C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe" /service [X]
S4 VSSERV; "C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe" /service [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [306424 2015-08-09] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
R1 dfmirage; C:\Windows\system32\DRIVERS\dfmirage.sys [36432 2008-03-05] (DemoForge, LLC)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30352 2015-04-06] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] ()
R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2015-06-18] (Malwarebytes Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NdisImPlatformMp; C:\Windows\System32\drivers\NdisImPlatform.sys [129024 2015-07-10] (Microsoft Corporation)
S3 netr28x; C:\Windows\System32\drivers\netr28x.sys [2512016 2015-07-10] (MediaTek Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
S4 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-08-10] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [146072 2015-08-10] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [125008 2015-08-10] (Oracle Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-05-21] (VMware, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-06 14:02 - 2015-08-06 20:58 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-09-06 14:02 - 2015-08-06 20:58 - 00137288 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-09-06 14:02 - 2015-08-06 20:58 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-09-06 14:02 - 2015-08-06 20:58 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-09-06 13:47 - 2015-09-06 13:47 - 00000156 _____ C:\Users\Timo\defogger_reenable
2015-09-06 13:44 - 2015-09-06 13:50 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-06 13:44 - 2015-09-06 13:44 - 00233169 _____ C:\ProgramData\1441536258.bdinstall.bin
2015-09-06 13:42 - 2015-09-06 13:42 - 00016148 _____ C:\WINDOWS\system32\KAMINSKI-GAMING_Timo_HistoryPrediction.bin
2015-09-06 10:07 - 2015-09-06 14:02 - 00000000 ____D C:\FRST
2015-09-06 09:53 - 2015-09-06 10:06 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-06 09:32 - 2015-09-06 09:52 - 00000000 ____D C:\Users\Timo\Desktop\mbar
2015-09-06 09:16 - 2015-09-06 10:29 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-09-06 09:16 - 2015-09-06 09:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2015-09-06 09:16 - 2015-09-06 09:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-09-06 09:01 - 2015-09-06 09:01 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml
2015-09-06 09:01 - 2015-09-06 09:01 - 00000385 _____ C:\Users\Timo\AppData\Roaminguser_gensett.xml
2015-09-06 09:01 - 2015-09-06 09:01 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-09-06 09:00 - 2015-09-06 09:01 - 00000299 _____ C:\WINDOWS\setupact.log
2015-09-06 09:00 - 2015-09-06 09:00 - 00000000 ____D C:\ProgramData\BDLogging
2015-09-06 09:00 - 2015-09-06 09:00 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-09-06 09:00 - 2015-05-29 09:50 - 00271272 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys
2015-09-06 09:00 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2015-09-06 09:00 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll
2015-09-06 08:57 - 2015-09-06 13:43 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-09-06 08:57 - 2015-09-06 08:57 - 00000000 ____D C:\Users\Timo\AppData\Roaming\QuickScan
2015-09-06 08:57 - 2015-09-06 08:57 - 00000000 ____D C:\Program Files\Bitdefender
2015-09-06 08:16 - 2015-06-11 06:15 - 00050512 _____ C:\WINDOWS\system32\autoruns.chm
2015-09-06 08:16 - 2015-05-25 04:40 - 00593048 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\autorunsc.exe
2015-09-06 08:16 - 2015-05-25 04:39 - 00680600 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Autoruns.exe
2015-09-06 07:34 - 2015-09-06 07:34 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-09-06 04:35 - 2015-09-06 13:50 - 00001294 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-09-06 04:34 - 2015-09-06 14:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-06 04:34 - 2015-09-06 14:02 - 00000000 ____D C:\ProgramData\Avira
2015-09-06 04:34 - 2015-09-06 14:02 - 00000000 ____D C:\Program Files (x86)\Avira
2015-09-06 04:23 - 2015-09-06 04:23 - 00000000 ____D C:\Users\Timo\AppData\Local\MFAData
2015-09-06 04:23 - 2015-09-06 04:23 - 00000000 ____D C:\Users\Timo\AppData\Local\Avg2015
2015-09-06 04:05 - 2015-09-06 09:43 - 00287540 _____ C:\WINDOWS\PFRO.log
2015-09-06 04:05 - 2015-09-06 04:05 - 04905968 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-06 03:56 - 2015-09-06 03:56 - 00002155 _____ C:\Users\Timo\Desktop\VirusTotal Uploader 2.2.lnk
2015-09-06 03:56 - 2015-09-06 03:56 - 00000000 ____D C:\Users\Timo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirusTotal Uploader 2.2
2015-09-06 03:56 - 2015-09-06 03:56 - 00000000 ____D C:\Program Files (x86)\VirusTotalUploader2
2015-09-06 03:44 - 2015-09-06 07:56 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2015-09-06 03:34 - 2015-07-10 12:59 - 01238584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2015-09-06 03:34 - 2015-05-11 13:56 - 02508432 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\procexp.exe
2015-09-06 03:14 - 2015-09-06 03:14 - 00001348 _____ C:\Users\Timo\Desktop\Revo Uninstaller.lnk
2015-09-06 03:14 - 2015-09-06 03:14 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-09-06 03:12 - 2015-09-06 10:07 - 00001826 _____ C:\Users\Timo\Desktop\sc-cleaner.txt
2015-09-06 03:07 - 2015-09-06 03:07 - 00002723 _____ C:\Users\Timo\Desktop\JRT.txt
2015-09-06 02:59 - 2015-09-06 03:00 - 00000080 _____ C:\Users\Public\Desktop\SimCityT.lnk
2015-09-06 02:51 - 2015-09-06 02:59 - 00001376 _____ C:\WINDOWS\SysWOW64\enc.dat
2015-09-06 02:48 - 2015-09-06 02:48 - 00357753 _____ C:\WINDOWS\SysWOW64\tubekey.dat
2015-09-06 02:45 - 2015-09-06 10:24 - 00000000 ____D C:\AdwCleaner
2015-09-06 02:44 - 2015-09-06 12:27 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-06 02:43 - 2015-09-06 03:00 - 00001176 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-06 02:43 - 2015-09-06 02:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-09-06 02:43 - 2015-09-06 02:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-06 02:43 - 2015-09-06 02:43 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-09-06 02:43 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-09-06 02:43 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-06 02:43 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-09-05 13:38 - 2015-09-05 13:39 - 00000168 _____ C:\WINDOWS\SysWOW64\none
2015-09-05 00:08 - 2015-09-06 02:59 - 00001178 _____ C:\Users\Timo\Desktop\Total War Attila.lnk
2015-09-04 12:33 - 2015-09-04 12:33 - 00000000 ____D C:\Users\Timo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-02 18:10 - 2015-09-06 03:00 - 00000908 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-09-02 18:10 - 2015-09-02 18:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-09-02 18:09 - 2015-09-02 18:10 - 00000000 ____D C:\Program Files\CCleaner
2015-09-01 22:25 - 2015-09-06 08:18 - 00000000 ____D C:\Program Files\Common Files\gdpp3pra
2015-09-01 21:32 - 2015-09-01 21:32 - 00032256 _____ C:\WINDOWS\SysWOW64\instsrv.exe
2015-09-01 21:32 - 2015-09-01 21:32 - 00000000 _____ C:\WINDOWS\SysWOW64\64.dat
2015-09-01 21:31 - 2015-09-01 21:31 - 00044032 _____ (NirSoft) C:\WINDOWS\SysWOW64\nircmd.exe
2015-09-01 21:31 - 2015-09-01 21:31 - 00000000 ____D C:\WINDOWS\SysWOW64\shared
2015-09-01 21:31 - 2015-09-01 21:31 - 00000000 ____D C:\WINDOWS\SysWOW64\64
2015-09-01 21:25 - 2015-09-02 18:51 - 00000000 ____D C:\Program Files (x86)\03D40274-1441135521-05D1-E106-570700080009
2015-09-01 21:25 - 2015-09-01 21:31 - 00000000 ____D C:\Users\Timo\AppData\Roaming\Opera Software
2015-09-01 21:25 - 2015-09-01 21:31 - 00000000 ____D C:\Users\Timo\AppData\Local\Opera Software
2015-09-01 21:25 - 2015-09-01 21:31 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-01 21:25 - 2015-09-01 21:25 - 02165103 _____ C:\Users\Timo\Desktop\Odin3_v3.10.6.zip
2015-09-01 21:07 - 2015-09-01 21:07 - 00000000 ____D C:\Program Files\SAMSUNG
2015-09-01 21:07 - 2014-12-03 04:01 - 00206104 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2015-09-01 21:07 - 2014-12-03 04:01 - 00110488 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2015-09-01 19:19 - 2015-09-01 20:59 - 00000000 ____D C:\Users\Timo\AppData\Roaming\Samsung
2015-09-01 19:19 - 2015-09-01 20:59 - 00000000 ____D C:\Users\Timo\AppData\Local\Samsung
2015-09-01 19:18 - 2015-09-01 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
2015-09-01 19:17 - 2013-12-30 10:53 - 04659712 _____ (Dmitry Streblechenko) C:\WINDOWS\SysWOW64\Redemption.dll
2015-09-01 19:17 - 2013-12-30 10:53 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2015-09-01 19:16 - 2015-09-01 21:08 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-09-01 19:16 - 2015-09-01 20:59 - 00000000 ____D C:\ProgramData\Samsung
2015-09-01 19:14 - 2015-09-01 19:14 - 00000000 ____D C:\Users\Timo\AppData\Local\Downloaded Installations
2015-08-30 00:04 - 2015-08-30 00:04 - 00003670 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-avalon7791_8@hotmail.de
2015-08-29 23:56 - 2015-09-05 19:27 - 00000000 __RHD C:\Users\Timo\Creative Cloud Files
2015-08-29 23:51 - 2015-09-06 03:00 - 00001297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-08-29 23:51 - 2015-09-06 03:00 - 00001291 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-08-29 23:38 - 2015-08-30 00:04 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-08-29 23:37 - 2015-09-06 03:00 - 00000982 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.lnk
2015-08-29 23:36 - 2015-08-29 23:36 - 00000000 ____D C:\Program Files\Adobe
2015-08-29 23:35 - 2015-08-29 23:37 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-08-29 23:12 - 2015-09-06 03:00 - 00000558 _____ C:\Users\Public\Desktop\Fraps.lnk
2015-08-29 23:12 - 2015-09-06 02:59 - 00000874 _____ C:\Users\Timo\Desktop\Dxtory.lnk
2015-08-29 23:12 - 2015-08-29 23:17 - 00000000 ____D C:\Users\Timo\AppData\Local\Dxtory Software
2015-08-29 23:12 - 2015-08-29 23:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-08-29 23:12 - 2015-08-29 23:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0
2015-08-29 23:12 - 2014-06-08 22:14 - 02610736 _____ (ExKode Co. Ltd.) C:\WINDOWS\system32\DxtoryCodec.dll
2015-08-29 23:12 - 2014-06-08 22:14 - 02508336 _____ (ExKode Co. Ltd.) C:\WINDOWS\SysWOW64\DxtoryCodec.dll
2015-08-29 23:09 - 2015-09-06 02:59 - 00001015 _____ C:\Users\Timo\Desktop\Open Broadcaster Software.lnk
2015-08-29 23:09 - 2015-08-29 23:09 - 00000000 ____D C:\Users\Timo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2015-08-29 23:09 - 2015-08-29 23:09 - 00000000 ____D C:\Program Files\OBS
2015-08-29 23:09 - 2015-08-29 23:09 - 00000000 ____D C:\Program Files (x86)\OBS
2015-08-29 18:40 - 2015-08-29 18:40 - 00000000 ____D C:\ProgramData\ATI
2015-08-29 18:36 - 2015-08-29 18:36 - 00053787 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508291836477732.log
2015-08-29 18:36 - 2015-08-29 18:36 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-08-29 18:36 - 2015-08-29 18:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-08-29 18:29 - 2015-09-02 18:12 - 00000000 ____D C:\WINDOWS\Minidump
2015-08-29 18:25 - 2015-08-29 18:25 - 00061373 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508291825263522.log
2015-08-29 10:15 - 2015-07-14 22:58 - 00000095 _____ C:\Users\Timo\Desktop\startup.rphs
2015-08-29 10:05 - 2015-09-06 02:59 - 00000885 _____ C:\Users\Timo\Desktop\Grand Theft Auto V - LNGmod.lnk
2015-08-29 10:05 - 2015-09-06 02:59 - 00000881 _____ C:\Users\Timo\Desktop\Grand Theft Auto V.lnk
2015-08-29 10:05 - 2015-09-06 02:59 - 00000877 _____ C:\Users\Timo\Desktop\Grand Theft Auto V - IDmod.lnk
2015-08-29 10:05 - 2015-08-29 10:10 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2015-08-29 10:05 - 2015-08-29 10:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2015-08-29 09:25 - 2015-09-06 03:00 - 00002041 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk
2015-08-29 09:24 - 2015-08-29 09:25 - 00000000 ____D C:\Program Files (x86)\Grand Theft Auto V
2015-08-29 08:14 - 2015-08-29 08:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LCPD First Response
2015-08-28 21:27 - 2015-08-20 08:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-28 21:27 - 2015-08-20 08:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-28 21:27 - 2015-08-20 08:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-28 21:27 - 2015-08-20 07:57 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-28 21:27 - 2015-08-20 07:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-28 21:27 - 2015-08-20 07:21 - 21875200 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-08-28 21:27 - 2015-08-20 07:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-28 21:27 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-28 21:27 - 2015-08-20 07:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-28 21:27 - 2015-08-20 06:31 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-08-28 21:27 - 2015-08-18 09:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-28 21:27 - 2015-08-18 09:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-08-28 21:27 - 2015-08-18 09:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-28 21:27 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-28 21:27 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-28 21:27 - 2015-08-18 09:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-08-28 21:27 - 2015-08-18 09:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2015-08-28 21:27 - 2015-08-18 09:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-28 21:27 - 2015-08-18 09:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-08-28 21:27 - 2015-08-18 09:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2015-08-28 21:27 - 2015-08-18 09:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-28 21:27 - 2015-08-18 08:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2015-08-28 21:27 - 2015-08-18 08:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2015-08-28 21:27 - 2015-08-18 08:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-08-28 21:27 - 2015-08-18 08:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2015-08-28 21:27 - 2015-08-18 08:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2015-08-28 21:27 - 2015-08-18 08:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
2015-08-28 21:27 - 2015-08-18 08:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2015-08-28 21:27 - 2015-08-18 08:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2015-08-28 21:27 - 2015-08-18 08:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-28 21:27 - 2015-08-18 08:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2015-08-28 21:27 - 2015-08-18 08:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-28 21:27 - 2015-08-18 08:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-28 21:27 - 2015-08-18 08:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-28 21:27 - 2015-08-18 08:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-28 21:27 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2015-08-28 21:27 - 2015-08-18 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2015-08-28 21:27 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2015-08-28 21:27 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2015-08-28 21:27 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2015-08-28 21:27 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2015-08-28 21:27 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-28 21:27 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2015-08-28 21:27 - 2015-08-18 06:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
2015-08-28 01:45 - 2015-08-28 12:30 - 00000000 ____D C:\ProgramData\Socialclub
2015-08-27 14:29 - 2015-08-28 02:24 - 00002558 _____ C:\Users\Timo\Desktop\steam_api.ini
2015-08-27 14:29 - 2015-05-08 12:31 - 01605636 _____ C:\Users\Timo\Desktop\steam_api64.dll
2015-08-27 14:29 - 2015-05-08 12:31 - 00336384 _____ C:\Users\Timo\Desktop\steam_api_ext64.dll
2015-08-25 21:41 - 2015-08-25 21:41 - 00062253 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508252141399342.log
2015-08-25 21:41 - 2015-08-25 21:41 - 00052907 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508252141118977.log
2015-08-25 21:40 - 2015-08-25 21:40 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI
2015-08-25 21:40 - 2015-08-25 21:40 - 00000000 ____D C:\Users\Default\AppData\Local\ATI
2015-08-25 21:40 - 2015-08-25 21:40 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2015-08-25 21:40 - 2015-08-25 21:40 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI
2015-08-25 20:50 - 2015-08-25 20:50 - 00053787 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508252050013746.log
2015-08-25 20:49 - 2015-08-25 20:49 - 00066915 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508252049131176.log
2015-08-25 20:47 - 2015-08-13 06:33 - 24593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-25 20:47 - 2015-08-13 06:22 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-08-25 20:47 - 2015-08-13 06:20 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-08-25 20:47 - 2015-08-13 06:07 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-25 20:47 - 2015-08-13 05:53 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-08-25 20:47 - 2015-08-11 12:04 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-08-25 20:47 - 2015-08-11 12:04 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-08-25 20:47 - 2015-08-11 12:04 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-08-25 20:47 - 2015-08-11 12:03 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2015-08-25 20:47 - 2015-08-11 12:02 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-08-25 20:47 - 2015-08-11 12:02 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-08-25 20:47 - 2015-08-11 12:02 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2015-08-25 20:47 - 2015-08-11 11:57 - 03622256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-25 20:47 - 2015-08-11 11:52 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-08-25 20:47 - 2015-08-11 11:50 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-08-25 20:47 - 2015-08-11 11:40 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-08-25 20:47 - 2015-08-11 11:40 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-08-25 20:47 - 2015-08-11 11:40 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-08-25 20:47 - 2015-08-11 11:38 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-08-25 20:47 - 2015-08-11 11:37 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-08-25 20:47 - 2015-08-11 11:31 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-25 20:47 - 2015-08-11 11:26 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-08-25 20:47 - 2015-08-11 11:23 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-25 20:47 - 2015-08-11 11:21 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-08-25 20:47 - 2015-08-11 11:21 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-08-25 20:47 - 2015-08-11 11:20 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-08-25 20:47 - 2015-08-11 11:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-08-25 20:47 - 2015-08-11 11:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-08-25 20:47 - 2015-08-11 11:16 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-08-25 20:47 - 2015-08-11 11:14 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-08-25 20:47 - 2015-08-11 11:13 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-08-25 20:47 - 2015-08-11 11:11 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-08-25 20:47 - 2015-08-11 11:11 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-08-25 20:47 - 2015-08-11 11:10 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-08-25 20:47 - 2015-08-11 11:10 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-25 20:47 - 2015-08-11 11:10 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-08-25 20:47 - 2015-08-11 11:09 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2015-08-25 20:47 - 2015-08-11 11:08 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2015-08-25 20:47 - 2015-08-11 11:08 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-08-25 20:47 - 2015-08-11 11:07 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-08-25 20:47 - 2015-08-11 11:07 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-08-25 20:47 - 2015-08-11 11:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2015-08-25 20:47 - 2015-08-11 11:06 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-08-25 20:47 - 2015-08-11 11:06 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-08-25 20:47 - 2015-08-11 11:05 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-08-25 20:47 - 2015-08-11 11:05 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-08-25 20:47 - 2015-08-11 11:05 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-08-25 20:47 - 2015-08-11 11:05 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-08-25 20:47 - 2015-08-11 11:05 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll
2015-08-25 20:47 - 2015-08-11 11:05 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2015-08-25 20:47 - 2015-08-11 11:03 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-08-25 20:47 - 2015-08-11 11:02 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-08-25 20:47 - 2015-08-11 11:02 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-08-25 20:47 - 2015-08-11 11:02 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-08-25 20:47 - 2015-08-11 11:01 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-08-25 20:47 - 2015-08-11 11:00 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-08-25 20:47 - 2015-08-11 11:00 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-08-25 20:47 - 2015-08-11 10:59 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-25 20:47 - 2015-08-11 10:59 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-08-25 20:47 - 2015-08-11 10:59 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-08-25 20:47 - 2015-08-11 10:59 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2015-08-25 20:47 - 2015-08-11 10:58 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-08-25 20:47 - 2015-08-11 10:57 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-25 20:47 - 2015-08-11 10:57 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-08-25 20:47 - 2015-08-11 10:51 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-08-25 20:47 - 2015-08-11 10:51 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-08-25 20:47 - 2015-08-11 10:50 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-08-25 20:47 - 2015-08-11 10:50 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-08-25 20:47 - 2015-08-11 10:50 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-08-25 20:47 - 2015-08-11 10:49 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-25 20:47 - 2015-08-11 10:49 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-25 20:47 - 2015-08-11 10:48 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2015-08-25 20:47 - 2015-08-11 10:47 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-08-25 20:47 - 2015-08-11 10:45 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-08-25 20:47 - 2015-08-11 10:43 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-08-25 20:47 - 2015-08-11 10:42 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-08-25 20:47 - 2015-08-11 10:40 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-08-25 20:47 - 2015-08-11 10:40 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-08-25 20:47 - 2015-08-11 10:39 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-08-25 20:47 - 2015-08-11 10:38 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-08-25 16:22 - 2015-09-06 03:45 - 00003654 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2015-08-25 00:05 - 2015-09-06 03:00 - 00000959 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2015-08-25 00:05 - 2015-08-25 00:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-08-25 00:05 - 2015-08-25 00:05 - 00000000 ____D C:\Program Files\CPUID
2015-08-24 09:27 - 2015-09-06 03:00 - 00001140 _____ C:\Users\Public\Desktop\DivX Player.lnk
2015-08-24 08:07 - 2015-08-24 09:23 - 00000000 ____D C:\Users\Timo\AppData\Local\VMware
2015-08-23 13:34 - 2015-08-24 08:26 - 00000000 ____D C:\Users\Timo\AppData\Roaming\VMware
2015-08-23 13:34 - 2015-05-31 07:59 - 00359104 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnetdhcp.exe
2015-08-23 13:34 - 2015-05-31 07:59 - 00066752 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmx86.sys
2015-08-23 13:34 - 2015-05-31 07:59 - 00026816 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vmnetuserif.sys
2015-08-23 13:34 - 2015-05-31 07:58 - 00438464 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vmnat.exe
2015-08-23 13:34 - 2015-05-31 07:58 - 00033472 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\VMkbd.sys
2015-08-23 13:34 - 2015-05-21 17:36 - 00076480 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\vsock.sys
2015-08-23 13:34 - 2015-05-21 17:35 - 00068288 _____ (VMware, Inc.) C:\WINDOWS\system32\vsocklib.dll
2015-08-23 13:34 - 2015-05-21 17:35 - 00064192 _____ (VMware, Inc.) C:\WINDOWS\SysWOW64\vsocklib.dll
2015-08-23 13:33 - 2015-09-06 10:27 - 00000000 ____D C:\ProgramData\VMware
2015-08-23 13:33 - 2015-09-06 03:00 - 00001905 _____ C:\Users\Public\Desktop\VMware Player.lnk
2015-08-23 13:33 - 2015-08-23 13:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
2015-08-23 13:33 - 2015-08-23 13:33 - 00000000 ____D C:\Program Files\Common Files\VMware
2015-08-23 13:33 - 2015-05-31 07:59 - 00931520 _____ (VMware, Inc.) C:\WINDOWS\system32\vnetlib64.dll
2015-08-23 13:33 - 2015-05-22 08:03 - 00055488 _____ (VMware, Inc.) C:\WINDOWS\system32\Drivers\hcmon.sys
2015-08-22 18:35 - 2015-08-22 18:35 - 00000000 ____D C:\WINDOWS\AVM_Driver
2015-08-22 18:35 - 2015-08-22 18:35 - 00000000 ____D C:\Users\Timo\AVM_Driver
2015-08-21 18:43 - 2015-08-21 18:43 - 00000000 ____D C:\Users\Timo\AppData\Local\Macromedia
2015-08-21 18:26 - 2015-09-06 03:00 - 00000906 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-21 18:26 - 2015-09-06 03:00 - 00000906 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-21 18:26 - 2015-09-06 02:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-21 18:26 - 2015-08-21 18:26 - 00000000 ____D C:\Users\Timo\AppData\Roaming\Mozilla
2015-08-21 18:26 - 2015-08-21 18:26 - 00000000 ____D C:\Users\Timo\AppData\Local\Mozilla
2015-08-21 18:26 - 2015-08-21 18:26 - 00000000 ____D C:\ProgramData\Mozilla
2015-08-12 17:48 - 2015-08-08 09:29 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-12 17:48 - 2015-08-08 09:19 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-08-12 17:48 - 2015-08-08 09:01 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-12 17:48 - 2015-08-08 08:48 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-08-12 17:48 - 2015-08-08 08:40 - 00365056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-12 17:48 - 2015-08-08 08:24 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-12 17:48 - 2015-08-08 08:24 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-12 17:48 - 2015-08-08 08:15 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-12 17:48 - 2015-08-08 08:00 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-12 17:48 - 2015-08-06 05:17 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-08-12 17:48 - 2015-08-06 05:17 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2015-08-12 17:48 - 2015-08-06 04:22 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2015-08-12 17:48 - 2015-08-05 06:49 - 00783112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-08-12 17:48 - 2015-08-05 06:29 - 00644128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-08-12 17:48 - 2015-08-05 06:00 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-08-12 17:48 - 2015-08-05 05:54 - 01274880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-08-12 17:48 - 2015-08-05 05:47 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-08-12 17:48 - 2015-08-05 05:39 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-08-12 17:48 - 2015-08-04 06:07 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-12 17:48 - 2015-08-04 06:06 - 00583128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-08-12 17:48 - 2015-08-04 05:23 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2015-08-12 17:48 - 2015-08-04 04:59 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-08-12 17:48 - 2015-08-04 04:47 - 00898560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-08-12 17:48 - 2015-08-03 04:32 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2015-08-12 17:48 - 2015-08-03 04:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-08-12 17:48 - 2015-08-03 04:19 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-08-12 17:48 - 2015-08-03 04:18 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-08-12 17:48 - 2015-08-03 04:18 - 01983840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-08-12 17:48 - 2015-08-03 04:18 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-08-12 17:48 - 2015-08-03 04:18 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2015-08-12 17:48 - 2015-08-03 04:17 - 00516960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-08-12 17:48 - 2015-08-03 04:17 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-08-12 17:48 - 2015-08-03 04:12 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-08-12 17:48 - 2015-08-03 03:56 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-08-12 17:48 - 2015-08-03 03:49 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-08-12 17:48 - 2015-08-03 03:22 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-08-12 17:48 - 2015-08-03 03:22 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-08-12 17:48 - 2015-08-03 03:22 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-08-12 17:48 - 2015-08-03 03:21 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2015-08-12 17:48 - 2015-08-03 03:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-12 17:48 - 2015-08-03 03:19 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-12 17:48 - 2015-08-03 03:18 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-12 17:48 - 2015-08-03 03:18 - 03780096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-08-12 17:48 - 2015-08-03 03:18 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-08-12 17:48 - 2015-08-03 03:18 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2015-08-12 17:48 - 2015-08-03 03:15 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-08-12 17:48 - 2015-08-03 03:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-08-12 17:48 - 2015-08-03 03:15 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2015-08-12 17:48 - 2015-08-03 03:14 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-08-12 17:48 - 2015-08-03 03:11 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2015-08-12 17:48 - 2015-08-03 03:10 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-08-12 17:48 - 2015-08-03 03:06 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-12 17:48 - 2015-08-03 03:03 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-08-12 17:48 - 2015-08-03 03:02 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-08-12 17:48 - 2015-08-03 03:01 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-12 17:48 - 2015-08-03 02:59 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-08-12 17:47 - 2015-08-04 06:06 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-08-12 17:47 - 2015-08-03 04:19 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-08-12 17:47 - 2015-08-03 03:31 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-08-12 17:47 - 2015-08-03 03:30 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-08-12 17:47 - 2015-08-03 03:24 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-08-12 17:47 - 2015-08-03 03:24 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-08-12 17:47 - 2015-08-03 03:24 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-08-12 17:47 - 2015-08-03 03:23 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-08-12 17:47 - 2015-08-03 03:15 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-08-12 17:47 - 2015-08-03 03:15 - 00384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-08-12 17:47 - 2015-08-03 03:12 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-08-12 17:47 - 2015-08-03 03:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-08-12 17:47 - 2015-08-03 03:02 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-08-12 14:02 - 2015-08-12 14:02 - 00000199 _____ C:\Users\Timo\Desktop\Left 4 Dead 2.url
2015-08-10 23:48 - 2015-08-29 18:33 - 00000000 ___RD C:\Users\Timo\3D Objects
2015-08-10 18:46 - 2015-08-10 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-08-10 18:46 - 2015-08-10 05:15 - 00960808 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys
2015-08-10 18:46 - 2015-08-10 05:15 - 00138904 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys
2015-08-10 16:55 - 2015-08-10 16:55 - 00000000 ___HD C:\$Windows.~WS
2015-08-10 05:15 - 2015-08-10 05:15 - 00146072 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetLwf.sys
2015-08-10 05:15 - 2015-08-10 05:15 - 00125008 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSB.sys
2015-08-10 05:15 - 2015-08-10 05:15 - 00117768 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetAdp6.sys
2015-08-10 02:47 - 2015-09-06 02:59 - 00001165 _____ C:\Users\Timo\Desktop\Cheat Engine.lnk
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3
2015-08-10 02:47 - 2015-08-10 02:47 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.3
2015-08-09 07:13 - 2015-08-09 07:13 - 09191344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2015-08-09 07:13 - 2015-08-09 07:13 - 08867048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2015-08-09 07:13 - 2015-08-09 07:13 - 07575696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2015-08-09 07:13 - 2015-08-09 07:13 - 07484112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2015-08-09 07:13 - 2015-08-09 07:13 - 00471352 _____ C:\WINDOWS\system32\amdmiracast.dll
2015-08-09 07:13 - 2015-08-09 07:13 - 00151968 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2015-08-09 07:13 - 2015-08-09 07:13 - 00138416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2015-08-09 07:13 - 2015-08-09 07:13 - 00130104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2015-08-09 07:13 - 2015-08-09 07:13 - 00119160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2015-08-09 07:13 - 2015-08-09 07:13 - 00112400 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2015-08-09 07:13 - 2015-08-09 07:13 - 00110352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2015-08-09 07:13 - 2015-08-09 07:13 - 00089560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2015-08-09 07:13 - 2015-08-09 07:13 - 00088032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2015-08-09 07:13 - 2015-08-09 07:13 - 00081200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2015-08-09 07:13 - 2015-08-09 07:13 - 00081200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 47795720 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 39723024 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 30762496 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 27544600 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 25308696 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 22327320 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 15725592 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 14310936 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 06486032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 05077016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 01256472 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 01196072 _____ C:\WINDOWS\system32\amdocl_as64.exe
2015-08-09 07:10 - 2015-08-09 07:10 - 01070632 _____ C:\WINDOWS\system32\amdocl_ld64.exe
2015-08-09 07:10 - 2015-08-09 07:10 - 01004072 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe
2015-08-09 07:10 - 2015-08-09 07:10 - 00935448 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00935448 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00807464 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2015-08-09 07:10 - 2015-08-09 07:10 - 00681496 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-08-09 07:10 - 2015-08-09 07:10 - 00451096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00375832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-08-09 07:10 - 2015-08-09 07:10 - 00341528 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2015-08-09 07:10 - 2015-08-09 07:10 - 00306424 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdacpksd.sys
2015-08-09 07:10 - 2015-08-09 07:10 - 00255512 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-08-09 07:10 - 2015-08-09 07:10 - 00243736 _____ C:\WINDOWS\system32\clinfo.exe
2015-08-09 07:10 - 2015-08-09 07:10 - 00213520 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00199704 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00198680 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00168984 _____ C:\WINDOWS\system32\atieah64.exe
2015-08-09 07:10 - 2015-08-09 07:10 - 00165400 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00152592 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2015-08-09 07:10 - 2015-08-09 07:10 - 00150552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00143376 _____ C:\WINDOWS\system32\amdhdl64.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00136216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00132120 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00122392 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00111640 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00111128 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00102424 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00097816 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00096776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00089624 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00083992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00078360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00078360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00073752 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00071192 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00068120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00064536 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00060952 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00059928 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2015-08-09 07:10 - 2015-08-09 07:10 - 00059416 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00057880 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00052248 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00048144 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00038424 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00012824 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2015-08-09 07:10 - 2015-08-09 07:10 - 00012816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2015-08-09 04:55 - 2015-08-09 04:55 - 00000000 ____D C:\Users\Timo\AppData\Roaming\AC3Filter
2015-08-08 16:05 - 2015-08-08 16:05 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2015-08-08 16:05 - 2015-08-08 16:05 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2015-08-08 16:05 - 2015-08-08 16:05 - 00660928 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2015-08-08 16:05 - 2015-08-08 16:05 - 00660928 _____ C:\WINDOWS\system32\atiapfxx.blb
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-06 13:51 - 2015-01-20 14:55 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-06 13:47 - 2015-08-04 21:58 - 00000000 ____D C:\Users\Timo
2015-09-06 13:30 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-06 11:34 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-06 10:33 - 2015-08-04 21:58 - 02113352 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-06 10:33 - 2015-07-10 18:34 - 00896542 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-06 10:33 - 2015-07-10 18:34 - 00201662 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-06 10:28 - 2015-02-26 19:19 - 00000000 ____D C:\Users\Timo\AppData\Roaming\Raptr
2015-09-06 10:27 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-06 10:27 - 2015-01-20 13:51 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-06 10:26 - 2015-08-04 21:56 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-09-06 10:26 - 2015-07-10 11:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-09-06 10:26 - 2015-06-18 11:47 - 00001200 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1138910457-3556438696-3793022017-1001Core.job
2015-09-06 09:43 - 2015-06-18 11:47 - 00001252 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1138910457-3556438696-3793022017-1001UA.job
2015-09-06 09:43 - 2015-01-20 13:51 - 00001150 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-06 09:26 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-09-06 08:22 - 2015-06-18 11:47 - 00003928 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1138910457-3556438696-3793022017-1001UA
2015-09-06 08:22 - 2015-01-21 07:48 - 00002480 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2015-09-06 08:22 - 2015-01-21 07:48 - 00002438 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2015-09-06 08:22 - 2015-01-21 07:48 - 00002436 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2015-09-06 08:22 - 2015-01-20 13:51 - 00003722 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-06 08:20 - 2015-01-20 15:26 - 00186368 ___SH C:\Users\Timo\Desktop\Thumbs.db
2015-09-06 07:35 - 2015-01-21 21:12 - 00000000 ____D C:\Users\Timo\AppData\Roaming\Dropbox
2015-09-06 07:33 - 2015-01-21 21:08 - 00000000 ____D C:\ProgramData\AVAST Software
2015-09-06 07:32 - 2015-05-23 12:45 - 00000000 ____D C:\Users\Timo\AppData\Roaming\Notepad++
2015-09-06 04:05 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Cursors
2015-09-06 04:04 - 2015-02-06 23:14 - 00000000 ____D C:\Users\Timo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MultiMiner
2015-09-06 03:00 - 2015-08-05 00:25 - 00001228 _____ C:\Users\Public\Desktop\Borderlands GotY.lnk
2015-09-06 03:00 - 2015-08-04 22:00 - 00001483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-06 03:00 - 2015-08-04 17:29 - 00001301 _____ C:\Users\Public\Desktop\Dead Rising 2 Off the Record.lnk
2015-09-06 03:00 - 2015-08-04 17:29 - 00001167 _____ C:\Users\Public\Desktop\Dead Rising 2.lnk
2015-09-06 03:00 - 2015-07-29 12:28 - 00000826 _____ C:\Users\Public\Desktop\The Escapists.lnk
2015-09-06 03:00 - 2015-07-25 19:25 - 00000928 _____ C:\Users\Public\Desktop\FUSSBALL MANAGER 14.lnk
2015-09-06 03:00 - 2015-07-22 20:41 - 00000846 _____ C:\Users\Public\Desktop\Kerbal Space Program.lnk
2015-09-06 03:00 - 2015-06-13 18:22 - 00000880 _____ C:\Users\Public\Desktop\DXTBmp.lnk
2015-09-06 03:00 - 2015-06-13 18:04 - 00000949 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-09-06 03:00 - 2015-05-25 10:57 - 00000979 _____ C:\Users\Public\Desktop\Factorio.lnk
2015-09-06 03:00 - 2015-05-23 15:13 - 00001127 _____ C:\Users\Public\Desktop\Truck Mechanic Simulator 2015.lnk
2015-09-06 03:00 - 2015-05-08 20:39 - 00000853 _____ C:\Users\Public\Desktop\OpenTTD.lnk
2015-09-06 03:00 - 2015-05-01 19:30 - 00001135 _____ C:\Users\Public\Desktop\Battle.net.lnk
2015-09-06 03:00 - 2015-04-19 17:32 - 00001888 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2015-09-06 03:00 - 2015-04-19 17:32 - 00001882 _____ C:\Users\Public\Desktop\ImgBurn.lnk
2015-09-06 03:00 - 2015-04-16 17:38 - 00001478 _____ C:\Users\Public\Desktop\LibreOffice 4.4.lnk
2015-09-06 03:00 - 2015-04-12 15:44 - 00000932 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-09-06 03:00 - 2015-04-07 19:17 - 00000968 _____ C:\Users\Public\Desktop\RECYCLE.lnk
2015-09-06 03:00 - 2015-04-06 22:01 - 00002709 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-06 03:00 - 2015-04-06 19:25 - 00001800 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2015-09-06 03:00 - 2015-04-02 12:47 - 00001150 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2015-09-06 03:00 - 2015-03-20 21:22 - 00000559 _____ C:\Users\Public\Desktop\Cities XXL.lnk
2015-09-06 03:00 - 2015-03-20 21:22 - 00000559 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cities XXL.lnk
2015-09-06 03:00 - 2015-02-20 15:32 - 00000892 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2015-09-06 03:00 - 2015-02-20 15:31 - 00000908 _____ C:\Users\Public\Desktop\Battlefield 4.lnk
2015-09-06 03:00 - 2015-02-20 15:31 - 00000892 _____ C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2015-09-06 03:00 - 2015-02-20 15:11 - 00000723 _____ C:\Users\Public\Desktop\Origin.lnk
2015-09-06 03:00 - 2015-01-26 00:03 - 00000974 _____ C:\Users\Public\Desktop\Minecraft.lnk
2015-09-06 03:00 - 2015-01-20 13:51 - 00002253 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-06 03:00 - 2014-10-09 12:30 - 00001981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2015-09-06 02:59 - 2015-08-04 22:23 - 00001058 _____ C:\Users\Timo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2015-09-06 02:59 - 2015-08-04 22:11 - 00002408 _____ C:\Users\Timo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-06 02:59 - 2015-05-25 10:40 - 00000891 _____ C:\Users\Timo\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-09-06 02:59 - 2015-05-23 12:45 - 00001074 _____ C:\Users\Timo\Desktop\Notepad++.lnk
2015-09-06 02:59 - 2015-05-01 19:57 - 00001264 _____ C:\Users\Timo\Desktop\Editor.lnk
2015-09-06 02:59 - 2015-04-19 17:53 - 00002582 _____ C:\Users\Timo\Desktop\Windows 7 USB DVD Download Tool.lnk
2015-09-06 02:59 - 2015-04-10 07:44 - 00001174 _____ C:\Users\Timo\Desktop\Free M4a to MP3 Converter.lnk
2015-09-06 02:59 - 2015-04-10 07:44 - 00001169 _____ C:\Users\Timo\Desktop\My Music Tools.lnk
2015-09-06 02:59 - 2015-04-08 12:38 - 00000995 _____ C:\Users\Timo\Desktop\Far Cry 4.lnk
2015-09-06 02:59 - 2015-04-08 12:38 - 00000977 _____ C:\Users\Timo\Desktop\IDmod.lnk
2015-09-06 02:59 - 2015-04-06 22:37 - 00000985 _____ C:\Users\Timo\Desktop\Die Sims 4 Digital Deluxe Edition.lnk
2015-09-06 02:59 - 2015-04-06 22:37 - 00000939 _____ C:\Users\Timo\Desktop\Die Sims 4 Digital Deluxe Edition Language Selector.lnk
2015-09-06 02:59 - 2015-03-29 18:28 - 00000887 _____ C:\Users\Timo\Desktop\Handbrake.lnk
2015-09-06 02:59 - 2015-03-21 18:09 - 00000876 _____ C:\Users\Timo\Desktop\Assassins Creed Rogue.lnk
2015-09-06 02:59 - 2015-03-21 17:33 - 00001008 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2015-09-06 02:59 - 2015-03-21 12:11 - 00000863 _____ C:\Users\Timo\Desktop\Enforcer Police Crime Action.lnk
2015-09-06 02:59 - 2015-03-20 22:21 - 00000750 _____ C:\Users\Timo\Desktop\Tropico 5.lnk
2015-09-06 02:59 - 2015-03-02 12:32 - 00001228 _____ C:\Users\Timo\Desktop\Uplay.lnk
2015-09-06 02:59 - 2015-01-20 17:35 - 00000986 _____ C:\Users\Timo\Desktop\TechPowerUp GPU-Z.lnk
2015-09-06 02:59 - 2015-01-20 15:27 - 00002170 _____ C:\Users\Timo\Desktop\JDownloader 2.lnk
2015-09-06 02:59 - 2015-01-20 15:27 - 00001471 _____ C:\Users\Timo\Desktop\DivX Movies.lnk
2015-09-06 02:59 - 2015-01-20 15:26 - 00001489 _____ C:\Users\Timo\Desktop\Cmd Admin.lnk
2015-09-06 02:59 - 2015-01-20 15:26 - 00001433 _____ C:\Users\Timo\Desktop\fsh_demo.exe - Verknüpfung.lnk
2015-09-06 02:59 - 2015-01-20 15:26 - 00001067 _____ C:\Users\Timo\Desktop\Dropbox.lnk
2015-09-06 02:59 - 2015-01-20 15:26 - 00001055 _____ C:\Users\Timo\Desktop\RollerCoaster Tycoon 3.lnk
2015-09-06 02:59 - 2015-01-20 15:26 - 00001002 _____ C:\Users\Timo\Desktop\AllDup.lnk
2015-09-06 02:59 - 2015-01-20 15:26 - 00000911 _____ C:\Users\Timo\Desktop\µTorrent.lnk
2015-09-06 02:59 - 2015-01-20 15:26 - 00000856 _____ C:\Users\Timo\Desktop\Factorio.exe - Verknüpfung.lnk
2015-09-06 02:59 - 2015-01-20 15:26 - 00000816 _____ C:\Users\Timo\Desktop\Steam.exe - Verknüpfung.lnk
2015-09-06 02:59 - 2015-01-20 15:26 - 00000647 _____ C:\Users\Timo\Desktop\Crashtastic.lnk
2015-09-06 02:59 - 2015-01-20 15:26 - 00000367 _____ C:\Users\Timo\Desktop\Systemsteuerung - Verknüpfung.lnk
2015-09-06 02:59 - 2015-01-20 15:26 - 00000146 _____ C:\Users\Timo\Desktop\Internetoptionen - Verknüpfung.lnk
2015-09-06 02:49 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows Defender
2015-09-06 02:00 - 2015-05-06 03:24 - 00000000 ____D C:\Users\Timo\AppData\Local\Adobe
2015-09-06 00:28 - 2015-03-02 18:08 - 00000000 ____D C:\Users\Timo\AppData\Local\ftblauncher
2015-09-05 23:07 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-02 18:51 - 2015-02-06 23:14 - 00000000 ____D C:\Users\Timo\AppData\Local\MultiMiner
2015-09-02 18:51 - 2015-01-20 15:27 - 00000000 ____D C:\Users\Timo\Desktop\Poison Ivy
2015-09-02 18:16 - 2015-05-25 10:39 - 00000000 ____D C:\Users\Timo\AppData\Roaming\uTorrent
2015-09-02 18:16 - 2015-04-06 19:25 - 00000000 ____D C:\Users\Timo\AppData\Roaming\DAEMON Tools Lite
2015-09-02 18:12 - 2015-08-04 22:53 - 00000000 ___DC C:\WINDOWS\Panther
2015-09-02 18:12 - 2015-08-04 22:51 - 00000000 ____D C:\Windows.old
2015-09-02 18:12 - 2015-05-01 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2015-09-02 18:12 - 2015-01-21 22:12 - 00000000 ____D C:\Users\Timo\AppData\Local\CrashDumps
2015-09-02 17:13 - 2015-01-20 14:54 - 00000000 ____D C:\Program Files (x86)\Java
2015-09-02 07:03 - 2015-01-20 16:43 - 00000000 ____D C:\ProgramData\Oracle
2015-09-01 23:54 - 2015-07-22 20:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kerbal Space Program [GOG.com]
2015-09-01 21:25 - 2015-01-20 13:49 - 00000000 __SHD C:\Users\Timo\AppData\Local\EmieUserList
2015-09-01 21:25 - 2015-01-20 13:49 - 00000000 __SHD C:\Users\Timo\AppData\Local\EmieSiteList
2015-09-01 21:25 - 2013-08-22 15:25 - 00000194 _____ C:\WINDOWS\win.ini
2015-09-01 20:59 - 2014-10-09 12:31 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-30 17:37 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-08-30 16:20 - 2015-01-20 13:41 - 00000000 ____D C:\Users\Timo\AppData\Local\Packages
2015-08-30 00:04 - 2015-01-20 13:41 - 00000000 ____D C:\Users\Timo\AppData\Roaming\Adobe
2015-08-29 23:58 - 2015-03-20 08:35 - 00000000 ____D C:\Users\Timo\AppData\Local\JDownloader v2.0
2015-08-29 23:56 - 2015-05-06 03:24 - 00000000 ____D C:\ProgramData\Adobe
2015-08-29 23:50 - 2015-05-06 03:25 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-08-29 18:36 - 2015-08-04 21:56 - 00000000 ____D C:\Program Files\AMD
2015-08-29 18:30 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-08-29 18:30 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-29 18:30 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-29 18:23 - 2015-02-26 19:15 - 00000000 ____D C:\AMD
2015-08-29 17:26 - 2015-04-20 16:22 - 00000080 _____ C:\Users\Timo\AppData\Local剜捯獫慴慇敭屳呇⁁屖湥楴汴浥湥湩潦
2015-08-29 10:10 - 2015-04-20 15:52 - 00000000 ____D C:\Program Files\Rockstar Games
2015-08-29 10:10 - 2015-04-20 15:52 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-08-28 22:38 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-28 01:45 - 2015-04-08 12:58 - 00000000 ____D C:\ProgramData\Steam
2015-08-27 22:18 - 2015-01-20 13:51 - 00003976 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-26 01:19 - 2015-08-04 22:08 - 00000000 ____D C:\Users\Timo\AppData\Local\Comms
2015-08-25 21:39 - 2015-07-16 02:12 - 00162240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SETC50A.tmp
2015-08-25 21:39 - 2015-07-16 02:11 - 12062040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET9FF7.tmp
2015-08-25 21:39 - 2015-07-16 02:11 - 10191264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SETA9B7.tmp
2015-08-25 21:39 - 2015-07-16 02:11 - 08979760 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET90A8.tmp
2015-08-25 21:39 - 2015-07-16 02:11 - 08009344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SETA27B.tmp
2015-08-25 21:39 - 2015-07-16 02:11 - 01468224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SETC5CA.tmp
2015-08-25 21:39 - 2015-07-16 02:11 - 01213192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SETC9E3.tmp
2015-08-25 21:39 - 2015-07-16 02:11 - 00143048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\SETE73E.tmp
2015-08-25 21:39 - 2015-07-16 02:06 - 21632992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\SET8B44.tmp
2015-08-25 21:39 - 2015-07-16 01:13 - 00675296 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\SETC4C9.tmp
2015-08-25 21:39 - 2015-07-16 01:12 - 00874480 _____ (AMD) C:\WINDOWS\system32\SETEB4E.tmp
2015-08-25 20:15 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-25 20:15 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-25 20:14 - 2015-01-20 14:56 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-25 20:14 - 2015-01-20 14:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-25 16:23 - 2015-01-20 17:37 - 00001354 _____ C:\Users\Timo\Desktop\CoreTemp.ini
2015-08-24 09:28 - 2015-03-29 18:10 - 00000000 ____D C:\Program Files (x86)\DivX
2015-08-24 09:28 - 2015-03-29 18:07 - 00000000 ____D C:\ProgramData\DivX
2015-08-24 09:27 - 2015-03-29 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2015-08-23 13:33 - 2015-08-04 21:58 - 02132724 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-08-22 19:05 - 2015-04-02 12:47 - 00000000 ____D C:\Users\Timo\.VirtualBox
2015-08-12 18:18 - 2015-01-20 15:48 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 18:18 - 2015-01-20 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 18:15 - 2015-01-20 15:48 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-12 14:02 - 2015-03-18 20:51 - 00000000 ____D C:\Users\Timo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-11 23:51 - 2015-01-20 14:55 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-10 21:32 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-08-10 16:55 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT
2015-08-09 07:13 - 2015-07-16 02:12 - 00162272 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2015-08-09 07:13 - 2015-07-16 02:11 - 12062080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2015-08-09 07:13 - 2015-07-16 02:11 - 10191296 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2015-08-09 07:13 - 2015-07-16 02:11 - 08981312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2015-08-09 07:13 - 2015-07-16 02:11 - 08009376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2015-08-09 07:13 - 2015-07-16 02:11 - 01466744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2015-08-09 07:13 - 2015-07-16 02:11 - 01213224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2015-08-09 07:13 - 2015-07-16 02:11 - 00144608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2015-08-09 07:10 - 2015-07-16 02:06 - 21631512 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-08-09 07:10 - 2015-07-16 01:13 - 00673816 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-08-09 07:10 - 2015-07-16 01:12 - 00874520 _____ (AMD) C:\WINDOWS\system32\coinst_15.20.dll
2015-08-08 17:38 - 2015-07-10 13:06 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 17:38 - 2015-07-10 13:06 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-07 11:43 - 2015-02-24 19:34 - 00000000 ____D C:\Users\Timo\AppData\Roaming\AllDup
2015-08-07 11:43 - 2015-02-24 19:34 - 00000000 ____D C:\ProgramData\AllDup
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-03-29 18:16 - 2015-03-29 18:16 - 0003584 _____ () C:\Users\Timo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-01 21:25 - 2015-09-01 21:25 - 0000187 _____ () C:\Users\Timo\AppData\Local\Ranktom.exe.config
2015-07-27 18:45 - 2015-07-27 18:45 - 0012617 _____ () C:\Users\Timo\AppData\Local\recently-used.xbel
2015-09-06 13:44 - 2015-09-06 13:44 - 0233169 _____ () C:\ProgramData\1441536258.bdinstall.bin
Einige Dateien in TEMP:
====================
C:\Users\Timo\AppData\Local\Temp\avgnt.exe
C:\Users\Timo\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvfjvap.dll
C:\Users\Timo\AppData\Local\Temp\procexp64.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-04 17:21
==================== Ende von FRST.txt ============================
Geändert von Kaminski7791 (06.09.2015 um 13:46 Uhr) Grund: GMER-Fehler Ergänzung |
|
06.09.2015, 13:43
| #2 |
| | Additions.txtCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-09-2015
durchgeführt von Timo (2015-09-06 14:02:52)
Gestartet von F:\Download
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1138910457-3556438696-3793022017-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1138910457-3556438696-3793022017-503 - Limited - Disabled)
Gast (S-1-5-21-1138910457-3556438696-3793022017-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1138910457-3556438696-3793022017-1003 - Limited - Enabled)
kaminski (S-1-5-21-1138910457-3556438696-3793022017-1005 - Administrator - Enabled)
Timo (S-1-5-21-1138910457-3556438696-3793022017-1001 - Administrator - Enabled) => C:\Users\Timo
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-1138910457-3556438696-3793022017-1001\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.)
AC3File 0.7b (HKLM-x32\...\AC3File_is1) (Version: 0.7b - Alexander Vigovsky)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
AllDup 3.4.24 (HKLM-x32\...\AllDup_is1) (Version: 3.4.24 - Michael Thummerer Software Design)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.6 - Sereby Corporation)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version: - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.420 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{315dd168-0794-4cf1-8355-f195cde642fc}) (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{EA226E08-91E7-4F05-B61E-3EDBBBEB15BB}) (Version: - )
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
Bitcoin Core (64-bit) (HKU\S-1-5-21-1138910457-3556438696-3793022017-1001\...\Bitcoin Core (64-bit)) (Version: 0.9.3 - Bitcoin Core project)
Borderlands - Game of the Year Edition (HKLM-x32\...\{DC3F6BF4-F1F6-48AD-89A6-F9B98B475A2C}_is1) (Version: 1.4.2.1 - 2K Games)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
Cities XXL (HKLM-x32\...\Q2l0aWVzWFhM_is1) (Version: 1 - )
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
CPUID CPU-Z 1.73 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0407 - Disc Soft Ltd)
Darkout (HKLM-x32\...\Steam App 257050) (Version: - Allgraf)
Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version: - Techland)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version: - Stunlock Studios)
Dead Rising 2 Complete Pack Version 1.0 (HKLM-x32\...\{AD8340CA-0432-4853-8208-01715ED35600}_is1) (Version: 1.0 - Capcom)
DemoForge Mirage Driver for TightVNC 2.0 (HKLM\...\DemoForge Mirage Driver for TightVNC_is1) (Version: 2.0 - DemoForge LLC)
Die Sims 4 Digital Deluxe Edition ReRelease Incl. Update 10 MULTi2 1.5.139.1020 (HKLM-x32\...\Die Sims 4 Digital Deluxe Edition ReRelease Incl. Update 10 MULTi2 1.5.139.1020) (Version: - )
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.5.139.1020 - Electronic Arts Inc.)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.77 - DivX, LLC)
Dropbox (HKU\S-1-5-21-1138910457-3556438696-3793022017-1001\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
DXTBmp (HKLM-x32\...\{2C1544E4-5DA6-4A72-B1BA-E4692991C1DC}) (Version: 1.00.000 - )
Dxtory version 2.0.127 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.127 - ExKode Co. Ltd.)
Enforcer Police Crime Action (HKLM-x32\...\Enforcer Police Crime Action_is1) (Version: - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Euro Truck Simulator (HKLM-x32\...\Steam App 232010) (Version: - SCS Software)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Europa Universalis III (HKLM-x32\...\Steam App 25800) (Version: - Paradox Development Studio)
Factorio version 0.11.21 (HKLM\...\Factorio_is1) (Version: - )
Far Cry 4 Final DLC Edition (HKLM-x32\...\Far Cry 4 Final DLC Edition) (Version: 1.01 - Ubisoft)
FlatOut (HKLM-x32\...\Steam App 6220) (Version: - Bugbear Entertainment)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free M4a to MP3 Converter 8.3 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
FUSSBALL MANAGER 14 (HKLM-x32\...\{5FC27E1E-08C0-4346-A321-ED2D31FAE936}) (Version: 1.0.0.0 - Electronic Arts)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North)
Grand Theft Auto V (HKLM-x32\...\Grand Theft Auto V) (Version: 1.01 - Rockstar Games)
Grand Theft Auto V Update 5 Version 1.0.350.2 (HKLM-x32\...\Grand Theft Auto V Update 5_is1) (Version: 1.0.350.2 - RFT)
GRID Autosport (HKLM-x32\...\Steam App 255220) (Version: - Codemasters Racing)
HandBrake 0.10.1 (HKLM-x32\...\HandBrake) (Version: 0.10.1 - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kerbal Space Program (HKLM-x32\...\1429864849_is1) (Version: 2.1.0.3 - GOG.com)
LCPD First Response (HKLM-x32\...\LCPD First Response) (Version: 1.0.0.0d - G17 Media)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.8 - Thibaut Lauziere)
Litecoin (HKU\S-1-5-21-1138910457-3556438696-3793022017-1001\...\Litecoin) (Version: 0.8.7.5 - Litecoin project)
Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech)
Malwarebytes Anti-Exploit version 1.07.1.1015 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1015 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2742597) (HKLM-x32\...\M2742597) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MultiMiner version 3.9.2 (HKU\S-1-5-21-1138910457-3556438696-3793022017-1001\...\{A59A265F-E97D-4A84-8E78-E8C59EB861CE}_is1) (Version: 3.9.2 - Nate Woolls)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.8.1 - Notepad++ Team)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenTTD 1.5.0 (HKLM-x32\...\OpenTTD) (Version: 1.5.0 - OpenTTD)
Origin (HKLM-x32\...\Origin) (Version: 9.4.20.386 - Electronic Arts, Inc.)
Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
RadeonPro 1.0 (Build 1.1.1.0) (HKLM-x32\...\RadeonPro_is1) (Version: - )
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
RECYCLE (HKLM-x32\...\RECYCLE_is1) (Version: - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.51.0 - SAMSUNG Electronics Co., Ltd.)
Scania Truck Driving Simulator (HKLM-x32\...\Steam App 258760) (Version: - SCS Software)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Escapists (HKLM-x32\...\1423221839_is1) (Version: 2.0.0.1 - GOG.com)
The Forest (HKLM-x32\...\Steam App 242760) (Version: - Endnight Games Ltd)
Total War Attila German Edition Incl. Update 2 and DLCs 1.2.0 (HKLM-x32\...\Total War Attila German Edition Incl. Update 2 and DLCs 1.2.0) (Version: - )
TOTOLINK RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 1.5.26.0 - TOTOLINK)
Train Fever (HKLM-x32\...\Steam App 304730) (Version: - Urban Games)
TransOcean - The Shipping Company (HKLM-x32\...\Steam App 289930) (Version: - Deck 13 Hamburg)
Tropico 5 1.8 (HKLM-x32\...\Tropico 5 1.8) (Version: 1.8 - Black Poseidon)
Truck Mechanic Simulator 2015 (HKLM-x32\...\Truck Mechanic Simulator 2015_is1) (Version: - )
Ultimate Vehicle Pack v11 for "Grand Theft Auto IV" (HKLM-x32\...\GTA IV - Ultimate Vehicle Pack) (Version: 11.0.86.0 - ZZCOOL)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 5.0 - Ubisoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 7.1.2 - VMware, Inc)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Timo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Timo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Timo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Timo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Timo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Timo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Timo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Timo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Timo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Timo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Timo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Timo\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Timo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Timo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Timo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Timo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Timo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Timo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Timo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Timo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1138910457-3556438696-3793022017-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Timo\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2015-09-06 08:41 - 00001159 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 sidecubes.com
127.0.0.1 hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/
127.0.0.1 reimageplus.com
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation)
Task: {08D839B3-7649-4097-B718-AB160B89D076} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation)
Task: {102F7C93-8E2E-477E-B894-6206978D80C0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-12] (Microsoft Corporation)
Task: {1954CAFA-F7D1-446A-8DD2-619DA8E9760E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1138910457-3556438696-3793022017-1001Core => C:\Users\Timo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW
Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation)
Task: {52308F0A-5B04-472A-ABEA-2C4AA04609C1} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {55E88B5B-6D2C-4DD3-B805-34F7989F9148} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {5A8F9A5A-1E70-48B3-A429-6AD7AEBF88BB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {6A5F6FC4-25DB-4986-8BE5-364A236D155A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {70CFE7D3-0A27-4183-834B-3E10C2781EF6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {71851F44-88F4-4B42-AD67-1388E0ADABAE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask
Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance
Task: {80753561-E667-4210-9620-2ADE89C6AEA7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {845C5A6A-1A35-438E-A4ED-E676FAC8B1BD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {867514DA-BDB7-42F5-A239-649BF57F4B1A} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {89607797-E97A-4AB1-A7FA-AC93D4500399} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {8C736B91-7911-44A5-BF2F-12F61C52346C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-08-04] (Microsoft Corporation)
Task: {920E5225-8A62-49FD-A7C9-65B1711924BE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated)
Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager
Task: {A878860B-A5FD-45E8-9D42-7D5A7C63AEBD} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {ABF0361C-20F0-40F2-A35E-97A8BAE7EEC5} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {B27880B0-03B3-4FF3-B1A9-9E51C4D09D75} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {BCAE2225-E293-41CD-AB5F-9E84A925B1CD} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {BD7A2F74-5680-4BFA-B986-FB30D17B65A0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {C0C9710F-7E37-4E6F-B910-E6CF50544023} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-avalon7791_8@hotmail.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-22] (Adobe Systems Incorporated)
Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr
Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation)
Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation)
Task: {CE65F1FA-3F47-4806-AA23-BC0F8821B348} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [2015-08-11] (Microsoft Corporation)
Task: {D97D4087-B2B1-4F7A-9C51-6291D3257E6A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {F4F97663-7BB3-4088-87E9-3D74C8566CD7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1138910457-3556438696-3793022017-1001UA => C:\Users\Timo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1138910457-3556438696-3793022017-1001Core.job => C:\Users\Timo\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1138910457-3556438696-3793022017-1001UA.job => C:\Users\Timo\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-07-10 13:00 - 2015-07-10 13:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-08-04 22:50 - 2015-08-04 22:50 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-25 20:47 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-28 21:27 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-28 21:27 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-22 01:02 - 2015-07-22 01:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-08-12 17:47 - 2015-08-03 03:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-25 20:47 - 2015-08-11 10:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-12 17:47 - 2015-08-03 03:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-04-15 22:13 - 2015-04-15 22:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-08-25 20:31 - 2015-08-25 20:31 - 00007168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1508.17010.0_x64__8wekyb3d8bbwe\CompanionApp.exe
2015-08-25 20:31 - 2015-08-25 20:31 - 06572544 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1508.17010.0_x64__8wekyb3d8bbwe\CompanionApp.dll
2015-07-10 18:53 - 2015-07-10 18:53 - 07897088 _____ () C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.0_1.0.22929.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
2015-08-25 20:31 - 2015-08-25 20:31 - 00623616 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1508.17010.0_x64__8wekyb3d8bbwe\CompanionAppDeviceManager.dll
2015-05-31 07:59 - 2015-05-31 07:59 - 01301696 _____ () I:\Program Files\VMware\VMware Player\libxml2.dll
2015-01-20 14:00 - 2015-07-03 18:12 - 00778240 _____ () G:\Steam\SDL2.dll
2015-01-20 14:00 - 2015-07-03 18:12 - 04962816 _____ () G:\Steam\v8.dll
2015-01-20 14:00 - 2015-08-19 22:39 - 02413248 _____ () G:\Steam\video.dll
2015-01-20 14:00 - 2015-07-03 18:12 - 01556992 _____ () G:\Steam\icui18n.dll
2015-01-20 14:00 - 2015-07-03 18:12 - 01187840 _____ () G:\Steam\icuuc.dll
2015-01-20 14:00 - 2014-12-01 23:31 - 02396672 _____ () G:\Steam\libavcodec-56.dll
2015-01-20 14:00 - 2014-12-01 23:31 - 00479744 _____ () G:\Steam\libavformat-56.dll
2015-01-20 14:00 - 2014-12-01 23:31 - 00332800 _____ () G:\Steam\libavresample-2.dll
2015-01-20 14:00 - 2014-12-01 23:31 - 00442880 _____ () G:\Steam\libavutil-54.dll
2015-01-20 14:00 - 2014-12-01 23:31 - 00485888 _____ () G:\Steam\libswscale-3.dll
2015-01-20 14:00 - 2015-08-19 22:39 - 00704192 _____ () G:\Steam\bin\chromehtml.DLL
2015-07-22 10:07 - 2015-07-27 03:13 - 00171008 _____ () G:\Steam\bin\openvr_api.dll
2015-09-02 20:24 - 2015-08-28 02:17 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libglesv2.dll
2015-09-02 20:24 - 2015-08-28 02:17 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libegl.dll
2015-01-20 14:00 - 2015-07-03 18:12 - 39553928 _____ () G:\Steam\bin\libcef.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2014-08-14 02:37 - 2014-08-14 02:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 02:37 - 2014-08-14 02:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00024064 _____ () C:\Program Files (x86)\Raptr\win32pipe.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 02:56 - 2014-06-18 02:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2015-02-26 19:31 - 2013-09-16 13:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-09-02 20:24 - 2015-08-28 02:17 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Timo\OneDrive:ms-properties
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1138910457-3556438696-3793022017-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Timo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1138910457-3556438696-3793022017-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-1138910457-3556438696-3793022017-1001\...\StartupApproved\Run: => "Browser Infrastructure Helper"
HKU\S-1-5-21-1138910457-3556438696-3793022017-1001\...\StartupApproved\Run: => "MSConfig Extended 2.0"
HKU\S-1-5-21-1138910457-3556438696-3793022017-1001\...\StartupApproved\Run: => "Dropbox Update"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{CE96E782-2C20-49B1-A879-07116D90CD79}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{95A26ABA-4A95-4F31-9E28-BE0D25B6CF93}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{7C244492-32B4-41A2-AF05-ED7C62E0294C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{79682DA4-1E2A-438F-97F8-4373E572900D}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{1D05D502-F94B-427E-A65F-850A44FADBDF}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{173E4FE6-89B8-4601-AC81-C3AC08EDFA08}] => (Allow) D:\SteamLibrary\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{4033C687-3478-499D-BDD4-862B0B9B46E9}] => (Allow) I:\Program Files (x86)\Origin Games\FIFA Manager 14\Manager14.exe
FirewallRules: [{70DF767F-9FDC-43B3-8322-71285D3B02D5}] => (Allow) I:\Program Files (x86)\Origin Games\FIFA Manager 14\Manager14.exe
FirewallRules: [{91D9B7CE-A9B8-461E-91FC-70BEA4D8C3A7}] => (Allow) G:\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{3F69420B-2250-4DE0-83B4-81F9A0F185EF}] => (Allow) G:\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{8E041738-1D53-4D33-98AA-A347B46C73AB}] => (Allow) I:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{C5FD7735-13FF-45C2-90E9-79DA1DAA2942}] => (Allow) I:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{33C2BC30-476B-4CA7-8FD4-9327D18998B5}] => (Allow) I:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{DCA7E71F-B6AC-4CF3-92E5-1184D085BAA8}] => (Allow) I:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{98320631-2B2A-40DB-B312-0D236D9E906A}] => (Allow) G:\Steam\SteamApps\common\GRID Autosport\GRIDAutosport.exe
FirewallRules: [{B511DEB8-2083-4830-9262-6845C31E092D}] => (Allow) G:\Steam\SteamApps\common\GRID Autosport\GRIDAutosport.exe
FirewallRules: [{ABA24AF1-66D7-49A5-BEAB-894D8B429168}] => (Allow) I:\Games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{7FD30D88-FAB5-4C29-ACE2-6B1DB574BCA1}] => (Allow) I:\Games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{9FBA5BC2-51E0-454D-ACE8-BEDD2FB82AE9}] => (Allow) LPort=25555
FirewallRules: [{EF9C35DF-177C-4AE7-AD0F-B17C1229C9BA}] => (Allow) C:\Users\Timo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CD4B7852-E7B6-4180-A030-7CDE4DB99F19}] => (Allow) C:\Users\Timo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2843531C-840E-4406-AC99-990B7D805FED}] => (Allow) G:\Steam\SteamApps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [{0ACE9000-8F86-4978-B699-F430E759C10C}] => (Allow) G:\Steam\SteamApps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [{606A6726-69E4-429B-9AD8-FB9007CD9B39}] => (Allow) G:\Steam\SteamApps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{4B87B092-1CC6-4431-801B-E25801C12C32}] => (Allow) G:\Steam\SteamApps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{13A076B1-2FBA-42EA-8D0E-22ADD1B44B97}] => (Allow) G:\Steam\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{D0DD11C0-523D-4FFC-81F2-9DF8D94F348B}] => (Allow) G:\Steam\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{7C6DCE52-4798-4138-A161-33EDB6B712D5}] => (Allow) D:\SteamLibrary\steamapps\common\diriptide\DeadIslandGame_x86_rwdi.exe
FirewallRules: [{9F754374-C5F5-4F2D-A67D-A5406E96CAE3}] => (Allow) D:\SteamLibrary\steamapps\common\diriptide\DeadIslandGame_x86_rwdi.exe
FirewallRules: [{167AAE32-D2D7-4F6A-8EBA-B7666F5F58A5}] => (Allow) D:\SteamLibrary\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{8EACA25C-EF38-4C51-B5A0-356A1EB94581}] => (Allow) D:\SteamLibrary\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{2352F9D3-D468-4922-AB45-6931184D5011}] => (Allow) I:\Program Files (x86)\Sims 4\Game\Bin\TS4.exe
FirewallRules: [{EAFDA6AF-C120-40FE-9307-3A339004F6F8}] => (Allow) I:\Program Files (x86)\Sims 4\Game\Bin\TS4.exe
FirewallRules: [{99DE5B94-3C34-485C-A3B8-6039FDA62078}] => (Allow) I:\Program Files (x86)\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{B92C627C-5E6B-442B-A872-03C1A7242C44}] => (Allow) I:\Program Files (x86)\Ubisoft\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{7079DF28-6E2D-4676-9ABA-C53282B09EBA}] => (Allow) G:\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{4C99ACFB-EFE0-4D4B-9585-9A39A0FA3B03}] => (Allow) G:\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{6AD47C39-35B4-4588-9A56-EF95E6824EEB}] => (Allow) G:\Steam\SteamApps\common\TransOcean - The Shipping Company\TransOcean.exe
FirewallRules: [{5D640A7C-0B27-48DF-8630-AF79FBE65CFF}] => (Allow) G:\Steam\SteamApps\common\TransOcean - The Shipping Company\TransOcean.exe
FirewallRules: [{5146B851-AF7D-4FB4-92CE-C6A7A2402F47}] => (Allow) G:\Steam\SteamApps\common\Train Fever\TrainFever.exe
FirewallRules: [{B6AC2CE0-3788-4E6D-B57B-1466B8F730EF}] => (Allow) G:\Steam\SteamApps\common\Train Fever\TrainFever.exe
FirewallRules: [{1C05415B-CE34-4997-AB04-D82FC3038D24}] => (Allow) C:\Program Files\TightVNC\tvnserver.exe
FirewallRules: [{0F8012B1-F7B6-4CC6-9CB9-885A9C90E72D}] => (Allow) G:\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A3941952-5A99-43AC-8F9F-6ABC9D1AAACE}] => (Allow) G:\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{C77A9795-668F-424C-9D3D-3EE2B800F704}] => (Allow) G:\Steam\SteamApps\common\Spintires\SpinTires.exe
FirewallRules: [{A26A6DAC-557C-444D-AC28-E5C81CAFBCCC}] => (Allow) G:\Steam\SteamApps\common\Spintires\SpinTires.exe
FirewallRules: [{ED12210E-55C1-4D7D-85F0-7C32DD89BD89}] => (Allow) G:\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{589A24D7-6015-4667-8351-7995719269D4}] => (Allow) G:\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{1E0C6EFF-7E81-46C7-96E4-BC05FD284EA4}] => (Allow) G:\Steam\SteamApps\common\Europa Universalis III - Complete\eu3game.exe
FirewallRules: [{3EDE2D75-39BF-4A9F-83B5-93F3661379B5}] => (Allow) G:\Steam\SteamApps\common\Europa Universalis III - Complete\eu3game.exe
FirewallRules: [{0921B7BF-5154-4B4A-BFC4-D7286A1338B5}] => (Allow) G:\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{CC505006-CD60-4636-9335-8FCF529F2AE6}] => (Allow) G:\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{9F404901-C347-47DC-AF45-23F05B0059BD}] => (Allow) I:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{77F392EB-8D62-4A19-8DC1-6F848E68CA36}] => (Allow) I:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{E169EC07-456A-4DFE-A110-BD005084C8F1}] => (Allow) I:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{39AEC4A4-069F-49DC-850A-CC44A9DC0535}] => (Allow) I:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{9CB5F923-E67E-45E8-A59A-7C403CD040BC}] => (Allow) I:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{7C4AF10C-4370-4CDE-943D-624A165D6E2A}] => (Allow) I:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{F2C97DC0-CA9A-4559-AE03-081A87471448}] => (Allow) C:\Users\Timo\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{35429B33-87C3-4D20-8F2F-4984365D0EAB}] => (Allow) C:\Users\Timo\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{18C884B6-1428-4AE6-9E74-88562A0CEB3D}] => (Allow) I:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{5909A23E-19FE-453E-B570-BC4778BD2EE6}] => (Allow) I:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{70DAF531-CBE5-438C-AF63-06FFB17A2A8D}] => (Allow) I:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{DE494363-3DD5-415C-A899-37500B053379}] => (Allow) I:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{7C4C77D6-AB90-4FF2-999C-2CA1A7F12A71}] => (Allow) I:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{A60E38CB-C639-4DFB-96D4-DC24624BEA08}] => (Allow) I:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{58962501-A9CD-4893-A979-BB50C40EE60E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{18D63922-39A8-49A4-8A82-FE5D62714D6F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{88A5411C-E1B9-47C3-814F-D771F545390F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4E0CABA9-6F48-439A-983A-994B95139AE6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{46D99631-CBF6-4066-AD6D-9AF7596579C4}] => (Allow) %ProgramFiles% (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe
FirewallRules: [{63E452E1-3E1E-4899-ACD1-80F6458E62E7}] => (Allow) G:\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{FC48E25C-AB14-495A-9ACC-BEA56895D6A4}] => (Allow) G:\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{FCCA575D-A608-452C-A011-F4D2E75B5C58}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{4C22E342-CA8E-4E34-9149-B8F49DF6C8F8}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{E0011601-4D50-4CC9-8765-D589CFF759C8}] => (Allow) I:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{BBFD658A-5DCD-43C3-B07D-F808E5585D1D}] => (Allow) I:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{69FBCC40-3A52-48A1-A06B-56302B16DEF8}] => (Allow) I:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{92C9DA7D-5363-47CC-B712-3AB747D33E8D}] => (Allow) I:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{566946C2-E036-47AC-B5CF-667335B82255}] => (Allow) G:\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{E5839C6A-CC12-4875-A98D-15334268CF40}] => (Allow) G:\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{56C4DA82-3BB0-40F6-A288-487A97FEB156}] => (Allow) G:\Steam\SteamApps\common\War of the Roses\run_game.exe
FirewallRules: [{3D03C29B-72A2-4D08-BFA2-D1442EB3CF34}] => (Allow) G:\Steam\SteamApps\common\War of the Roses\run_game.exe
FirewallRules: [{72280B4F-A49C-43F8-BF36-02C1AB2CE6DB}] => (Allow) G:\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{6A968DED-CB38-4BAF-A4D8-E61F4956D79A}] => (Allow) G:\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{12FED2EA-8851-4C0D-9E48-94EF30ED3710}] => (Allow) G:\Steam\SteamApps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{B672E9E5-DA95-4A2F-A82F-58922C089312}] => (Allow) G:\Steam\SteamApps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{20DA55ED-63ED-4596-9957-736480B81D18}] => (Allow) G:\Steam\SteamApps\common\Red Faction Guerrilla\rfg.exe
FirewallRules: [{9578DD00-7F6D-4F7D-8A36-4B0356E7F44D}] => (Allow) G:\Steam\SteamApps\common\Red Faction Guerrilla\rfg.exe
FirewallRules: [{B1837861-A5A1-4685-A64F-E17583AAB861}] => (Allow) G:\Steam\SteamApps\common\Red Faction Guerrilla\rfg_launcher.exe
FirewallRules: [{E6D942C3-5DAF-42C2-AC2A-F703A153AD96}] => (Allow) G:\Steam\SteamApps\common\Red Faction Guerrilla\rfg_launcher.exe
FirewallRules: [{55069612-D077-40A9-907E-ED757A20AEC9}] => (Allow) C:\SteamLibrary\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{C7557CC7-E9D0-47F8-BD86-5F7D89D89CC5}] => (Allow) C:\SteamLibrary\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{488364C7-8D6D-462D-AE99-284722227D23}] => (Allow) G:\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{697CB46F-55EA-43A1-9D72-9AB9325D3EB9}] => (Allow) G:\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{1EEB40FD-7726-4384-8799-6DD711482A68}] => (Allow) G:\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{9D0C886D-CD85-4BD0-A70C-3D293A9B31B8}] => (Allow) G:\Steam\SteamApps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{A26B1679-0152-49F5-8B4C-05687F59CA78}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [{FAC027B2-1076-443D-9BF1-3D14B2EE67AE}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [{BF554FBE-B581-4E4E-8B50-EF1B9AD24EC7}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{FE4F5D87-8414-4605-AA4C-3CD5E3600B59}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [TCP Query User{4A6CE1F3-37C1-4516-A0D0-A6C97944C6D6}C:\users\timo\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\timo\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{A5C34E9F-6FDF-4F1E-9822-51DC0F5DA164}C:\users\timo\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\timo\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{F454C1D1-85A2-4012-BBF9-4AC5C79DB7BC}C:\users\timo\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\timo\appdata\local\jdownloader v2.0\jdownloader2.exe
FirewallRules: [UDP Query User{99EB2318-03D7-4449-8C1C-2EBCAFF03EFD}C:\users\timo\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\timo\appdata\local\jdownloader v2.0\jdownloader2.exe
FirewallRules: [TCP Query User{510CF40D-B191-4C0A-91D3-198CBB641F3A}I:\program files (x86)\2k games\borderlands\binaries\borderlands.exe] => (Block) I:\program files (x86)\2k games\borderlands\binaries\borderlands.exe
FirewallRules: [UDP Query User{07D5B7E0-9607-4074-BE77-39BFC585AD96}I:\program files (x86)\2k games\borderlands\binaries\borderlands.exe] => (Block) I:\program files (x86)\2k games\borderlands\binaries\borderlands.exe
FirewallRules: [{A32775B1-A29C-4672-AF47-B1622E962795}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{847D5ED4-C894-4749-9476-503C713BE1A2}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{8AAFA7E6-E2B3-4017-95CE-DD060470916B}] => (Allow) I:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D331023E-846E-4657-984F-ACDB828A0F2D}] => (Allow) I:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4433EB57-B050-417D-AD5D-F7382456D40E}] => (Allow) I:\Program Files\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{A5FABCF2-C0B6-4160-84FF-9722F11EA68E}] => (Allow) I:\Program Files\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{440F172D-63BD-4B8A-A277-CC48EE55FDAE}] => (Block) D:\Program Files (x86)\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{75E31BE0-D2C2-43E9-A3B0-15C542A49195}] => (Block) D:\Program Files (x86)\Rockstar Games\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{4309B770-9EB0-40E4-9562-E157C0B94864}C:\users\timo\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\timo\appdata\local\jdownloader v2.0\jdownloader2.exe
FirewallRules: [UDP Query User{12429FF2-AD37-426B-9ABA-EB6219A9E38C}C:\users\timo\appdata\local\jdownloader v2.0\jdownloader2.exe] => (Allow) C:\users\timo\appdata\local\jdownloader v2.0\jdownloader2.exe
FirewallRules: [{AD54AD9E-A1E3-4037-9320-B41FE6EF1CBE}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{2079DA48-05FA-49D3-BD43-4FC70D9102E5}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{5E1FF516-919E-444E-8A75-E193D796C389}] => (Allow) G:\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{F526F5B3-BB1D-4400-8B33-6760D8A0B0B7}] => (Allow) G:\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{6876C338-2A4C-4528-9B2A-66F6236A895D}] => (Allow) G:\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{ADFA6189-1D77-4072-AE4B-34B31D6D46FA}] => (Allow) G:\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{68989D32-6F0F-43B4-A7F9-E2E6D456CC85}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{FC281F9A-FD9E-45E2-9460-CE4D11918024}I:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Block) I:\program files (x86)\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [UDP Query User{B0EBF519-D79D-4625-AE44-2E0A65E11AF1}I:\program files (x86)\steam\steamapps\common\total war attila\attila.exe] => (Block) I:\program files (x86)\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [TCP Query User{D24B6609-1C1D-49E7-AE9E-1649645A81B8}G:\steam\steamapps\common\total war attila\attila.exe] => (Block) G:\steam\steamapps\common\total war attila\attila.exe
FirewallRules: [UDP Query User{E2AB8337-C00A-42CC-A992-0F5A8C5AC675}G:\steam\steamapps\common\total war attila\attila.exe] => (Block) G:\steam\steamapps\common\total war attila\attila.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: VirtualBox Host-Only Ethernet Adapter #2
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: 802.11n-Drahtlos-LAN-Karte
Description: 802.11n-Drahtlos-LAN-Karte
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Ralink Technology, Corp.
Service: netr28x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/06/2015 11:29:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KAMINSKI-GAMING)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/06/2015 11:29:36 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm HxTsr.exe, Version 16.0.6121.4200 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1e34
Startzeit: 01d0e8864b7272e0
Beendigungszeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6121.42001.0_x64__8wekyb3d8bbwe\HxTsr.exe
Berichts-ID: bdeb7208-5479-11e5-82a6-74d435d1e157
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.6121.42001.0_x64__8wekyb3d8bbwe
Auf das fehlerhafte Paket bezogene Anwendungs-ID: ppleae38af2e007f4358a809ac99a64a67c1
Error: (09/06/2015 11:27:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KAMINSKI-GAMING)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/06/2015 11:12:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KAMINSKI-GAMING)
Description: Bei der Aktivierung der App „Microsoft.WindowsStore_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/06/2015 09:48:54 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (780) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (09/06/2015 09:48:54 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (780) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (09/06/2015 09:48:44 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (780) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (09/06/2015 09:48:44 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (780) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (09/06/2015 09:48:34 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (780) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (09/06/2015 09:48:34 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (780) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Systemfehler:
=============
Error: (09/06/2015 12:05:07 PM) (Source: volsnap) (EventID: 25) (User: )
Description: Die Schattenkopien von Volume "C:" wurden gelöscht, weil der Schattenkopiespeicher nicht rechtzeitig vergrößert wurde. Sie sollten die E/A-Last auf dem System verringern oder ein Schattenkopie-Speichervolume, von dem keine Schattenkopie erstellt wird, auswählen.
Error: (09/06/2015 11:29:36 AM) (Source: DCOM) (EventID: 10010) (User: KAMINSKI-GAMING)
Description: microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca
Error: (09/06/2015 11:27:48 AM) (Source: DCOM) (EventID: 10010) (User: KAMINSKI-GAMING)
Description: microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca
Error: (09/06/2015 10:27:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%14105
Error: (09/06/2015 10:27:14 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%2147944153
Error: (09/06/2015 10:26:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/06/2015 10:26:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/06/2015 10:26:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/06/2015 10:26:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/06/2015 09:45:56 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BFE18E9C-6D87-4450-B37C-E02F0B373803}
Microsoft Office:
=========================
Error: (09/06/2015 11:29:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KAMINSKI-GAMING)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927142
Error: (09/06/2015 11:29:36 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: HxTsr.exe16.0.6121.42001e3401d0e8864b7272e04294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6121.42001.0_x64__8wekyb3d8bbwe\HxTsr.exebdeb7208-5479-11e5-82a6-74d435d1e157microsoft.windowscommunicationsapps_17.6121.42001.0_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (09/06/2015 11:27:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KAMINSKI-GAMING)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (09/06/2015 11:12:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: KAMINSKI-GAMING)
Description: Microsoft.WindowsStore_8wekyb3d8bbwe!App-2147023170
Error: (09/06/2015 09:48:54 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost780-1032
Error: (09/06/2015 09:48:54 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost780C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Zugriff verweigert
Error: (09/06/2015 09:48:44 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost780-1032
Error: (09/06/2015 09:48:44 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost780C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Zugriff verweigert
Error: (09/06/2015 09:48:34 AM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost780-1032
Error: (09/06/2015 09:48:34 AM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost780C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Zugriff verweigert
CodeIntegrity:
===================================
Date: 2015-09-06 03:33:27.478
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-06 03:33:27.460
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-06 03:33:27.432
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-06 03:33:27.414
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-06 03:33:27.267
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-06 03:33:27.249
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-06 03:33:27.223
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-06 03:33:27.206
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-06 03:33:27.180
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-09-06 03:33:27.162
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Xeon(R) CPU E3-1231 v3 @ 3.40GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 16336.95 MB
Verfügbarer physikalischer RAM: 11205.88 MB
Summe virtueller Speicher: 18768.95 MB
Verfügbarer virtueller Speicher: 13374.36 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:102.02 GB) (Free:41.57 GB) NTFS
Drive d: (Games) (Fixed) (Total:119.24 GB) (Free:13.09 GB) NTFS
Drive f: (Download) (Fixed) (Total:488.28 GB) (Free:44.17 GB) NTFS
Drive g: (Steam) (Fixed) (Total:292.97 GB) (Free:36.71 GB) NTFS
Drive h: (Backup) (Fixed) (Total:683.59 GB) (Free:0.13 GB) NTFS
Drive i: (Programme) (Fixed) (Total:488.28 GB) (Free:220 GB) NTFS
Drive j: (Files) (Fixed) (Total:841.39 GB) (Free:133.43 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 117.4 GB) (Disk ID: B6B349C1)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 9737A495)
Partition 1: (Not Active) - (Size=119.2 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 2794.5 GB) (Disk ID: 0097D12F)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
06.09.2015, 14:15
| #3 |
| /// the machine /// TB-Ausbilder    |  WIN10 DNS Keeper lässt sich nicht entfernen/Verdacht auf andere Malware Hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ |
|
06.09.2015, 14:34
| #4 |
| | WIN10 DNS Keeper lässt sich nicht entfernen/Verdacht auf andere Malware Hi, MBAR meldet "Scan finished: No Malware found!", was mir noch aufgefallen ist, diese Ad-Links habe ich komischerweise nicht in jedem Chrome Browserfenster und wenn ich Links oder Buttons anklicken will, geht er beim ersten Klick immer auf reimageplus.com, das aber auch erst seit ca. einer Stunde. |
|
07.09.2015, 09:45
| #5 |
| /// the machine /// TB-Ausbilder | WIN10 DNS Keeper lässt sich nicht entfernen/Verdacht auf andere Malware Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu WIN10 DNS Keeper lässt sich nicht entfernen/Verdacht auf andere Malware |
| avira, c:\windows, ccleaner, config, dns, dns keeper, dnsapi.dll, fehlermeldung, firefox, fritzbox, gmer, grand theft auto, home, infos, klick, malware, newtab, problem, programme, prozess, registry, start, system, system32, systemsteuerung, trojaner, win, win 10, win10, windows, windowsapps, wlan |
Linear-Darstellung
