Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 07.01.2016, 22:00   #1
JohnCrane
 
Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet - Standard

Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet



Als ich aus meinem 11 Tägigem Urlaub zurückkam bemerkte ich, dass das Internet auf meinem Laptop ungewöhnlich langsam war Internetseiten(zb. Youtube) öffneten sich sehr langsam und auch die Videos ließen sich nicht ohne lange Ladezeiten abspielen. Außerdem habe ich in verschiedenen Onlinespielen festgestellt das ich eine Ping habe die ca. 100 ms Über dem Normalwert liegt. Ich fand heraus das das Internet nur auf meinem Laptop so langsam war indem ich Speedtests auf dem besagten Laptop meinem Handy, Ipad und Konsole machte. Bei diesen Tests kam bei Handy Ipad und Konsole das übliche Ergebnis heraus worauf ich schließe das es an meinem Laptop liegen muss. Ich habe mit einem Antivirusprogramm(Avast free Antivirus) mein Laptop überprüfen lassen doch dieses fand nichts. Logs konnte ich nicht finden.
Anbei die von ihnen geforderten FRST und Addition dateien.

Ich hoffe sie können mir bei meinem Problem helfen.<3
P.S.: Ich bin nicht so der PC Pro

Alt 08.01.2016, 09:38   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet - Standard

Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet



Hi und

Logs bitte nicht anhängen, notfalls splitten und über mehrere Postings verteilt posten

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 08.01.2016, 14:36   #3
JohnCrane
 
Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet - Standard

Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet



Ok danke für den Tipp.
Anbei nochmal die Logfiles diesmal verteilt.
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-01-2015
durchgeführt von #IchBinAdmin (Administrator) auf LUIS (07-01-2016 22:21:03)
Gestartet von C:\Users\#IchBinAdmin\Downloads
Geladene Profile: #IchBinAdmin (Verfügbare Profile: #IchBinAdmin)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Apple Inc.) C:\Program Files (x86)\AirPort\APAgent.exe
(Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8496344 2016-01-06] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [LogiOptionsAppBroker] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1579976 2015-06-22] (Logitech, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3945656 2015-09-09] (Synaptics Incorporated)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [883352 2015-12-14] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AirPort Base Station Agent] => C:\Program Files (x86)\AirPort\APAgent.exe [771360 2009-11-11] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2016-01-07] (AVAST Software)
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [45296 2015-12-15] (Overwolf LTD)
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\Run: [Spotify Web Helper] => C:\Users\#IchBinAdmin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-16] (Spotify Ltd)
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\Run: [Spotify] => C:\Users\#IchBinAdmin\AppData\Roaming\Spotify\Spotify.exe [8387696 2015-12-16] (Spotify Ltd)
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\RunOnce: [Uninstall C:\Users\#IchBinAdmin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\#IchBinAdmin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\RunOnce: [Uninstall C:\Users\#IchBinAdmin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\#IchBinAdmin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1"
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\RunOnce: [Uninstall C:\Users\#IchBinAdmin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\#IchBinAdmin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\#IchBinAdmin\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\#IchBinAdmin\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\#IchBinAdmin\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-01-07] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\#IchBinAdmin\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\#IchBinAdmin\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\#IchBinAdmin\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-10-20]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{45644fda-53a3-475d-a1ad-6710b755d15c}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b7f3b2ca-cacd-4e96-a588-7716d6479a12}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp13.msn.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com
HKU\S-1-5-21-19900340-1551578156-919240601-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-19900340-1551578156-919240601-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com
SearchScopes: HKLM-x32 -> {77ECE5F7-853D-4BBE-BCE5-A11C49C4ACED} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-19900340-1551578156-919240601-1002 -> {1B1DFA0A-C36F-4191-A2F9-858CC265D7E8} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-19900340-1551578156-919240601-1002 -> {77ECE5F7-853D-4BBE-BCE5-A11C49C4ACED} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-21] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-01-07] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-21] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-21] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-07] (AVAST Software)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-07-25] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-21] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19] (Hewlett-Packard Company)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\#IchBinAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\digk1cve.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-05] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-21] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-21] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF SearchPlugin: C:\Users\#IchBinAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\digk1cve.default\searchplugins\google-images.xml [2015-08-06]
FF SearchPlugin: C:\Users\#IchBinAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\digk1cve.default\searchplugins\google-maps.xml [2015-08-06]
FF SearchPlugin: C:\Users\#IchBinAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\digk1cve.default\searchplugins\youtube.xml [2015-11-12]
FF Extension: Cliqz - C:\Users\#IchBinAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\digk1cve.default\Extensions\cliqz@cliqz.com.xpi [2015-12-05] [ist nicht signiert]
FF Extension: ProxTube - Unblock YouTube - C:\Users\#IchBinAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\digk1cve.default\Extensions\ich@maltegoetz.de.xpi [2015-10-30]
FF Extension: Adblock Plus - C:\Users\#IchBinAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\digk1cve.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-26]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-07]
FF HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\#IchBinAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\digk1cve.default\extensions\cliqz@cliqz.com => nicht gefunden

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-21]
CHR Extension: (Google Docs) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-21]
CHR Extension: (Google Drive) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-11]
CHR Extension: (YouTube) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-07]
CHR Extension: (Adblock Plus) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-01-05]
CHR Extension: (Google-Suche) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-11]
CHR Extension: (Google Tabellen) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-21]
CHR Extension: (Google Docs Offline) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-25]
CHR Extension: (Avast Online Security) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-01-07]
CHR Extension: (Skype) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-19]
CHR Extension: (PowerPoint Online) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdafamggmaaaginooondinjgkgcbpnhp [2015-11-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-08]
CHR Extension: (Yahoo Web) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [2015-11-25]
CHR Extension: (Google Mail) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-01-07]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-06] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2016-01-07] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1225216 2015-10-07] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [432792 2015-12-14] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [412312 2015-12-14] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [854680 2015-12-14] (BlueStack Systems, Inc.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [94936 2014-07-04] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [245544 2015-09-05] (EasyAntiCheat Ltd)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-08-25] (WildTangent)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.11.163\McCHSvc.exe [235696 2015-07-31] (McAfee, Inc.)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1008880 2015-12-15] (Overwolf LTD)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2016-01-06] (Realtek Semiconductor)
S3 Survarium-Steam Update Service; C:\Program Files (x86)\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe [96856 2015-08-27] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-09-09] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2016-01-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2016-01-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2016-01-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2016-01-07] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2016-01-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2016-01-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2016-01-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2016-01-07] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146016 2015-12-14] (BlueStack Systems)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-10-30] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2016-01-06] (Realtek                                            )
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [624424 2015-12-10] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4629744 2015-09-20] (Realtek Semiconductor Corporation                           )
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [42184 2015-09-09] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [31472 2014-06-04] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-07 22:21 - 2016-01-07 22:21 - 00025393 _____ C:\Users\#IchBinAdmin\Downloads\FRST.txt
2016-01-07 22:20 - 2016-01-07 22:21 - 00000000 ____D C:\FRST
2016-01-07 22:18 - 2016-01-07 22:20 - 02370560 _____ (Farbar) C:\Users\#IchBinAdmin\Downloads\FRST64.exe
2016-01-07 21:13 - 2016-01-07 21:13 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Roaming\AVAST Software
2016-01-07 21:12 - 2016-01-07 21:12 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-01-07 21:12 - 2016-01-07 21:12 - 00001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-01-07 21:12 - 2016-01-07 21:12 - 00001974 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-01-07 21:11 - 2016-01-07 21:12 - 00451040 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-01-07 21:11 - 2016-01-07 21:12 - 00097648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2016-01-07 21:11 - 2016-01-07 21:11 - 01055560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-01-07 21:11 - 2016-01-07 21:11 - 00386096 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-01-07 21:11 - 2016-01-07 21:11 - 00273784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-01-07 21:11 - 2016-01-07 21:11 - 00155304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-01-07 21:11 - 2016-01-07 21:11 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-01-07 21:11 - 2016-01-07 21:11 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-01-07 21:11 - 2016-01-07 21:11 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-01-07 21:11 - 2016-01-07 21:11 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-01-07 21:10 - 2016-01-07 21:10 - 00000000 ____D C:\Program Files\AVAST Software
2016-01-07 21:09 - 2016-01-07 21:10 - 00000000 ____D C:\ProgramData\AVAST Software
2016-01-07 21:01 - 2016-01-07 21:09 - 161199376 _____ (AVAST Software) C:\Users\#IchBinAdmin\Downloads\avast2245_free_antivirus_setup.exe
2016-01-07 20:58 - 2016-01-07 20:59 - 00000000 ____D C:\ProgramData\Avg
2016-01-07 20:54 - 2016-01-07 20:58 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\AvgSetupLog
2016-01-07 20:54 - 2016-01-07 20:54 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\Avg
2016-01-07 20:53 - 2016-01-07 20:54 - 02924840 _____ (AVG Technologies CZ, s.r.o.) C:\Users\#IchBinAdmin\Downloads\AVG_Protection_Free_1026.exe
2016-01-06 19:19 - 2016-01-06 19:19 - 00886528 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2016-01-06 19:19 - 2016-01-06 19:19 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 72113152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-01-06 19:16 - 2016-01-06 19:15 - 02918104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 02897741 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-01-06 19:16 - 2016-01-06 19:15 - 02702552 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-01-06 19:16 - 2016-01-06 19:15 - 01748696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 01576976 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 01413776 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 01310936 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 01104040 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00943784 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00734376 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00631000 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00560328 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00454288 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00369296 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00250536 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-01-06 16:29 - 2016-01-06 16:29 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-01-06 16:29 - 2016-01-06 16:29 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirPort-Dienstprogramm.lnk
2016-01-06 16:29 - 2016-01-06 16:29 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-01-06 16:29 - 2016-01-06 16:29 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\Apple
2016-01-06 16:29 - 2016-01-06 16:29 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-01-06 16:29 - 2016-01-06 16:29 - 00000000 ____D C:\Program Files (x86)\AirPort
2016-01-06 16:28 - 2016-01-06 16:29 - 10815592 _____ (Apple Inc.) C:\Users\#IchBinAdmin\Downloads\AirPortSetup.exe
2016-01-05 22:40 - 2016-01-05 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-05 21:50 - 2016-01-05 21:50 - 00000222 _____ C:\Users\#IchBinAdmin\Desktop\Borderlands The Pre-Sequel.url
2015-12-26 03:49 - 2015-12-26 03:49 - 00361041 _____ C:\Users\#IchBinAdmin\Documents\ts3_clientui-win64-1407159763-2015-12-26 03_49_03.694279.dmp
2015-12-24 15:21 - 2015-12-24 15:21 - 00002303 _____ C:\Users\#IchBinAdmin\Desktop\HP Support Assistant.lnk
2015-12-24 12:38 - 2015-12-24 12:38 - 00001749 _____ C:\Users\#IchBinAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk
2015-12-24 12:38 - 2015-12-24 12:38 - 00001725 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2015-12-24 12:37 - 2015-12-24 12:38 - 00000000 ____D C:\ProgramData\BlueStacksGameManager
2015-12-24 12:35 - 2015-12-24 12:36 - 00000000 ____D C:\ProgramData\BlueStacks
2015-12-24 12:35 - 2015-12-24 12:36 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-12-24 12:33 - 2016-01-07 21:32 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-12-24 12:26 - 2015-12-24 12:33 - 308353568 _____ (BlueStack Systems Inc.) C:\Users\#IchBinAdmin\Downloads\BlueStacks2_native.exe
2015-12-24 12:22 - 2015-12-24 12:22 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\Bluestacks
2015-12-24 12:19 - 2015-12-24 12:22 - 14100278 _____ C:\Users\#IchBinAdmin\Downloads\BlueStacks-ThinInstaller.zip
2015-12-20 10:33 - 2015-12-20 10:34 - 29830402 _____ C:\Users\#IchBinAdmin\Downloads\PureBDcraft 128x MC18.zip
2015-12-20 10:33 - 2015-12-20 10:34 - 15318579 _____ C:\Users\#IchBinAdmin\Downloads\PureBDcraft  64x MC18.zip
2015-12-20 10:18 - 2015-12-20 10:20 - 62818630 _____ C:\Users\#IchBinAdmin\Downloads\PureBDcraft 256x MC18.zip
2015-12-20 10:17 - 2015-12-20 10:21 - 113221340 _____ C:\Users\#IchBinAdmin\Downloads\PureBDcraft 512x MC18.zip
2015-12-20 10:09 - 2015-12-20 10:12 - 117002674 _____ C:\Users\#IchBinAdmin\Downloads\PureBDcraft 512x MC19.zip
2015-12-19 23:16 - 2015-12-19 23:16 - 00764725 _____ C:\Users\#IchBinAdmin\Downloads\Serinity HD [1.9].zip
2015-12-19 23:14 - 2015-12-19 23:14 - 05876180 _____ C:\Users\#IchBinAdmin\Downloads\S&K Photo Realism x128 (v0.4.1).zip
2015-12-19 23:06 - 2015-12-19 23:06 - 00001184 _____ C:\Users\#IchBinAdmin\Desktop\MEGAsync.lnk
2015-12-19 23:06 - 2015-12-19 23:06 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2015-12-19 23:06 - 2015-12-19 23:06 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\MEGAsync
2015-12-19 23:06 - 2015-12-19 23:06 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\Mega Limited
2015-12-19 23:05 - 2015-12-19 23:06 - 10152576 _____ (MEGA Limited) C:\Users\#IchBinAdmin\Downloads\MEGAsyncSetup.exe
2015-12-19 19:24 - 2015-12-19 19:26 - 66307513 _____ C:\Users\#IchBinAdmin\Downloads\realistico-18-05.zip
2015-12-19 10:13 - 2015-12-19 10:13 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-12-18 23:01 - 2015-12-07 05:48 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-18 23:01 - 2015-12-07 05:48 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2015-12-18 23:01 - 2015-12-07 05:48 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2015-12-18 23:01 - 2015-12-07 05:07 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-18 23:01 - 2015-12-07 05:03 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-18 23:01 - 2015-12-07 04:58 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-18 23:01 - 2015-12-07 04:53 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-18 23:01 - 2015-12-07 04:43 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-18 23:00 - 2015-12-07 05:57 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-18 23:00 - 2015-12-07 05:55 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-18 23:00 - 2015-12-07 05:49 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2015-12-18 23:00 - 2015-12-07 05:48 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2015-12-18 23:00 - 2015-12-07 05:47 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-12-18 23:00 - 2015-12-07 05:47 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-12-18 23:00 - 2015-12-07 05:47 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-12-18 23:00 - 2015-12-07 05:47 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-12-18 23:00 - 2015-12-07 05:46 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-18 23:00 - 2015-12-07 05:46 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-18 23:00 - 2015-12-07 05:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-12-18 23:00 - 2015-12-07 05:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2015-12-18 23:00 - 2015-12-07 05:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-18 23:00 - 2015-12-07 05:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2015-12-18 23:00 - 2015-12-07 05:09 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2015-12-18 23:00 - 2015-12-07 05:09 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2015-12-18 23:00 - 2015-12-07 05:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2015-12-18 23:00 - 2015-12-07 05:07 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2015-12-18 23:00 - 2015-12-07 05:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-18 23:00 - 2015-12-07 05:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2015-12-18 23:00 - 2015-12-07 05:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-18 23:00 - 2015-12-07 05:06 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-18 23:00 - 2015-12-07 05:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-18 23:00 - 2015-12-07 05:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2015-12-18 23:00 - 2015-12-07 05:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-18 23:00 - 2015-12-07 05:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-18 23:00 - 2015-12-07 05:02 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-18 23:00 - 2015-12-07 05:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-18 23:00 - 2015-12-07 05:01 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-18 23:00 - 2015-12-07 05:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2015-12-18 23:00 - 2015-12-07 05:00 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2015-12-18 23:00 - 2015-12-07 05:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2015-12-18 23:00 - 2015-12-07 05:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-18 23:00 - 2015-12-07 05:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-12-18 23:00 - 2015-12-07 04:59 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-18 23:00 - 2015-12-07 04:59 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-18 23:00 - 2015-12-07 04:59 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-18 23:00 - 2015-12-07 04:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-18 23:00 - 2015-12-07 04:58 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-18 23:00 - 2015-12-07 04:57 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-18 23:00 - 2015-12-07 04:57 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2015-12-18 23:00 - 2015-12-07 04:57 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2015-12-18 23:00 - 2015-12-07 04:56 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-18 23:00 - 2015-12-07 04:56 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-18 23:00 - 2015-12-07 04:55 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-18 23:00 - 2015-12-07 04:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-18 23:00 - 2015-12-07 04:54 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-18 23:00 - 2015-12-07 04:54 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2015-12-18 23:00 - 2015-12-07 04:53 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-18 23:00 - 2015-12-07 04:51 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-18 23:00 - 2015-12-07 04:51 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2015-12-18 23:00 - 2015-12-07 04:50 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2015-12-18 23:00 - 2015-12-07 04:49 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2015-12-18 23:00 - 2015-12-07 04:48 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-18 23:00 - 2015-12-07 04:47 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-12-18 23:00 - 2015-12-07 04:45 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-18 23:00 - 2015-12-07 04:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-12-18 23:00 - 2015-12-07 04:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-12-18 23:00 - 2015-12-07 04:44 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-12-18 23:00 - 2015-12-07 04:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2015-12-18 23:00 - 2015-12-07 04:41 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-18 23:00 - 2015-12-07 04:40 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-18 23:00 - 2015-12-07 04:40 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-18 23:00 - 2015-12-07 04:40 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-18 23:00 - 2015-12-07 04:39 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-18 23:00 - 2015-12-07 04:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2015-12-18 23:00 - 2015-12-07 04:33 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-12-18 23:00 - 2015-12-07 04:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2015-12-16 20:09 - 2015-12-16 20:09 - 00001064 _____ C:\Users\#IchBinAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2015-12-16 20:09 - 2015-12-16 20:09 - 00001056 _____ C:\Users\#IchBinAdmin\Desktop\osu!.lnk
2015-12-16 20:08 - 2015-12-19 19:14 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\osu!
2015-12-16 20:08 - 2015-12-16 20:08 - 00000000 ____D C:\Users\#IchBinAdmin\Downloads\Localisation
2015-12-16 20:07 - 2015-12-16 20:07 - 03285560 _____ (ppy) C:\Users\#IchBinAdmin\Downloads\osu!install.exe
2015-12-16 20:07 - 2015-12-16 20:07 - 00000072 _____ C:\Users\#IchBinAdmin\Downloads\update_log.txt
2015-12-16 19:09 - 2015-12-05 17:55 - 01497169 _____ C:\Users\#IchBinAdmin\Documents\fluch%20der%20karibik%202%20präsentation.odp_1.odp
2015-12-14 17:34 - 2015-12-14 17:39 - 00000120 _____ C:\Users\#IchBinAdmin\Desktop\FR SCHOCK ANRUFEN.txt
2015-12-14 17:27 - 2015-12-14 17:27 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\ActiveSync
2015-12-14 17:25 - 2015-12-14 17:25 - 00000020 ___SH C:\Users\#IchBinAdmin\ntuser.ini
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-12-14 04:39 - 2016-01-07 21:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-14 04:29 - 2015-12-14 04:29 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-14 04:29 - 2015-12-14 04:29 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata
2015-12-14 04:29 - 2015-12-14 04:29 - 00000000 ____D C:\Users\Default\Documents\hp.applications.package.appdata
2015-12-14 04:29 - 2015-12-14 04:29 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-12-14 04:29 - 2015-12-14 04:29 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata
2015-12-14 04:29 - 2015-12-14 04:29 - 00000000 ____D C:\Users\Default User\Documents\hp.applications.package.appdata
2015-12-14 04:29 - 2015-12-14 04:29 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-12-14 04:23 - 2015-12-14 04:31 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-12-14 04:20 - 2016-01-07 21:25 - 00000000 ____D C:\Users\#IchBinAdmin
2015-12-14 04:20 - 2015-12-25 21:24 - 02003182 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-14 04:20 - 2015-12-14 04:20 - 01909068 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\Vorlagen
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\Startmenü
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\Netzwerkumgebung
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\Lokale Einstellungen
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\Eigene Dateien
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\Druckumgebung
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\Documents\Eigene Videos
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\Documents\Eigene Musik
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\Documents\Eigene Bilder
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\AppData\Local\Verlauf
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\AppData\Local\Anwendungsdaten
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\Anwendungsdaten
2015-12-14 04:17 - 2015-12-14 04:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2015-12-14 04:16 - 2016-01-06 20:31 - 00015176 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2015-12-14 04:16 - 2016-01-06 19:17 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-12-14 04:16 - 2015-12-14 04:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-12-14 04:16 - 2015-12-14 04:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_AMDASF_01011.Wdf
2015-12-14 04:16 - 2015-12-14 04:16 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2015-12-14 04:16 - 2015-12-14 04:16 - 00000000 ____D C:\Program Files\Synaptics
2015-12-14 04:16 - 2015-12-14 04:16 - 00000000 ____D C:\Program Files\Realtek
2015-12-14 04:16 - 2015-12-14 04:16 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-12-14 04:16 - 2015-12-14 04:16 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2015-12-14 04:15 - 2015-12-14 04:15 - 00000000 ____D C:\Program Files\AMD
2015-12-14 04:15 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-12-14 04:14 - 2015-12-14 04:14 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-12-14 04:11 - 2015-12-25 21:18 - 00266544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-14 04:10 - 2016-01-05 23:10 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-14 04:04 - 2015-12-14 04:04 - 00000000 ____D C:\Windows.old
2015-12-14 04:03 - 2015-12-14 04:03 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 13381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-14 04:03 - 2015-12-14 04:03 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-12-14 04:03 - 2015-12-14 04:03 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-14 04:03 - 2015-12-14 04:03 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-14 04:03 - 2015-12-14 04:03 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-14 04:03 - 2015-12-14 04:03 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-14 04:03 - 2015-12-14 04:03 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-12-14 04:03 - 2015-12-14 04:03 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-12-14 04:03 - 2015-12-14 04:03 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-12-14 04:03 - 2015-12-14 04:03 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-12-14 04:03 - 2015-12-14 04:03 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-12-14 04:03 - 2015-12-14 04:03 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-14 04:03 - 2015-12-14 04:03 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-12-14 04:03 - 2015-12-14 04:03 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2015-12-14 04:03 - 2015-12-14 04:03 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-14 04:03 - 2015-12-14 04:03 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2015-12-14 04:03 - 2015-12-14 04:03 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2015-12-14 04:03 - 2015-12-14 04:03 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-12-14 03:59 - 2015-12-14 03:59 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-12-14 03:55 - 2015-12-14 03:55 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-12-14 03:55 - 2015-12-14 03:55 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-14 03:55 - 2015-12-14 03:55 - 00000000 ____D C:\Program Files\MSBuild
2015-12-14 03:55 - 2015-12-14 03:55 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-14 03:55 - 2015-12-14 03:55 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-14 03:55 - 2015-12-14 03:55 - 00000000 ____D C:\inetpub
2015-12-14 03:54 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-12-14 03:54 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-12-14 03:54 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-12-14 03:54 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-12-14 03:54 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-12-14 03:54 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-13 18:15 - 2015-12-13 18:15 - 00007602 _____ C:\Users\#IchBinAdmin\AppData\Local\Resmon.ResmonCfg
2015-12-12 16:01 - 2015-12-12 16:01 - 00030926 _____ C:\Users\#IchBinAdmin\Downloads\KUDA-Shaders v6.0.82 BETA - Lite.zip
2015-12-12 15:55 - 2015-12-12 15:57 - 81564905 _____ C:\Users\#IchBinAdmin\Downloads\[1.7.9]Flows HD V.3.rar
2015-12-10 19:59 - 2015-12-10 19:59 - 00624424 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtkBtfilter.sys
2015-12-10 19:59 - 2015-12-10 19:59 - 00050956 _____ C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8812ae_new.dll
2015-12-10 19:59 - 2015-12-10 19:59 - 00050920 _____ C:\WINDOWS\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new.dll
2015-12-10 19:59 - 2015-12-10 19:59 - 00050868 _____ C:\WINDOWS\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new_s1.dll
2015-12-10 19:59 - 2015-12-10 19:59 - 00050144 _____ C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192ee_new.dll
2015-12-10 19:59 - 2015-12-10 19:59 - 00050060 _____ C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192eu_new.dll
2015-12-10 19:59 - 2015-12-10 19:59 - 00047692 _____ C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_new.dll
2015-12-10 19:59 - 2015-12-10 19:59 - 00037244 _____ C:\WINDOWS\rlt8723a_chip_bt40_fw_asic_rom_patch.dll
2015-12-10 19:59 - 2015-12-10 19:59 - 00034840 _____ C:\WINDOWS\rtl8821a_mp_chip_bt40_fw_asic_rom_patch_new.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-07 22:20 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2016-01-07 22:05 - 2015-10-20 18:24 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-07 21:55 - 2015-07-21 16:27 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-07 21:34 - 2015-07-29 15:10 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Roaming\Skype
2016-01-07 21:33 - 2015-07-21 16:12 - 00000000 ____D C:\Users\#IchBinAdmin\Documents\Youcam
2016-01-07 21:29 - 2015-07-21 16:27 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-07 21:26 - 2015-02-12 12:42 - 00000000 ____D C:\ProgramData\McAfee
2016-01-07 21:25 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-07 21:25 - 2015-02-12 12:19 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-01-07 21:23 - 2015-10-30 08:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-01-07 21:23 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-07 21:23 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-07 21:23 - 2015-07-21 23:27 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2016-01-07 21:22 - 2015-07-10 10:05 - 00000000 ____D C:\Users\Default.migrated
2016-01-07 20:47 - 2015-07-21 16:53 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Roaming\.minecraft
2016-01-07 20:46 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-07 20:46 - 2015-07-21 16:52 - 00001128 _____ C:\Users\#IchBinAdmin\Downloads\nativelog.txt
2016-01-07 16:38 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-06 20:53 - 2015-07-21 16:18 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E02E7F10-A095-4F32-BE4A-C708105F2FF0}
2016-01-06 20:08 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-06 19:19 - 2015-02-12 12:09 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-01-06 19:19 - 2014-04-05 00:55 - 00000000 ____D C:\SWSetup
2016-01-06 19:17 - 2015-02-12 12:10 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-01-06 19:15 - 2015-06-24 21:59 - 03234520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-01-06 19:15 - 2015-06-24 21:59 - 02931416 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2016-01-06 19:15 - 2015-06-24 21:59 - 00184688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-01-06 19:15 - 2015-06-24 21:57 - 04506840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-01-06 19:15 - 2015-06-24 21:57 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-01-06 19:15 - 2015-02-12 12:10 - 02825944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2016-01-06 17:59 - 2015-11-14 10:48 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Roaming\Spotify
2016-01-06 17:59 - 2015-11-14 10:48 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\Spotify
2016-01-06 17:59 - 2015-07-21 21:25 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-06 00:28 - 2015-07-21 22:27 - 00000000 ____D C:\Users\#IchBinAdmin\Documents\My Games
2016-01-05 23:11 - 2015-07-22 09:56 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Roaming\TS3Client
2016-01-05 22:40 - 2015-07-29 15:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-05 22:40 - 2015-07-29 15:10 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\Skype
2016-01-05 22:40 - 2015-07-29 15:10 - 00000000 ____D C:\ProgramData\Skype
2016-01-05 22:06 - 2015-10-20 18:24 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-01-05 21:50 - 2015-07-21 21:33 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-05 21:48 - 2015-10-28 15:49 - 00003290 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleFor#IchBinAdmin
2016-01-05 21:48 - 2015-10-28 15:49 - 00000370 _____ C:\WINDOWS\Tasks\HPCeeScheduleFor#IchBinAdmin.job
2016-01-05 21:48 - 2015-07-21 16:11 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\Hewlett-Packard
2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-25 21:24 - 2015-10-30 19:35 - 00853752 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-25 21:24 - 2015-10-30 19:35 - 00187942 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-25 21:24 - 2014-10-31 20:54 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2015-12-25 21:23 - 2014-10-31 20:55 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-12-24 15:21 - 2014-10-31 20:57 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-24 15:21 - 2014-10-31 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-12-24 15:21 - 2014-10-31 20:42 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-12-24 14:54 - 2015-07-21 16:11 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Roaming\hpqlog
2015-12-24 12:36 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-23 15:57 - 2015-07-22 09:57 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-12-19 19:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-19 19:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-19 19:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2015-12-19 19:00 - 2015-11-27 15:15 - 00000811 _____ C:\Users\#IchBinAdmin\Desktop\Menü.bat
2015-12-19 00:07 - 2015-08-24 17:42 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\ElevatedDiagnostics
2015-12-16 19:35 - 2015-11-15 13:49 - 00000000 ____D C:\Users\#IchBinAdmin\Documents\Fluch der
2015-12-16 17:41 - 2015-07-21 16:07 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\Packages
2015-12-15 14:50 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat
2015-12-14 18:35 - 2015-08-06 22:04 - 00002442 _____ C:\Users\#IchBinAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-14 18:35 - 2015-07-21 21:11 - 00000000 ___RD C:\Users\#IchBinAdmin\OneDrive
2015-12-14 17:44 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2015-12-14 17:26 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-12-14 17:26 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-12-14 17:25 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-12-14 17:25 - 2015-07-21 14:51 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-14 04:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2015-12-14 04:47 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows NT
2015-12-14 04:46 - 2015-08-06 20:32 - 00019053 _____ C:\WINDOWS\diagwrn.xml
2015-12-14 04:46 - 2015-08-06 20:32 - 00019053 _____ C:\WINDOWS\diagerr.xml
2015-12-14 04:44 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-12-14 04:44 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration
2015-12-14 04:39 - 2015-12-01 17:41 - 00002158 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-12-14 04:39 - 2015-08-06 21:45 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-12-14 04:39 - 2015-07-22 09:57 - 00002700 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task
2015-12-14 04:39 - 2015-07-21 18:12 - 00002344 _____ C:\WINDOWS\System32\Tasks\{CF00DD36-5779-4AC2-8DEA-F23B12D2E6B1}
2015-12-14 04:39 - 2015-07-21 16:27 - 00003640 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-14 04:39 - 2015-07-21 16:27 - 00003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-14 04:39 - 2015-07-21 16:13 - 00002874 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-19900340-1551578156-919240601-1002
2015-12-14 04:39 - 2015-02-12 14:23 - 00002314 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-19900340-1551578156-919240601-500
2015-12-14 04:39 - 2015-02-12 12:31 - 00002346 _____ C:\WINDOWS\System32\Tasks\YCMServiceAgent
2015-12-14 04:31 - 2015-12-01 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-12-14 04:31 - 2015-11-15 13:22 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0
2015-12-14 04:31 - 2015-11-15 09:51 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
2015-12-14 04:31 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-14 04:31 - 2015-10-20 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-12-14 04:31 - 2015-09-19 19:28 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-14 04:31 - 2015-09-19 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-14 04:31 - 2015-09-05 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Survarium-Steam
2015-12-14 04:31 - 2015-08-26 18:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-12-14 04:31 - 2015-08-26 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-12-14 04:31 - 2015-07-29 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2015-12-14 04:31 - 2015-07-22 09:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-12-14 04:31 - 2015-07-21 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-12-14 04:31 - 2015-07-21 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-14 04:31 - 2015-07-21 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-14 04:31 - 2015-07-21 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-12-14 04:31 - 2015-02-12 12:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-14 04:31 - 2015-02-12 12:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-12-14 04:31 - 2014-10-31 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 25 GB
2015-12-14 04:31 - 2014-10-31 20:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-12-14 04:26 - 2014-10-31 20:50 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2015-12-14 04:26 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-12-14 04:26 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-12-14 04:24 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-14 04:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-14 04:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\InputMethod
2015-12-14 04:23 - 2015-11-15 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InterActual
2015-12-14 04:23 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate
2015-12-14 04:23 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-14 04:23 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-12-14 04:22 - 2015-07-22 09:57 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2015-12-14 04:19 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-14 04:11 - 2015-10-30 19:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2015-12-14 04:10 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-12-14 04:04 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-14 04:04 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-12-14 04:04 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-12-14 03:55 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-12-14 03:55 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-12-14 03:55 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-12-14 03:55 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-12-14 03:55 - 2015-10-30 08:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-12-14 03:55 - 2015-10-30 08:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-12-14 03:55 - 2015-10-30 08:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-12-14 03:55 - 2015-10-30 08:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-12-14 03:55 - 2015-10-30 08:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-12-14 03:55 - 2015-10-30 08:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-12-14 03:55 - 2015-10-30 08:18 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-12-14 03:55 - 2015-10-30 08:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-12-14 03:55 - 2015-10-30 08:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-12-14 03:55 - 2015-10-30 08:18 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-12-14 03:55 - 2015-10-30 08:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-12-14 03:55 - 2015-10-30 08:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-12-14 03:36 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-11 15:45 - 2015-07-21 16:27 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\Google
2015-12-10 20:46 - 2015-07-21 20:25 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-10 20:39 - 2015-07-21 20:25 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-09 04:39 - 2015-11-19 19:37 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-12-13 18:15 - 2015-12-13 18:15 - 0007602 _____ () C:\Users\#IchBinAdmin\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\#IchBinAdmin\AppData\Local\Temp\0174341452198084mcinst.exe
C:\Users\#IchBinAdmin\AppData\Local\Temp\McCSPInstall.dll
C:\Users\#IchBinAdmin\AppData\Local\Temp\mccspuninstall.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-06 20:05

==================== Ende von FRST.txt ============================
         
__________________

Alt 08.01.2016, 14:37   #4
JohnCrane
 
Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet - Standard

Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet



Und hier die Addition Logs.
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-01-2015
durchgeführt von #IchBinAdmin (2016-01-07 22:22:33)
Gestartet von C:\Users\#IchBinAdmin\Downloads
Windows 10 Home (X64) (2015-12-14 03:48:09)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

#IchBinAdmin (S-1-5-21-19900340-1551578156-919240601-1002 - Administrator - Enabled) => C:\Users\#IchBinAdmin
Administrator (S-1-5-21-19900340-1551578156-919240601-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-19900340-1551578156-919240601-503 - Limited - Disabled)
Gast (S-1-5-21-19900340-1551578156-919240601-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-19900340-1551578156-919240601-1004 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
AirPort (HKLM-x32\...\{AA68AAAE-41F0-40B5-8896-5947F5FD6889}) (Version: 5.6.1.2 - Apple Inc.)
AMD Catalyst Install Manager (HKLM\...\{03442D5E-8643-D712-8729-FAEDE30310B4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bejeweled 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
Block N Load (HKLM-x32\...\Steam App 299360) (Version:  - Jagex)
BLOCKADE 3D (HKLM-x32\...\Steam App 302830) (Version:  - Shumkov Dmitriy)
BlueStacks App Player (HKLM-x32\...\{EFA0FC40-7D96-4515-9715-7C0C5D872326}) (Version: 2.0.2.5623 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version:  - 2K Australia)
Build-a-lot (x32 Version: 3.0.2.59 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CLIQZ (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 1.0.22 - CLIQZ.com)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5715 - CyberLink Corp.)
Cyberlink PhotoDirector (Version: 5.0.3.5715 - Ihr Firmenname) Hidden
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5.4505 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)
CyberLink PowerBackup 2.6 (HKLM-x32\...\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.1.0903 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3220 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.2.3220 - Ihr Firmenname) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.5.4502 - CyberLink Corp.)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version:  - Splash Damage®)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.5.3 (HKLM-x32\...\{B1A0F908-1448-11E4-8684-00163E98E7D0}) (Version: 5.5.3.4236 - Evernote Corp.)
Farm Frenzy (x32 Version: 3.0.2.59 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{89BF1D4D-1D62-451E-9496-B971BDE82720}) (Version: 6.0.33.715 - Foxit Corporation)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
HAWKEN (HKLM-x32\...\Steam App 271290) (Version:  - Reloaded Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version:  - Reto-Moto)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6AAEDF97-4B93-4169-8FCA-FCB0378CED52}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
InterActual Player (HKLM-x32\...\InterActual Player) (Version:  - )
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LibreOffice 5.0.3.2 (HKLM\...\{F6536765-3E8F-4D1E-9833-0A89F4681D79}) (Version: 5.0.3.2 - The Document Foundation)
Logitech Options (HKLM\...\LogiOptions) (Version:  - Logitech)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
OEM Application Profile (HKLM-x32\...\{1D464EFF-EC8B-F225-2F74-F74143200DDF}) (Version: 1.00.0000 - Ihr Firmenname)
osu! (HKLM-x32\...\{157263f1-7b78-42fe-abf8-8f31137dfbe6}) (Version: latest - ppy Pty Ltd)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.91.145.0 - Overwolf Ltd.)
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.22 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.37 - REALTEK Semiconductor Corp.)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
Star Conflict (HKLM-x32\...\Steam App 212070) (Version:  - Star Gem Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Survarium (HKLM-x32\...\Steam App 355840) (Version:  - Vostok Games)
Survarium-Steam (HKLM-x32\...\{A3D9343D-77CD-4bf4-A47A-F87B3BE985B4}_is1) (Version: 0.30e - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version:  - Ubisoft Singapore)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Trove (HKLM-x32\...\Steam App 304050) (Version:  - Trion Worlds)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Warface (HKLM-x32\...\Steam App 291480) (Version:  - Crytek)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App für HP (x32 Version: 4.0.11.14 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-19900340-1551578156-919240601-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\#IchBinAdmin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0012F930-9A97-4A1C-8804-4634A9328107} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {09544BC2-4114-4DE8-B538-7733BFEB4A87} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {0F138628-9A6B-4ABE-BB12-6F83B74FBA36} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {10017974-320D-41EE-AB89-B317E5B27D81} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {129CC476-3E0F-4319-BFEC-9B0656869B2A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3B7B1AC5-952F-46EA-8C3C-4DACB2C8AF41} - System32\Tasks\{CF00DD36-5779-4AC2-8DEA-F23B12D2E6B1} => pcalua.exe -a C:\Users\#IchBinAdmin\Desktop\forge-1.8-11.14.3.1450-installer-win.exe -d C:\Users\#IchBinAdmin\Desktop
Task: {45C827C2-1DA0-4857-80B5-C2DCF078248A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {4974511C-AEBA-45DA-AA27-9D2783E11858} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {7F50984B-E667-488A-B247-922FA34179AF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-10] (Microsoft Corporation)
Task: {A679A6AD-A0C3-41B0-B63A-C3B756816FAB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-21] (Google Inc.)
Task: {A7E6348B-273B-4884-91DF-E2CB531C98E4} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-12-15] (Overwolf LTD)
Task: {ACA4056D-418B-42AF-9A0A-595534AEB458} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.)
Task: {AD44FC09-E447-4579-9AD6-03E7A2AA78B1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {AD47B5DE-A0CA-411C-BCBE-A2C5CB149052} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {AFAC55B4-5923-4CAF-93DB-565C99C30AC0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {AFB733F2-0D2C-4058-9991-75088664EFF1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {B4B78DF0-866C-48E4-8373-5F13D947BAE5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard)
Task: {B5960546-8E6C-4FA6-8012-217121DA00F9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {B9053D03-BCDE-4DE1-BED1-D7AE46FDBBF9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {C1626DEB-78F6-455D-817B-98A12DC2CE02} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-05] (Adobe Systems Incorporated)
Task: {C6BBFF63-B005-4A4D-9DDE-2642B6A592F7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {D00A1400-245A-41AF-9D86-8831BDD04DF5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {D7A65A98-5136-4DD6-B5DB-D310942B940B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-01-07] (AVAST Software)
Task: {D8267C45-5483-4503-AA47-8AB8109B57C9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {DC617D0F-FC41-41A4-B1E5-50B22F0C9A28} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-09-02] (CyberLink Corp.)
Task: {E3604B45-0766-43B1-9096-D6DB6E641030} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {E58111B7-3DA2-4692-BA6E-C2128BFC4D75} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-21] (Google Inc.)
Task: {FAEF40B1-07B0-4F05-8852-102DEB2D1462} - System32\Tasks\HPCeeScheduleFor#IchBinAdmin => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleFor#IchBinAdmin.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2014-09-06 23:32 - 2014-09-06 23:32 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-02-12 12:50 - 2014-04-14 18:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-02-12 12:15 - 2014-07-04 11:24 - 00094936 ____N () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-17 16:58 - 2015-12-17 16:58 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\Users\#IchBinAdmin\AppData\Local\MEGAsync\ShellExtX64.dll
2015-12-18 23:00 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 23:00 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-18 23:01 - 2015-12-07 04:37 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-18 23:00 - 2015-12-07 04:33 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-18 23:01 - 2015-12-07 04:34 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-18 23:01 - 2015-12-07 04:36 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-10-19 21:00 - 2015-10-19 21:00 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-01-07 21:11 - 2016-01-07 21:11 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-01-07 21:11 - 2016-01-07 21:11 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-01-07 21:17 - 2016-01-07 21:17 - 02809344 _____ () C:\Program Files\AVAST Software\Avast\defs\16010700\algo.dll
2016-01-07 21:11 - 2016-01-07 21:11 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-12-17 16:58 - 2015-12-17 16:58 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-12-17 16:58 - 2015-12-17 16:58 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-01-07 21:11 - 2016-01-07 21:11 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-12-05 10:21 - 2015-12-05 10:21 - 00933056 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2015-12-14 13:50 - 2015-12-24 12:36 - 03287552 _____ () C:\Program Files (x86)\BlueStacks\libGLESv2.dll
2015-12-17 16:53 - 2015-12-11 04:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-17 16:53 - 2015-12-11 04:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2016-01-07 21:11 - 2016-01-07 21:11 - 00984576 _____ () C:\Program Files\AVAST Software\Avast\ffmpegsumo.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-19900340-1551578156-919240601-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\#IchBinAdmin\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\desktop-hintergrund.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "LogiOptionsAppBroker"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{078E40A3-EA0B-4333-8125-E810D6319787}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{AFC6D644-D94D-4C6D-89B6-77E44B986404}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{DE7A14D9-F251-4962-A81B-B658D43A2E5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlockNLoad\Win64\BlockNLoad.exe
FirewallRules: [{50B75781-9AE1-430F-88BC-3B69B3B5CB4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlockNLoad\Win64\BlockNLoad.exe
FirewallRules: [{978064FF-BC38-4D40-9631-F1804C60BAC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{0F7EBD61-CEF2-4944-AC40-0186C6089D70}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [UDP Query User{475D9121-8517-4032-9A3D-305FD24A4F4C}C:\users\#ichbinadmin\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\#ichbinadmin\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{13D1DE32-986A-44D1-A9AF-04ED59DF04F9}C:\users\#ichbinadmin\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\#ichbinadmin\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{979F6211-1F87-4DA1-A28F-A719E0FCA86B}C:\users\#ichbinadmin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\#ichbinadmin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{228C7452-C56C-478C-A516-AAFF7DE9FD2D}C:\users\#ichbinadmin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\#ichbinadmin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{62537E43-BF71-4A3D-B2DA-11D15C97E85D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E9BE22EE-58D7-419A-9183-0163795874C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8EB6B770-3551-4616-837C-0F342F38D894}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{528E5F07-62D1-4053-AD90-2358DEE58C3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{BED386C0-0CC0-4401-8A2E-F77D2FECF531}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{C8366266-7A6A-416B-BB1C-5A9472154FE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{5E800B20-7543-4E43-9AE5-8125BC5EBDB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{9EABDA99-E557-471F-BB7F-ADF43A5B8E8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{0D5A5F2E-B1B4-4F3D-83F0-F10AA4B9B355}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{0443461C-FAA0-42C1-9DEF-ED2DF2683419}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{6B97EE76-331F-4F30-A329-FACA6D168FF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\star conflict\game.exe
FirewallRules: [{8AAD7B0C-5594-49FC-8719-9988E3E706EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\star conflict\game.exe
FirewallRules: [{4FD24FD0-019D-4900-8941-29622D971412}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{BA7D2D60-6894-42BE-A428-73B503FF6F19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{867176B3-D507-4181-8CE3-31F1657C1B75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{F582912C-1D87-48B1-8D86-35A74A48D8CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{F2CABDDD-6866-4F89-BC26-3B096EDB72DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{E0C5890D-7149-4A14-8CC9-EBBD1D4E817E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{7542F11B-F3A6-4312-BEE5-98CC3BAC721C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survarium\temp\survarium_launcher.exe
FirewallRules: [{5FABC795-DF77-400A-8549-0649028B636A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{465C72F8-208D-4AF0-A09D-E1A2BD06C849}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{A7B6F89A-A61E-4494-A286-07C9500D6542}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D32F4471-E261-454A-9A45-D587C76EB666}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E30FD235-543A-42C1-856B-FD743D4D0EEC}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{41AC9048-6FF2-402E-9F73-1015D32D4277}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{86CF7E60-EC79-425D-9E8D-C54165FF5F50}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{9598F6BA-A2DF-498A-AE69-FD395C7E82EF}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{16B68A7F-E815-423F-BE20-B9F30875CB01}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{56C60402-F2DC-488A-8854-F611BAC1048F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{317D1766-D817-4F78-9603-0A43ED05C67D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{08ED48AA-7F6D-4619-8299-9524631C5EF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blockade3d\main.exe
FirewallRules: [{D6957934-E292-49EC-9224-0DC7312D53B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blockade3d\main.exe
FirewallRules: [{70B449F2-1EB8-40FE-8821-71838D707C2C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{8C1B4686-6C86-445F-B8B0-B4DEC574C8D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{886DBDE4-676A-4418-B51F-39B587965D34}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{30916B6C-EB51-4A29-8505-8C53884A19A9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B45C319E-0B3E-46F5-9386-FFFAC1413499}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{646B2E30-85C7-4C73-8D6B-B7C83DB44927}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0E852ABA-D9D8-4407-9DB5-155D0E542141}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{F5BCF733-26F0-4A89-B31A-9D2549B6DA9D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{4F8B0049-1FD6-443A-A688-958C2F8CF1F4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{EFC8F631-5136-40E9-AED6-C9A2ED6E90F6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{35E88CA3-FD64-4CA9-855E-631E42570ADC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{AE93A350-59CF-49F9-A272-74187E4F4310}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{832C0466-09E8-4377-8E1C-2B765C435E95}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{AA4FE579-D412-4672-BB5F-513C5C4E63E9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{76D750B0-139C-4203-A43F-67D609744123}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{99F1670A-F9A3-490C-9183-567C23CCBFF2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4CBC3147-B663-4B8C-A389-9A68F842D65B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C8159FBC-6D3F-4C2F-AF9E-D7B3D60E639F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{55ADCC48-DAC2-446E-A793-D1C8B2AF3737}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{690365FE-377F-4087-A931-45F46689F793}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{E526F2D5-ADD4-4299-99B8-4C644BC9E08D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{477C0269-3B30-445A-8461-D2041D1FDCA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe
FirewallRules: [{5C311C79-5D95-4CC9-BADD-4D3B8147498B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe
FirewallRules: [{19FB76B2-0066-4E9B-B91B-70123D34B524}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{222C96C8-DB33-4F09-8F93-10B7C3063044}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{ACD2321C-A890-4F4D-8356-27C2D1DC76EE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{0F17E614-5CF7-42C8-94CF-7F5E2097D3AA}C:\users\#ichbinadmin\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\#ichbinadmin\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{4AA84775-EDEE-4EB0-BA02-50AFDD0C451D}C:\users\#ichbinadmin\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\#ichbinadmin\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{3670B284-2E28-4B09-A80F-96CB1FFC97AC}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{1F7C5E30-98CB-4ECB-9875-32F4907AAFD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{75A54EC3-FC70-487B-ACA2-B59F2700580C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [TCP Query User{EB621788-EA0E-425C-8F3F-32C0E42100F0}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{C8F34A83-A204-4B6E-B12A-06683783B373}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{34A8CA91-77FE-411A-9332-6198ED1D574F}] => (Allow) C:\Program Files (x86)\AirPort\APAgent.exe

==================== Wiederherstellungspunkte =========================

21-12-2015 18:54:14 Windows Modules Installer
24-12-2015 14:56:31 Installed HP Support Assistant
06-01-2016 00:25:45 DirectX wurde installiert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/07/2016 09:30:45 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4

Error: (01/07/2016 09:30:43 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (01/07/2016 09:30:42 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 

Error: (01/07/2016 09:30:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4

Error: (01/07/2016 09:30:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4

Error: (01/07/2016 09:30:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4

Error: (01/07/2016 09:30:38 PM) (Source: Perflib) (EventID: 1018) (User: )
Description: ASP.NET_64_2.0.50727

Error: (01/07/2016 09:30:38 PM) (Source: Perflib) (EventID: 1022) (User: )
Description: ASP.NET_64_2.0.507274

Error: (01/07/2016 08:45:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8226547

Error: (01/07/2016 08:45:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8226547


Systemfehler:
=============
Error: (01/07/2016 09:32:51 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (01/07/2016 09:25:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_8668e erreicht.

Error: (01/07/2016 09:25:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _8668e erreicht.

Error: (01/07/2016 09:25:15 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Benutzerdatenspeicher _8668e" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (01/07/2016 09:25:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_8668e" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/07/2016 09:25:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _8668e" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/07/2016 09:25:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_8668e" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/07/2016 09:25:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_8668e" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/07/2016 09:25:05 PM) (Source: DCOM) (EventID: 10010) (User: LUIS)
Description: Windows.Media.Capture.Internal.AppCaptureShell

Error: (01/07/2016 09:25:05 PM) (Source: DCOM) (EventID: 10010) (User: LUIS)
Description: Windows.Media.Capture.Internal.AppCaptureShell


CodeIntegrity:
===================================
  Date: 2016-01-07 21:15:06.804
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-06 20:36:21.958
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-06 00:49:19.720
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-06 00:27:48.594
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-24 12:21:07.797
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-24 12:21:07.778
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-21 19:00:12.848
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-19 23:17:36.328
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-19 23:17:36.286
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-19 19:04:36.587
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: AMD A10-5745M APU with Radeon(tm) HD Graphics 
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 7364.65 MB
Verfügbarer physikalischer RAM: 5018.23 MB
Summe virtueller Speicher: 8516.65 MB
Verfügbarer virtueller Speicher: 6062.81 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:906.37 GB) (Free:692.1 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:23.29 GB) (Free:2.58 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 13501DF2)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 08.01.2016, 15:00   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet - Standard

Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet



Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 08.01.2016, 20:23   #6
JohnCrane
 
Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet - Standard

Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet



Das Programm meinte nichts gefunden zu haben.
Hier das Mbar-log.
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.01.08.05
  rootkit: v2016.01.05.01

Windows 10 x64 NTFS
Internet Explorer 11.20.10586.0
#IchBinAdmin :: LUIS [administrator]

08.01.2016 20:29:29
mbar-log-2016-01-08 (20-29-29).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 370063
Time elapsed: 26 minute(s), 44 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

Alt 09.01.2016, 06:09   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet - Standard

Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet



Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 09.01.2016, 11:47   #8
JohnCrane
 
Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet - Standard

Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-01-2015
durchgeführt von #IchBinAdmin (Administrator) auf LUIS (09-01-2016 12:36:30)
Gestartet von C:\Users\#IchBinAdmin\Desktop
Geladene Profile: #IchBinAdmin (Verfügbare Profile: #IchBinAdmin)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.25.15.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Farbar) C:\Users\#IchBinAdmin\Desktop\FRST64 (1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8496344 2016-01-06] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [LogiOptionsAppBroker] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1579976 2015-06-22] (Logitech, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3945656 2015-09-09] (Synaptics Incorporated)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [883352 2015-12-14] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AirPort Base Station Agent] => C:\Program Files (x86)\AirPort\APAgent.exe [771360 2009-11-11] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2016-01-07] (AVAST Software)
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [45296 2015-12-15] (Overwolf LTD)
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\Run: [Spotify Web Helper] => C:\Users\#IchBinAdmin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2015-12-16] (Spotify Ltd)
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\Run: [Spotify] => C:\Users\#IchBinAdmin\AppData\Roaming\Spotify\Spotify.exe [8387696 2015-12-16] (Spotify Ltd)
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\RunOnce: [Uninstall C:\Users\#IchBinAdmin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\#IchBinAdmin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\RunOnce: [Uninstall C:\Users\#IchBinAdmin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\#IchBinAdmin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1"
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\RunOnce: [Uninstall C:\Users\#IchBinAdmin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\#IchBinAdmin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\#IchBinAdmin\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\#IchBinAdmin\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\#IchBinAdmin\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-01-07] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\#IchBinAdmin\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\#IchBinAdmin\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\#IchBinAdmin\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-10-20]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{45644fda-53a3-475d-a1ad-6710b755d15c}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b7f3b2ca-cacd-4e96-a588-7716d6479a12}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp13.msn.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com
HKU\S-1-5-21-19900340-1551578156-919240601-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-19900340-1551578156-919240601-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com
SearchScopes: HKU\S-1-5-21-19900340-1551578156-919240601-1002 -> {1B1DFA0A-C36F-4191-A2F9-858CC265D7E8} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-21] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-01-07] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-21] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-21] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-07] (AVAST Software)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-07-25] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-21] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19] (Hewlett-Packard Company)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\#IchBinAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\digk1cve.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-05] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-21] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-21] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF SearchPlugin: C:\Users\#IchBinAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\digk1cve.default\searchplugins\google-images.xml [2015-08-06]
FF SearchPlugin: C:\Users\#IchBinAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\digk1cve.default\searchplugins\google-maps.xml [2015-08-06]
FF SearchPlugin: C:\Users\#IchBinAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\digk1cve.default\searchplugins\youtube.xml [2015-11-12]
FF Extension: Cliqz - C:\Users\#IchBinAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\digk1cve.default\Extensions\cliqz@cliqz.com.xpi [2015-12-05] [ist nicht signiert]
FF Extension: ProxTube - Unblock YouTube - C:\Users\#IchBinAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\digk1cve.default\Extensions\ich@maltegoetz.de.xpi [2015-10-30]
FF Extension: Adblock Plus - C:\Users\#IchBinAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\digk1cve.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-26]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-07]
FF HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\#IchBinAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\digk1cve.default\extensions\cliqz@cliqz.com => nicht gefunden

Chrome: 
=======
CHR Profile: C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-21]
CHR Extension: (Google Docs) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-21]
CHR Extension: (Google Drive) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-11]
CHR Extension: (YouTube) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-07]
CHR Extension: (Adblock Plus) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-01-05]
CHR Extension: (Google-Suche) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-11]
CHR Extension: (Google Tabellen) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-21]
CHR Extension: (Google Docs Offline) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-25]
CHR Extension: (Avast Online Security) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-01-07]
CHR Extension: (Skype) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-19]
CHR Extension: (PowerPoint Online) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdafamggmaaaginooondinjgkgcbpnhp [2015-11-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-08]
CHR Extension: (Google Mail) - C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-01-07]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-06] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2016-01-07] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1225216 2015-10-07] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [432792 2015-12-14] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [412312 2015-12-14] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [854680 2015-12-14] (BlueStack Systems, Inc.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [94936 2014-07-04] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [245544 2015-09-05] (EasyAntiCheat Ltd)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-08-25] (WildTangent)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.11.163\McCHSvc.exe [235696 2015-07-31] (McAfee, Inc.)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1008880 2015-12-15] (Overwolf LTD)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2016-01-06] (Realtek Semiconductor)
S3 Survarium-Steam Update Service; C:\Program Files (x86)\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe [96856 2015-08-27] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-09-09] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2016-01-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2016-01-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2016-01-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2016-01-07] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2016-01-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2016-01-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2016-01-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2016-01-07] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146016 2015-12-14] (BlueStack Systems)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-10-30] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2016-01-06] (Realtek                                            )
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [624424 2015-12-10] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4629744 2015-09-20] (Realtek Semiconductor Corporation                           )
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [42184 2015-09-09] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [31472 2014-06-04] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-09 12:36 - 2016-01-09 12:36 - 02370560 _____ (Farbar) C:\Users\#IchBinAdmin\Desktop\FRST64 (1).exe
2016-01-09 12:26 - 2016-01-09 12:26 - 02370560 _____ (Farbar) C:\Users\#IchBinAdmin\Downloads\FRST64 (1).exe
2016-01-09 11:59 - 2016-01-09 11:59 - 00001152 _____ C:\Users\#IchBinAdmin\Desktop\JRT.txt
2016-01-09 11:51 - 2016-01-09 11:51 - 01600184 _____ (Malwarebytes) C:\Users\#IchBinAdmin\Downloads\JRT.exe
2016-01-09 11:51 - 2016-01-09 11:51 - 01600184 _____ (Malwarebytes) C:\Users\#IchBinAdmin\Desktop\JRT.exe
2016-01-09 11:48 - 2016-01-09 11:48 - 00001933 _____ C:\Users\#IchBinAdmin\Desktop\AdwCleaner[C1].txt
2016-01-09 11:38 - 2016-01-09 11:41 - 00000000 ____D C:\AdwCleaner
2016-01-09 11:32 - 2016-01-09 11:36 - 01749504 _____ C:\Users\#IchBinAdmin\Desktop\AdwCleaner_5.028.exe
2016-01-09 10:49 - 2016-01-09 10:49 - 01749504 _____ C:\Users\#IchBinAdmin\Downloads\AdwCleaner_5.028.exe
2016-01-08 20:29 - 2016-01-08 21:01 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-01-08 20:29 - 2016-01-08 20:29 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-08 20:29 - 2016-01-08 20:29 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-08 20:23 - 2016-01-08 21:01 - 00000000 ____D C:\Users\#IchBinAdmin\Desktop\mbar
2016-01-08 20:23 - 2016-01-08 20:23 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-01-08 20:20 - 2016-01-08 20:22 - 16563352 _____ (Malwarebytes Corp.) C:\Users\#IchBinAdmin\Desktop\mbar-1.09.3.1001.exe
2016-01-08 20:19 - 2016-01-08 20:19 - 16563352 _____ (Malwarebytes Corp.) C:\Users\#IchBinAdmin\Downloads\mbar-1.09.3.1001.exe
2016-01-07 22:59 - 2016-01-07 22:59 - 00014895 _____ C:\Users\#IchBinAdmin\Downloads\FRST (2).7z
2016-01-07 22:58 - 2016-01-07 22:58 - 00014895 _____ C:\Users\#IchBinAdmin\Downloads\FRST (1).7z
2016-01-07 22:58 - 2016-01-07 22:58 - 00011816 _____ C:\Users\#IchBinAdmin\Downloads\Addition.7z
2016-01-07 22:57 - 2016-01-07 22:57 - 00014895 _____ C:\Users\#IchBinAdmin\Downloads\FRST.7z
2016-01-07 22:57 - 2016-01-07 22:57 - 00014895 _____ C:\Users\#IchBinAdmin\Desktop\FRST.7z
2016-01-07 22:57 - 2016-01-07 22:57 - 00011816 _____ C:\Users\#IchBinAdmin\Desktop\Addition.7z
2016-01-07 22:28 - 2016-01-09 12:36 - 00024011 _____ C:\Users\#IchBinAdmin\Desktop\FRST.txt
2016-01-07 22:27 - 2016-01-07 22:27 - 00046003 _____ C:\Users\#IchBinAdmin\Desktop\Addition.txt
2016-01-07 22:22 - 2016-01-07 22:23 - 00046003 _____ C:\Users\#IchBinAdmin\Downloads\Addition.txt
2016-01-07 22:21 - 2016-01-07 22:23 - 00101502 _____ C:\Users\#IchBinAdmin\Downloads\FRST.txt
2016-01-07 22:20 - 2016-01-09 12:36 - 00000000 ____D C:\FRST
2016-01-07 22:18 - 2016-01-07 22:20 - 02370560 _____ (Farbar) C:\Users\#IchBinAdmin\Downloads\FRST64.exe
2016-01-07 21:13 - 2016-01-07 21:13 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Roaming\AVAST Software
2016-01-07 21:12 - 2016-01-09 11:48 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-01-07 21:12 - 2016-01-07 21:12 - 00001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-01-07 21:12 - 2016-01-07 21:12 - 00001974 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-01-07 21:11 - 2016-01-07 21:12 - 00451040 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-01-07 21:11 - 2016-01-07 21:12 - 00097648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2016-01-07 21:11 - 2016-01-07 21:11 - 01055560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-01-07 21:11 - 2016-01-07 21:11 - 00386096 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-01-07 21:11 - 2016-01-07 21:11 - 00273784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-01-07 21:11 - 2016-01-07 21:11 - 00155304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-01-07 21:11 - 2016-01-07 21:11 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-01-07 21:11 - 2016-01-07 21:11 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-01-07 21:11 - 2016-01-07 21:11 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-01-07 21:11 - 2016-01-07 21:11 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-01-07 21:10 - 2016-01-07 21:10 - 00000000 ____D C:\Program Files\AVAST Software
2016-01-07 21:09 - 2016-01-07 21:10 - 00000000 ____D C:\ProgramData\AVAST Software
2016-01-07 21:01 - 2016-01-07 21:09 - 161199376 _____ (AVAST Software) C:\Users\#IchBinAdmin\Downloads\avast2245_free_antivirus_setup.exe
2016-01-07 20:58 - 2016-01-07 20:59 - 00000000 ____D C:\ProgramData\Avg
2016-01-07 20:54 - 2016-01-07 20:58 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\AvgSetupLog
2016-01-07 20:54 - 2016-01-07 20:54 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\Avg
2016-01-07 20:53 - 2016-01-07 20:54 - 02924840 _____ (AVG Technologies CZ, s.r.o.) C:\Users\#IchBinAdmin\Downloads\AVG_Protection_Free_1026.exe
2016-01-06 19:19 - 2016-01-06 19:19 - 00886528 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2016-01-06 19:19 - 2016-01-06 19:19 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 72113152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-01-06 19:16 - 2016-01-06 19:15 - 02918104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 02897741 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-01-06 19:16 - 2016-01-06 19:15 - 02702552 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-01-06 19:16 - 2016-01-06 19:15 - 01748696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 01576976 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 01413776 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 01310936 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 01104040 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00943784 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00734376 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00631000 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00560328 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00454288 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00369296 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00250536 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-01-06 19:16 - 2016-01-06 19:15 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-01-06 16:29 - 2016-01-06 16:29 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-01-06 16:29 - 2016-01-06 16:29 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirPort-Dienstprogramm.lnk
2016-01-06 16:29 - 2016-01-06 16:29 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-01-06 16:29 - 2016-01-06 16:29 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\Apple
2016-01-06 16:29 - 2016-01-06 16:29 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-01-06 16:29 - 2016-01-06 16:29 - 00000000 ____D C:\Program Files (x86)\AirPort
2016-01-06 16:28 - 2016-01-06 16:29 - 10815592 _____ (Apple Inc.) C:\Users\#IchBinAdmin\Downloads\AirPortSetup.exe
2016-01-05 22:40 - 2016-01-05 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-05 21:50 - 2016-01-05 21:50 - 00000222 _____ C:\Users\#IchBinAdmin\Desktop\Borderlands The Pre-Sequel.url
2015-12-26 03:49 - 2015-12-26 03:49 - 00361041 _____ C:\Users\#IchBinAdmin\Documents\ts3_clientui-win64-1407159763-2015-12-26 03_49_03.694279.dmp
2015-12-24 15:21 - 2015-12-24 15:21 - 00002303 _____ C:\Users\#IchBinAdmin\Desktop\HP Support Assistant.lnk
2015-12-24 12:38 - 2015-12-24 12:38 - 00001749 _____ C:\Users\#IchBinAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk
2015-12-24 12:38 - 2015-12-24 12:38 - 00001725 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2015-12-24 12:37 - 2015-12-24 12:38 - 00000000 ____D C:\ProgramData\BlueStacksGameManager
2015-12-24 12:35 - 2015-12-24 12:36 - 00000000 ____D C:\ProgramData\BlueStacks
2015-12-24 12:35 - 2015-12-24 12:36 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-12-24 12:33 - 2016-01-07 21:32 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-12-24 12:26 - 2015-12-24 12:33 - 308353568 _____ (BlueStack Systems Inc.) C:\Users\#IchBinAdmin\Downloads\BlueStacks2_native.exe
2015-12-24 12:22 - 2015-12-24 12:22 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\Bluestacks
2015-12-24 12:19 - 2015-12-24 12:22 - 14100278 _____ C:\Users\#IchBinAdmin\Downloads\BlueStacks-ThinInstaller.zip
2015-12-20 10:33 - 2015-12-20 10:34 - 29830402 _____ C:\Users\#IchBinAdmin\Downloads\PureBDcraft 128x MC18.zip
2015-12-20 10:33 - 2015-12-20 10:34 - 15318579 _____ C:\Users\#IchBinAdmin\Downloads\PureBDcraft  64x MC18.zip
2015-12-20 10:18 - 2015-12-20 10:20 - 62818630 _____ C:\Users\#IchBinAdmin\Downloads\PureBDcraft 256x MC18.zip
2015-12-20 10:17 - 2015-12-20 10:21 - 113221340 _____ C:\Users\#IchBinAdmin\Downloads\PureBDcraft 512x MC18.zip
2015-12-20 10:09 - 2015-12-20 10:12 - 117002674 _____ C:\Users\#IchBinAdmin\Downloads\PureBDcraft 512x MC19.zip
2015-12-19 23:16 - 2015-12-19 23:16 - 00764725 _____ C:\Users\#IchBinAdmin\Downloads\Serinity HD [1.9].zip
2015-12-19 23:14 - 2015-12-19 23:14 - 05876180 _____ C:\Users\#IchBinAdmin\Downloads\S&K Photo Realism x128 (v0.4.1).zip
2015-12-19 23:06 - 2015-12-19 23:06 - 00001184 _____ C:\Users\#IchBinAdmin\Desktop\MEGAsync.lnk
2015-12-19 23:06 - 2015-12-19 23:06 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2015-12-19 23:06 - 2015-12-19 23:06 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\MEGAsync
2015-12-19 23:06 - 2015-12-19 23:06 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\Mega Limited
2015-12-19 23:05 - 2015-12-19 23:06 - 10152576 _____ (MEGA Limited) C:\Users\#IchBinAdmin\Downloads\MEGAsyncSetup.exe
2015-12-19 19:24 - 2015-12-19 19:26 - 66307513 _____ C:\Users\#IchBinAdmin\Downloads\realistico-18-05.zip
2015-12-19 10:13 - 2015-12-19 10:13 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-12-18 23:01 - 2015-12-07 05:48 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-18 23:01 - 2015-12-07 05:48 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2015-12-18 23:01 - 2015-12-07 05:48 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2015-12-18 23:01 - 2015-12-07 05:07 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-18 23:01 - 2015-12-07 05:03 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-18 23:01 - 2015-12-07 04:58 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-18 23:01 - 2015-12-07 04:53 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-18 23:01 - 2015-12-07 04:43 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-18 23:00 - 2015-12-07 05:57 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-18 23:00 - 2015-12-07 05:55 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-18 23:00 - 2015-12-07 05:49 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2015-12-18 23:00 - 2015-12-07 05:48 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2015-12-18 23:00 - 2015-12-07 05:48 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2015-12-18 23:00 - 2015-12-07 05:47 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-12-18 23:00 - 2015-12-07 05:47 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-12-18 23:00 - 2015-12-07 05:47 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-12-18 23:00 - 2015-12-07 05:47 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-12-18 23:00 - 2015-12-07 05:46 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-18 23:00 - 2015-12-07 05:46 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-18 23:00 - 2015-12-07 05:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-12-18 23:00 - 2015-12-07 05:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2015-12-18 23:00 - 2015-12-07 05:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-18 23:00 - 2015-12-07 05:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2015-12-18 23:00 - 2015-12-07 05:09 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2015-12-18 23:00 - 2015-12-07 05:09 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2015-12-18 23:00 - 2015-12-07 05:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2015-12-18 23:00 - 2015-12-07 05:07 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2015-12-18 23:00 - 2015-12-07 05:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-18 23:00 - 2015-12-07 05:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2015-12-18 23:00 - 2015-12-07 05:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-18 23:00 - 2015-12-07 05:06 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-18 23:00 - 2015-12-07 05:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-18 23:00 - 2015-12-07 05:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2015-12-18 23:00 - 2015-12-07 05:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-18 23:00 - 2015-12-07 05:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-18 23:00 - 2015-12-07 05:02 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-18 23:00 - 2015-12-07 05:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-18 23:00 - 2015-12-07 05:01 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-18 23:00 - 2015-12-07 05:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2015-12-18 23:00 - 2015-12-07 05:00 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2015-12-18 23:00 - 2015-12-07 05:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2015-12-18 23:00 - 2015-12-07 05:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-18 23:00 - 2015-12-07 05:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-12-18 23:00 - 2015-12-07 04:59 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-18 23:00 - 2015-12-07 04:59 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-18 23:00 - 2015-12-07 04:59 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-18 23:00 - 2015-12-07 04:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-18 23:00 - 2015-12-07 04:58 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-18 23:00 - 2015-12-07 04:57 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-18 23:00 - 2015-12-07 04:57 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2015-12-18 23:00 - 2015-12-07 04:57 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2015-12-18 23:00 - 2015-12-07 04:56 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-18 23:00 - 2015-12-07 04:56 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-18 23:00 - 2015-12-07 04:55 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-18 23:00 - 2015-12-07 04:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-18 23:00 - 2015-12-07 04:54 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-18 23:00 - 2015-12-07 04:54 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2015-12-18 23:00 - 2015-12-07 04:53 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-18 23:00 - 2015-12-07 04:51 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-18 23:00 - 2015-12-07 04:51 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2015-12-18 23:00 - 2015-12-07 04:50 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2015-12-18 23:00 - 2015-12-07 04:49 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2015-12-18 23:00 - 2015-12-07 04:48 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-18 23:00 - 2015-12-07 04:47 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-12-18 23:00 - 2015-12-07 04:45 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-18 23:00 - 2015-12-07 04:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-12-18 23:00 - 2015-12-07 04:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-12-18 23:00 - 2015-12-07 04:44 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-12-18 23:00 - 2015-12-07 04:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2015-12-18 23:00 - 2015-12-07 04:41 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-18 23:00 - 2015-12-07 04:40 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-18 23:00 - 2015-12-07 04:40 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-18 23:00 - 2015-12-07 04:40 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-18 23:00 - 2015-12-07 04:39 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-18 23:00 - 2015-12-07 04:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2015-12-18 23:00 - 2015-12-07 04:33 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-12-18 23:00 - 2015-12-07 04:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2015-12-16 20:09 - 2015-12-16 20:09 - 00001064 _____ C:\Users\#IchBinAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2015-12-16 20:09 - 2015-12-16 20:09 - 00001056 _____ C:\Users\#IchBinAdmin\Desktop\osu!.lnk
2015-12-16 20:08 - 2015-12-19 19:14 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\osu!
2015-12-16 20:08 - 2015-12-16 20:08 - 00000000 ____D C:\Users\#IchBinAdmin\Downloads\Localisation
2015-12-16 20:07 - 2015-12-16 20:07 - 03285560 _____ (ppy) C:\Users\#IchBinAdmin\Downloads\osu!install.exe
2015-12-16 20:07 - 2015-12-16 20:07 - 00000072 _____ C:\Users\#IchBinAdmin\Downloads\update_log.txt
2015-12-16 19:09 - 2015-12-05 17:55 - 01497169 _____ C:\Users\#IchBinAdmin\Documents\fluch%20der%20karibik%202%20präsentation.odp_1.odp
2015-12-14 17:34 - 2015-12-14 17:39 - 00000120 _____ C:\Users\#IchBinAdmin\Desktop\FR SCHOCK ANRUFEN.txt
2015-12-14 17:27 - 2015-12-14 17:27 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\ActiveSync
2015-12-14 17:25 - 2015-12-14 17:25 - 00000020 ___SH C:\Users\#IchBinAdmin\ntuser.ini
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-12-14 04:47 - 2015-12-14 04:47 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-12-14 04:39 - 2016-01-09 11:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-14 04:29 - 2015-12-14 04:29 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-14 04:29 - 2015-12-14 04:29 - 00000000 ____D C:\Users\Default\Documents\hp.system.package.metadata
2015-12-14 04:29 - 2015-12-14 04:29 - 00000000 ____D C:\Users\Default\Documents\hp.applications.package.appdata
2015-12-14 04:29 - 2015-12-14 04:29 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-12-14 04:29 - 2015-12-14 04:29 - 00000000 ____D C:\Users\Default User\Documents\hp.system.package.metadata
2015-12-14 04:29 - 2015-12-14 04:29 - 00000000 ____D C:\Users\Default User\Documents\hp.applications.package.appdata
2015-12-14 04:29 - 2015-12-14 04:29 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-12-14 04:23 - 2015-12-14 04:31 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-12-14 04:20 - 2016-01-09 11:45 - 00000000 ____D C:\Users\#IchBinAdmin
2015-12-14 04:20 - 2015-12-25 21:24 - 02003182 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-14 04:20 - 2015-12-14 04:20 - 01909068 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\Vorlagen
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\Startmenü
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\Netzwerkumgebung
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\Lokale Einstellungen
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\Eigene Dateien
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\Druckumgebung
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\Documents\Eigene Videos
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\Documents\Eigene Musik
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\Documents\Eigene Bilder
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\AppData\Local\Verlauf
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\AppData\Local\Anwendungsdaten
2015-12-14 04:20 - 2015-12-14 04:20 - 00000000 _SHDL C:\Users\#IchBinAdmin\Anwendungsdaten
2015-12-14 04:17 - 2015-12-14 04:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2015-12-14 04:16 - 2016-01-06 20:31 - 00015176 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2015-12-14 04:16 - 2016-01-06 19:17 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-12-14 04:16 - 2015-12-14 04:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-12-14 04:16 - 2015-12-14 04:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_AMDASF_01011.Wdf
2015-12-14 04:16 - 2015-12-14 04:16 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2015-12-14 04:16 - 2015-12-14 04:16 - 00000000 ____D C:\Program Files\Synaptics
2015-12-14 04:16 - 2015-12-14 04:16 - 00000000 ____D C:\Program Files\Realtek
2015-12-14 04:16 - 2015-12-14 04:16 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-12-14 04:16 - 2015-12-14 04:16 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2015-12-14 04:15 - 2015-12-14 04:15 - 00000000 ____D C:\Program Files\AMD
2015-12-14 04:15 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-12-14 04:14 - 2015-12-14 04:14 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-12-14 04:11 - 2015-12-25 21:18 - 00266544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-14 04:10 - 2016-01-05 23:10 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-14 04:04 - 2015-12-14 04:04 - 00000000 ____D C:\Windows.old
2015-12-14 04:03 - 2015-12-14 04:03 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 13381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-14 04:03 - 2015-12-14 04:03 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-12-14 04:03 - 2015-12-14 04:03 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-14 04:03 - 2015-12-14 04:03 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-14 04:03 - 2015-12-14 04:03 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-14 04:03 - 2015-12-14 04:03 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-14 04:03 - 2015-12-14 04:03 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-12-14 04:03 - 2015-12-14 04:03 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-12-14 04:03 - 2015-12-14 04:03 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-12-14 04:03 - 2015-12-14 04:03 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-12-14 04:03 - 2015-12-14 04:03 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-12-14 04:03 - 2015-12-14 04:03 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-14 04:03 - 2015-12-14 04:03 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-12-14 04:03 - 2015-12-14 04:03 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2015-12-14 04:03 - 2015-12-14 04:03 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-14 04:03 - 2015-12-14 04:03 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2015-12-14 04:03 - 2015-12-14 04:03 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2015-12-14 04:03 - 2015-12-14 04:03 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-12-14 03:59 - 2015-12-14 03:59 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-12-14 03:55 - 2015-12-14 03:55 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-12-14 03:55 - 2015-12-14 03:55 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-14 03:55 - 2015-12-14 03:55 - 00000000 ____D C:\Program Files\MSBuild
2015-12-14 03:55 - 2015-12-14 03:55 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-14 03:55 - 2015-12-14 03:55 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-14 03:55 - 2015-12-14 03:55 - 00000000 ____D C:\inetpub
2015-12-14 03:54 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-12-14 03:54 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-12-14 03:54 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-12-14 03:54 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-12-14 03:54 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-12-14 03:54 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-13 18:15 - 2015-12-13 18:15 - 00007602 _____ C:\Users\#IchBinAdmin\AppData\Local\Resmon.ResmonCfg
2015-12-12 16:01 - 2015-12-12 16:01 - 00030926 _____ C:\Users\#IchBinAdmin\Downloads\KUDA-Shaders v6.0.82 BETA - Lite.zip
2015-12-12 15:55 - 2015-12-12 15:57 - 81564905 _____ C:\Users\#IchBinAdmin\Downloads\[1.7.9]Flows HD V.3.rar
2015-12-10 19:59 - 2015-12-10 19:59 - 00624424 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtkBtfilter.sys
2015-12-10 19:59 - 2015-12-10 19:59 - 00050956 _____ C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8812ae_new.dll
2015-12-10 19:59 - 2015-12-10 19:59 - 00050920 _____ C:\WINDOWS\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new.dll
2015-12-10 19:59 - 2015-12-10 19:59 - 00050868 _____ C:\WINDOWS\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new_s1.dll
2015-12-10 19:59 - 2015-12-10 19:59 - 00050144 _____ C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192ee_new.dll
2015-12-10 19:59 - 2015-12-10 19:59 - 00050060 _____ C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_8192eu_new.dll
2015-12-10 19:59 - 2015-12-10 19:59 - 00047692 _____ C:\WINDOWS\rtl8761a_mp_chip_bt40_fw_asic_rom_patch_new.dll
2015-12-10 19:59 - 2015-12-10 19:59 - 00037244 _____ C:\WINDOWS\rlt8723a_chip_bt40_fw_asic_rom_patch.dll
2015-12-10 19:59 - 2015-12-10 19:59 - 00034840 _____ C:\WINDOWS\rtl8821a_mp_chip_bt40_fw_asic_rom_patch_new.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-09 12:22 - 2015-07-29 15:10 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Roaming\Skype
2016-01-09 12:05 - 2015-10-20 18:24 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-09 11:53 - 2015-07-21 16:27 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-09 11:51 - 2015-07-21 16:12 - 00000000 ____D C:\Users\#IchBinAdmin\Documents\Youcam
2016-01-09 11:47 - 2015-07-21 16:27 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-09 11:44 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-09 11:44 - 2015-02-12 12:19 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-01-09 10:49 - 2015-07-21 16:18 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E02E7F10-A095-4F32-BE4A-C708105F2FF0}
2016-01-08 20:29 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-08 20:29 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-07 22:23 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2016-01-07 21:26 - 2015-02-12 12:42 - 00000000 ____D C:\ProgramData\McAfee
2016-01-07 21:23 - 2015-10-30 08:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-01-07 21:23 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-07 21:23 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-07 21:23 - 2015-07-21 23:27 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2016-01-07 21:22 - 2015-07-10 10:05 - 00000000 ____D C:\Users\Default.migrated
2016-01-07 20:47 - 2015-07-21 16:53 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Roaming\.minecraft
2016-01-07 20:46 - 2015-07-21 16:52 - 00001128 _____ C:\Users\#IchBinAdmin\Downloads\nativelog.txt
2016-01-06 20:08 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-06 19:19 - 2015-02-12 12:09 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-01-06 19:19 - 2014-04-05 00:55 - 00000000 ____D C:\SWSetup
2016-01-06 19:17 - 2015-02-12 12:10 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-01-06 19:15 - 2015-06-24 21:59 - 03234520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-01-06 19:15 - 2015-06-24 21:59 - 02931416 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2016-01-06 19:15 - 2015-06-24 21:59 - 00184688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-01-06 19:15 - 2015-06-24 21:57 - 04506840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-01-06 19:15 - 2015-06-24 21:57 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-01-06 19:15 - 2015-02-12 12:10 - 02825944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2016-01-06 17:59 - 2015-11-14 10:48 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Roaming\Spotify
2016-01-06 17:59 - 2015-11-14 10:48 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\Spotify
2016-01-06 17:59 - 2015-07-21 21:25 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-06 00:28 - 2015-07-21 22:27 - 00000000 ____D C:\Users\#IchBinAdmin\Documents\My Games
2016-01-05 23:11 - 2015-07-22 09:56 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Roaming\TS3Client
2016-01-05 22:40 - 2015-07-29 15:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-05 22:40 - 2015-07-29 15:10 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\Skype
2016-01-05 22:40 - 2015-07-29 15:10 - 00000000 ____D C:\ProgramData\Skype
2016-01-05 22:06 - 2015-10-20 18:24 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-01-05 21:50 - 2015-07-21 21:33 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-05 21:48 - 2015-10-28 15:49 - 00003290 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleFor#IchBinAdmin
2016-01-05 21:48 - 2015-10-28 15:49 - 00000370 _____ C:\WINDOWS\Tasks\HPCeeScheduleFor#IchBinAdmin.job
2016-01-05 21:48 - 2015-07-21 16:11 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\Hewlett-Packard
2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-25 21:24 - 2015-10-30 19:35 - 00853752 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-25 21:24 - 2015-10-30 19:35 - 00187942 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-25 21:24 - 2014-10-31 20:54 - 00000000 ____D C:\WINDOWS\System32\Tasks\Hewlett-Packard
2015-12-25 21:23 - 2014-10-31 20:55 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-12-24 15:21 - 2014-10-31 20:57 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-24 15:21 - 2014-10-31 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-12-24 15:21 - 2014-10-31 20:42 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-12-24 14:54 - 2015-07-21 16:11 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Roaming\hpqlog
2015-12-24 12:36 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-23 15:57 - 2015-07-22 09:57 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-12-19 19:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-19 19:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-19 19:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2015-12-19 19:00 - 2015-11-27 15:15 - 00000811 _____ C:\Users\#IchBinAdmin\Desktop\Menü.bat
2015-12-19 00:07 - 2015-08-24 17:42 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\ElevatedDiagnostics
2015-12-16 19:35 - 2015-11-15 13:49 - 00000000 ____D C:\Users\#IchBinAdmin\Documents\Fluch der
2015-12-16 17:41 - 2015-07-21 16:07 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\Packages
2015-12-15 14:50 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat
2015-12-14 18:35 - 2015-08-06 22:04 - 00002442 _____ C:\Users\#IchBinAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-14 18:35 - 2015-07-21 21:11 - 00000000 ___RD C:\Users\#IchBinAdmin\OneDrive
2015-12-14 17:44 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2015-12-14 17:26 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-12-14 17:26 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-12-14 17:25 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-12-14 17:25 - 2015-07-21 14:51 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-14 04:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2015-12-14 04:47 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows NT
2015-12-14 04:46 - 2015-08-06 20:32 - 00019053 _____ C:\WINDOWS\diagwrn.xml
2015-12-14 04:46 - 2015-08-06 20:32 - 00019053 _____ C:\WINDOWS\diagerr.xml
2015-12-14 04:44 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-12-14 04:44 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration
2015-12-14 04:39 - 2015-12-01 17:41 - 00002158 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-12-14 04:39 - 2015-08-06 21:45 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-12-14 04:39 - 2015-07-22 09:57 - 00002700 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task
2015-12-14 04:39 - 2015-07-21 18:12 - 00002344 _____ C:\WINDOWS\System32\Tasks\{CF00DD36-5779-4AC2-8DEA-F23B12D2E6B1}
2015-12-14 04:39 - 2015-07-21 16:27 - 00003640 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-14 04:39 - 2015-07-21 16:27 - 00003416 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-14 04:39 - 2015-07-21 16:13 - 00002874 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-19900340-1551578156-919240601-1002
2015-12-14 04:39 - 2015-02-12 14:23 - 00002314 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-19900340-1551578156-919240601-500
2015-12-14 04:39 - 2015-02-12 12:31 - 00002346 _____ C:\WINDOWS\System32\Tasks\YCMServiceAgent
2015-12-14 04:31 - 2015-12-01 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-12-14 04:31 - 2015-11-15 13:22 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0
2015-12-14 04:31 - 2015-11-15 09:51 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
2015-12-14 04:31 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-14 04:31 - 2015-10-20 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-12-14 04:31 - 2015-09-19 19:28 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-14 04:31 - 2015-09-19 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-14 04:31 - 2015-09-05 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Survarium-Steam
2015-12-14 04:31 - 2015-08-26 18:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-12-14 04:31 - 2015-08-26 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-12-14 04:31 - 2015-07-29 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2015-12-14 04:31 - 2015-07-22 09:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-12-14 04:31 - 2015-07-21 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-12-14 04:31 - 2015-07-21 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-14 04:31 - 2015-07-21 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-14 04:31 - 2015-07-21 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-12-14 04:31 - 2015-02-12 12:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-14 04:31 - 2015-02-12 12:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-12-14 04:31 - 2014-10-31 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 25 GB
2015-12-14 04:31 - 2014-10-31 20:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-12-14 04:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-12-14 04:26 - 2014-10-31 20:50 - 00000000 ____D C:\WINDOWS\SysWOW64\Adobe
2015-12-14 04:26 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-12-14 04:26 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-12-14 04:24 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-14 04:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-14 04:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\InputMethod
2015-12-14 04:23 - 2015-11-15 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InterActual
2015-12-14 04:23 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate
2015-12-14 04:23 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-14 04:23 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-12-14 04:22 - 2015-07-22 09:57 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2015-12-14 04:19 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-14 04:11 - 2015-10-30 19:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2015-12-14 04:10 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-12-14 04:04 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-14 04:04 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-12-14 04:04 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-12-14 03:55 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-12-14 03:55 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-12-14 03:55 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-12-14 03:55 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-12-14 03:55 - 2015-10-30 08:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-12-14 03:55 - 2015-10-30 08:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-12-14 03:55 - 2015-10-30 08:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-12-14 03:55 - 2015-10-30 08:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-12-14 03:55 - 2015-10-30 08:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-12-14 03:55 - 2015-10-30 08:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-12-14 03:55 - 2015-10-30 08:18 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-12-14 03:55 - 2015-10-30 08:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-12-14 03:55 - 2015-10-30 08:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-12-14 03:55 - 2015-10-30 08:18 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-12-14 03:55 - 2015-10-30 08:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-12-14 03:55 - 2015-10-30 08:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-12-14 03:36 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-11 15:45 - 2015-07-21 16:27 - 00000000 ____D C:\Users\#IchBinAdmin\AppData\Local\Google
2015-12-10 20:46 - 2015-07-21 20:25 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-10 20:39 - 2015-07-21 20:25 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-12-13 18:15 - 2015-12-13 18:15 - 0007602 _____ () C:\Users\#IchBinAdmin\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\#IchBinAdmin\AppData\Local\Temp\McCSPInstall.dll
C:\Users\#IchBinAdmin\AppData\Local\Temp\mccspuninstall.exe
C:\Users\#IchBinAdmin\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-06 20:05

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 10 Home x64 
Ran by #IchBinAdmin (Administrator) on 09.01.2016 at 11:52:38,98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2 

Successfully deleted: C:\Users\#IchBinAdmin\AppData\Local\crashrpt (Folder) 
Successfully deleted: C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo (Folder) 



Registry: 3 

Successfully deleted: HKLM\Software\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo (Registry Key) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77ECE5F7-853D-4BBE-BCE5-A11C49C4ACED} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{77ECE5F7-853D-4BBE-BCE5-A11C49C4ACED} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.01.2016 at 11:59:06,48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
# AdwCleaner v5.028 - Bericht erstellt am 09/01/2016 um 11:41:58
# Aktualisiert am 04/01/2016 von Xplode
# Datenbank : 2016-01-04.2 [Server]
# Betriebssystem : Windows 10 Home  (x64)
# Benutzername : #IchBinAdmin - LUIS
# Gestartet von : C:\Users\#IchBinAdmin\Desktop\AdwCleaner_5.028.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\ftb
[-] Ordner Gelöscht : C:\Users\#IchBinAdmin\AppData\Local\YSearchUtil
[-] Ordner Gelöscht : C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo

***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet
[-] Schlüssel Gelöscht : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com/search?q=conduit&form=WNSGPH&qs=AS&cvid=9ae4e4364f0842d0bd1c5358379215f5&pq=conduit&nclid=027B3D2CF4273C6B1E0CDBA74B3E449F&ts=1449348449135&nclidts=1449348449&tsms=135

***** [ Internetbrowser ] *****

[-] [C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : blitz-brigade.de.softonic.com
[-] [C:\Users\#IchBinAdmin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : npdicihegicnhaangkdmcgbjceoemeoo

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1851 Bytes] ##########
         
Hier die 3 Logs.
Vielen dank übrigens für die schnellen Atworten. <3

Alt 09.01.2016, 11:50   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet - Standard

Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet



Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Untersuchen klicken.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 09.01.2016, 12:03   #10
JohnCrane
 
Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet - Standard

Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet



P.S. Ich habe nochmal probiert ob es besser ist und ja es ist besser. Alles wieder wie vorher ihr seit die besten ich werde euch auf jedenfall weiterempfehlen. <3

OK Addition kommt
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-01-2015
durchgeführt von #IchBinAdmin (2016-01-09 12:59:21)
Gestartet von C:\Users\#IchBinAdmin\Desktop
Windows 10 Home (X64) (2015-12-14 03:48:09)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

#IchBinAdmin (S-1-5-21-19900340-1551578156-919240601-1002 - Administrator - Enabled) => C:\Users\#IchBinAdmin
Administrator (S-1-5-21-19900340-1551578156-919240601-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-19900340-1551578156-919240601-503 - Limited - Disabled)
Gast (S-1-5-21-19900340-1551578156-919240601-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-19900340-1551578156-919240601-1004 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
AirPort (HKLM-x32\...\{AA68AAAE-41F0-40B5-8896-5947F5FD6889}) (Version: 5.6.1.2 - Apple Inc.)
AMD Catalyst Install Manager (HKLM\...\{03442D5E-8643-D712-8729-FAEDE30310B4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bejeweled 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
Block N Load (HKLM-x32\...\Steam App 299360) (Version:  - Jagex)
BLOCKADE 3D (HKLM-x32\...\Steam App 302830) (Version:  - Shumkov Dmitriy)
BlueStacks App Player (HKLM-x32\...\{EFA0FC40-7D96-4515-9715-7C0C5D872326}) (Version: 2.0.2.5623 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version:  - 2K Australia)
Build-a-lot (x32 Version: 3.0.2.59 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CLIQZ (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 1.0.22 - CLIQZ.com)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5715 - CyberLink Corp.)
Cyberlink PhotoDirector (Version: 5.0.3.5715 - Ihr Firmenname) Hidden
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5.4505 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)
CyberLink PowerBackup 2.6 (HKLM-x32\...\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.1.0903 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3220 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.2.3220 - Ihr Firmenname) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.5.4502 - CyberLink Corp.)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version:  - Splash Damage®)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.5.3 (HKLM-x32\...\{B1A0F908-1448-11E4-8684-00163E98E7D0}) (Version: 5.5.3.4236 - Evernote Corp.)
Farm Frenzy (x32 Version: 3.0.2.59 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{89BF1D4D-1D62-451E-9496-B971BDE82720}) (Version: 6.0.33.715 - Foxit Corporation)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
HAWKEN (HKLM-x32\...\Steam App 271290) (Version:  - Reloaded Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version:  - Reto-Moto)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6AAEDF97-4B93-4169-8FCA-FCB0378CED52}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
InterActual Player (HKLM-x32\...\InterActual Player) (Version:  - )
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LibreOffice 5.0.3.2 (HKLM\...\{F6536765-3E8F-4D1E-9833-0A89F4681D79}) (Version: 5.0.3.2 - The Document Foundation)
Logitech Options (HKLM\...\LogiOptions) (Version:  - Logitech)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
OEM Application Profile (HKLM-x32\...\{1D464EFF-EC8B-F225-2F74-F74143200DDF}) (Version: 1.00.0000 - Ihr Firmenname)
osu! (HKLM-x32\...\{157263f1-7b78-42fe-abf8-8f31137dfbe6}) (Version: latest - ppy Pty Ltd)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.91.145.0 - Overwolf Ltd.)
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.22 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.37 - REALTEK Semiconductor Corp.)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
Star Conflict (HKLM-x32\...\Steam App 212070) (Version:  - Star Gem Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Survarium (HKLM-x32\...\Steam App 355840) (Version:  - Vostok Games)
Survarium-Steam (HKLM-x32\...\{A3D9343D-77CD-4bf4-A47A-F87B3BE985B4}_is1) (Version: 0.30e - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version:  - Ubisoft Singapore)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Trove (HKLM-x32\...\Steam App 304050) (Version:  - Trion Worlds)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Warface (HKLM-x32\...\Steam App 291480) (Version:  - Crytek)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App für HP (x32 Version: 4.0.11.14 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-19900340-1551578156-919240601-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\#IchBinAdmin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0012F930-9A97-4A1C-8804-4634A9328107} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {09544BC2-4114-4DE8-B538-7733BFEB4A87} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {0F138628-9A6B-4ABE-BB12-6F83B74FBA36} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {10017974-320D-41EE-AB89-B317E5B27D81} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {129CC476-3E0F-4319-BFEC-9B0656869B2A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3B7B1AC5-952F-46EA-8C3C-4DACB2C8AF41} - System32\Tasks\{CF00DD36-5779-4AC2-8DEA-F23B12D2E6B1} => pcalua.exe -a C:\Users\#IchBinAdmin\Desktop\forge-1.8-11.14.3.1450-installer-win.exe -d C:\Users\#IchBinAdmin\Desktop
Task: {3C7F49FA-BB78-47DC-B763-9523CA204DA3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-10] (Microsoft Corporation)
Task: {45C827C2-1DA0-4857-80B5-C2DCF078248A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {4974511C-AEBA-45DA-AA27-9D2783E11858} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A679A6AD-A0C3-41B0-B63A-C3B756816FAB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-21] (Google Inc.)
Task: {A7E6348B-273B-4884-91DF-E2CB531C98E4} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-12-15] (Overwolf LTD)
Task: {ACA4056D-418B-42AF-9A0A-595534AEB458} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.)
Task: {AD44FC09-E447-4579-9AD6-03E7A2AA78B1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {AD47B5DE-A0CA-411C-BCBE-A2C5CB149052} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {AFAC55B4-5923-4CAF-93DB-565C99C30AC0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard)
Task: {AFB733F2-0D2C-4058-9991-75088664EFF1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {B4B78DF0-866C-48E4-8373-5F13D947BAE5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard)
Task: {B5960546-8E6C-4FA6-8012-217121DA00F9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {B9053D03-BCDE-4DE1-BED1-D7AE46FDBBF9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {C1626DEB-78F6-455D-817B-98A12DC2CE02} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-05] (Adobe Systems Incorporated)
Task: {C6BBFF63-B005-4A4D-9DDE-2642B6A592F7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {D00A1400-245A-41AF-9D86-8831BDD04DF5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {D7A65A98-5136-4DD6-B5DB-D310942B940B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-01-07] (AVAST Software)
Task: {D8267C45-5483-4503-AA47-8AB8109B57C9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {DC617D0F-FC41-41A4-B1E5-50B22F0C9A28} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-09-02] (CyberLink Corp.)
Task: {E3604B45-0766-43B1-9096-D6DB6E641030} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {E58111B7-3DA2-4692-BA6E-C2128BFC4D75} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-21] (Google Inc.)
Task: {FAEF40B1-07B0-4F05-8852-102DEB2D1462} - System32\Tasks\HPCeeScheduleFor#IchBinAdmin => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleFor#IchBinAdmin.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2014-09-06 23:32 - 2014-09-06 23:32 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-02-12 12:50 - 2014-04-14 18:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-02-12 12:15 - 2014-07-04 11:24 - 00094936 ____N () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2015-12-14 04:03 - 2015-12-14 04:03 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-14 04:03 - 2015-12-14 04:03 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\Users\#IchBinAdmin\AppData\Local\MEGAsync\ShellExtX64.dll
2015-12-17 16:58 - 2015-12-17 16:58 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-10-19 21:00 - 2015-10-19 21:00 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-12-18 23:00 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 23:00 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-18 23:01 - 2015-12-07 04:37 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-18 23:00 - 2015-12-07 04:33 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-18 23:01 - 2015-12-07 04:34 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-18 23:01 - 2015-12-07 04:36 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-12-18 23:00 - 2015-12-07 04:34 - 00936448 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-12-10 18:07 - 2015-12-10 18:07 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-12-10 18:07 - 2015-12-10 18:07 - 11542016 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-11-19 19:39 - 2015-11-19 20:00 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1208.10480.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-01-08 20:28 - 2016-01-08 20:28 - 09737216 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.25.15.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-07-21 20:45 - 2015-07-21 20:45 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2015-12-09 16:02 - 2015-12-09 16:02 - 02307064 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.5\deploy\LoLLauncher.exe
2015-12-09 16:03 - 2015-12-09 16:03 - 04225528 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.45\deploy\LoLPatcher.exe
2015-07-21 20:59 - 2015-07-21 20:59 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.178\deploy\LolClient.exe
2015-07-21 23:33 - 2015-12-09 16:12 - 19181048 _____ () C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.114\deploy\League of Legends.exe
2016-01-07 21:11 - 2016-01-07 21:11 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-01-07 21:11 - 2016-01-07 21:11 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-01-08 20:58 - 2016-01-08 20:58 - 02821120 _____ () C:\Program Files\AVAST Software\Avast\defs\16010800\algo.dll
2016-01-07 21:11 - 2016-01-07 21:11 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-01-09 11:47 - 2016-01-09 11:47 - 02821120 _____ () C:\Program Files\AVAST Software\Avast\defs\16010900\algo.dll
2015-12-05 10:21 - 2015-12-05 10:21 - 00933056 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2016-01-07 21:11 - 2016-01-07 21:11 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-12-17 16:58 - 2015-12-17 16:58 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-12-17 16:58 - 2015-12-17 16:58 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-12-17 16:53 - 2015-12-11 04:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-17 16:53 - 2015-12-11 04:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2015-12-09 16:03 - 2015-12-09 16:03 - 01465848 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.45\deploy\RiotLauncher.dll
2015-09-30 17:56 - 2015-09-30 17:57 - 04885152 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.178\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2015-09-30 17:56 - 2015-09-30 17:57 - 17414304 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.178\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
2015-07-21 23:33 - 2015-12-09 16:12 - 01467384 _____ () C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.114\deploy\RiotLauncher.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-19900340-1551578156-919240601-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\#IchBinAdmin\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\desktop-hintergrund.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "LogiOptionsAppBroker"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-19900340-1551578156-919240601-1002\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{078E40A3-EA0B-4333-8125-E810D6319787}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{AFC6D644-D94D-4C6D-89B6-77E44B986404}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{DE7A14D9-F251-4962-A81B-B658D43A2E5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlockNLoad\Win64\BlockNLoad.exe
FirewallRules: [{50B75781-9AE1-430F-88BC-3B69B3B5CB4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlockNLoad\Win64\BlockNLoad.exe
FirewallRules: [{978064FF-BC38-4D40-9631-F1804C60BAC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{0F7EBD61-CEF2-4944-AC40-0186C6089D70}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [UDP Query User{475D9121-8517-4032-9A3D-305FD24A4F4C}C:\users\#ichbinadmin\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\#ichbinadmin\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{13D1DE32-986A-44D1-A9AF-04ED59DF04F9}C:\users\#ichbinadmin\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\#ichbinadmin\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{979F6211-1F87-4DA1-A28F-A719E0FCA86B}C:\users\#ichbinadmin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\#ichbinadmin\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{228C7452-C56C-478C-A516-AAFF7DE9FD2D}C:\users\#ichbinadmin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\#ichbinadmin\appdata\roaming\spotify\spotify.exe
FirewallRules: [{62537E43-BF71-4A3D-B2DA-11D15C97E85D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E9BE22EE-58D7-419A-9183-0163795874C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8EB6B770-3551-4616-837C-0F342F38D894}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{528E5F07-62D1-4053-AD90-2358DEE58C3A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{BED386C0-0CC0-4401-8A2E-F77D2FECF531}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{C8366266-7A6A-416B-BB1C-5A9472154FE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{5E800B20-7543-4E43-9AE5-8125BC5EBDB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{9EABDA99-E557-471F-BB7F-ADF43A5B8E8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{0D5A5F2E-B1B4-4F3D-83F0-F10AA4B9B355}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{0443461C-FAA0-42C1-9DEF-ED2DF2683419}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{6B97EE76-331F-4F30-A329-FACA6D168FF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\star conflict\game.exe
FirewallRules: [{8AAD7B0C-5594-49FC-8719-9988E3E706EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\star conflict\game.exe
FirewallRules: [{4FD24FD0-019D-4900-8941-29622D971412}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{BA7D2D60-6894-42BE-A428-73B503FF6F19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survarium\game\binaries\x86\survarium.exe
FirewallRules: [{867176B3-D507-4181-8CE3-31F1657C1B75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{F582912C-1D87-48B1-8D86-35A74A48D8CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{F2CABDDD-6866-4F89-BC26-3B096EDB72DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{E0C5890D-7149-4A14-8CC9-EBBD1D4E817E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survarium\temp\survarium_updater.exe
FirewallRules: [{7542F11B-F3A6-4312-BEE5-98CC3BAC721C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Survarium\temp\survarium_launcher.exe
FirewallRules: [{5FABC795-DF77-400A-8549-0649028B636A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{465C72F8-208D-4AF0-A09D-E1A2BD06C849}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{A7B6F89A-A61E-4494-A286-07C9500D6542}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D32F4471-E261-454A-9A45-D587C76EB666}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E30FD235-543A-42C1-856B-FD743D4D0EEC}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{41AC9048-6FF2-402E-9F73-1015D32D4277}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{86CF7E60-EC79-425D-9E8D-C54165FF5F50}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{9598F6BA-A2DF-498A-AE69-FD395C7E82EF}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{16B68A7F-E815-423F-BE20-B9F30875CB01}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{56C60402-F2DC-488A-8854-F611BAC1048F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{317D1766-D817-4F78-9603-0A43ED05C67D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{08ED48AA-7F6D-4619-8299-9524631C5EF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blockade3d\main.exe
FirewallRules: [{D6957934-E292-49EC-9224-0DC7312D53B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blockade3d\main.exe
FirewallRules: [{70B449F2-1EB8-40FE-8821-71838D707C2C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{8C1B4686-6C86-445F-B8B0-B4DEC574C8D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{886DBDE4-676A-4418-B51F-39B587965D34}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{30916B6C-EB51-4A29-8505-8C53884A19A9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B45C319E-0B3E-46F5-9386-FFFAC1413499}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{646B2E30-85C7-4C73-8D6B-B7C83DB44927}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0E852ABA-D9D8-4407-9DB5-155D0E542141}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{F5BCF733-26F0-4A89-B31A-9D2549B6DA9D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{4F8B0049-1FD6-443A-A688-958C2F8CF1F4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{EFC8F631-5136-40E9-AED6-C9A2ED6E90F6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{35E88CA3-FD64-4CA9-855E-631E42570ADC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{AE93A350-59CF-49F9-A272-74187E4F4310}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{832C0466-09E8-4377-8E1C-2B765C435E95}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{AA4FE579-D412-4672-BB5F-513C5C4E63E9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{76D750B0-139C-4203-A43F-67D609744123}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{99F1670A-F9A3-490C-9183-567C23CCBFF2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4CBC3147-B663-4B8C-A389-9A68F842D65B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C8159FBC-6D3F-4C2F-AF9E-D7B3D60E639F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{55ADCC48-DAC2-446E-A793-D1C8B2AF3737}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{690365FE-377F-4087-A931-45F46689F793}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{E526F2D5-ADD4-4299-99B8-4C644BC9E08D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{477C0269-3B30-445A-8461-D2041D1FDCA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe
FirewallRules: [{5C311C79-5D95-4CC9-BADD-4D3B8147498B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe
FirewallRules: [{19FB76B2-0066-4E9B-B91B-70123D34B524}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{222C96C8-DB33-4F09-8F93-10B7C3063044}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{ACD2321C-A890-4F4D-8356-27C2D1DC76EE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{0F17E614-5CF7-42C8-94CF-7F5E2097D3AA}C:\users\#ichbinadmin\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\#ichbinadmin\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{4AA84775-EDEE-4EB0-BA02-50AFDD0C451D}C:\users\#ichbinadmin\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\#ichbinadmin\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{3670B284-2E28-4B09-A80F-96CB1FFC97AC}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{1F7C5E30-98CB-4ECB-9875-32F4907AAFD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{75A54EC3-FC70-487B-ACA2-B59F2700580C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [TCP Query User{EB621788-EA0E-425C-8F3F-32C0E42100F0}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{C8F34A83-A204-4B6E-B12A-06683783B373}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{34A8CA91-77FE-411A-9332-6198ED1D574F}] => (Allow) C:\Program Files (x86)\AirPort\APAgent.exe

==================== Wiederherstellungspunkte =========================

24-12-2015 14:56:31 Installed HP Support Assistant
06-01-2016 00:25:45 DirectX wurde installiert
09-01-2016 11:52:43 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/09/2016 11:52:55 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (01/09/2016 11:47:46 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4

Error: (01/09/2016 11:47:46 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4

Error: (01/09/2016 11:47:45 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 

Error: (01/09/2016 11:47:45 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4

Error: (01/09/2016 11:47:45 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4

Error: (01/09/2016 11:47:45 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4

Error: (01/09/2016 11:47:45 AM) (Source: Perflib) (EventID: 1018) (User: )
Description: ASP.NET_64_2.0.50727

Error: (01/09/2016 11:47:45 AM) (Source: Perflib) (EventID: 1022) (User: )
Description: ASP.NET_64_2.0.507274

Error: (01/08/2016 10:03:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1718


Systemfehler:
=============
Error: (01/09/2016 11:48:56 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (01/09/2016 11:45:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BstHdUpdaterSvc" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/09/2016 11:45:49 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst BstHdUpdaterSvc erreicht.

Error: (01/09/2016 11:44:25 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\system32\Rtlihvs.dll

Error: (01/09/2016 11:44:25 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\system32\Rtlihvs.dll

Error: (01/09/2016 11:44:22 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\system32\Rtlihvs.dll

Error: (01/09/2016 11:44:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_4ee614" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/09/2016 11:44:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _4ee614" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/09/2016 11:44:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_4ee614" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/09/2016 11:44:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_4ee614" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-01-09 12:27:26.702
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-09 12:27:26.683
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-01-07 21:15:06.804
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-06 20:36:21.958
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-06 00:49:19.720
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-06 00:27:48.594
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-24 12:21:07.797
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-24 12:21:07.778
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-12-21 19:00:12.848
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-19 23:17:36.328
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD A10-5745M APU with Radeon(tm) HD Graphics 
Prozentuale Nutzung des RAM: 52%
Installierter physikalischer RAM: 7364.65 MB
Verfügbarer physikalischer RAM: 3511.99 MB
Summe virtueller Speicher: 8516.65 MB
Verfügbarer virtueller Speicher: 3977.74 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:906.37 GB) (Free:691.61 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:23.29 GB) (Free:2.58 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 13501DF2)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 09.01.2016, 12:22   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet - Standard

Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet



FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
Task: {09544BC2-4114-4DE8-B538-7733BFEB4A87} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {10017974-320D-41EE-AB89-B317E5B27D81} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {45C827C2-1DA0-4857-80B5-C2DCF078248A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {4974511C-AEBA-45DA-AA27-9D2783E11858} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {AD44FC09-E447-4579-9AD6-03E7A2AA78B1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {AFB733F2-0D2C-4058-9991-75088664EFF1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {B5960546-8E6C-4FA6-8012-217121DA00F9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {C6BBFF63-B005-4A4D-9DDE-2642B6A592F7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {D00A1400-245A-41AF-9D86-8831BDD04DF5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {D8267C45-5483-4503-AA47-8AB8109B57C9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {E3604B45-0766-43B1-9096-D6DB6E641030} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 09.01.2016, 12:30   #12
JohnCrane
 
Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet - Standard

Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet



Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-01-2015
durchgeführt von #IchBinAdmin (2016-01-09 13:29:48) Run:1
Gestartet von C:\Users\#IchBinAdmin\Desktop
Geladene Profile: #IchBinAdmin (Verfügbare Profile: #IchBinAdmin)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
Task: {09544BC2-4114-4DE8-B538-7733BFEB4A87} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {10017974-320D-41EE-AB89-B317E5B27D81} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {45C827C2-1DA0-4857-80B5-C2DCF078248A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {4974511C-AEBA-45DA-AA27-9D2783E11858} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {AD44FC09-E447-4579-9AD6-03E7A2AA78B1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {AFB733F2-0D2C-4058-9991-75088664EFF1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {B5960546-8E6C-4FA6-8012-217121DA00F9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {C6BBFF63-B005-4A4D-9DDE-2642B6A592F7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {D00A1400-245A-41AF-9D86-8831BDD04DF5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {D8267C45-5483-4503-AA47-8AB8109B57C9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {E3604B45-0766-43B1-9096-D6DB6E641030} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
emptytemp
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{09544BC2-4114-4DE8-B538-7733BFEB4A87}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09544BC2-4114-4DE8-B538-7733BFEB4A87}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10017974-320D-41EE-AB89-B317E5B27D81}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10017974-320D-41EE-AB89-B317E5B27D81}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45C827C2-1DA0-4857-80B5-C2DCF078248A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45C827C2-1DA0-4857-80B5-C2DCF078248A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4974511C-AEBA-45DA-AA27-9D2783E11858}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4974511C-AEBA-45DA-AA27-9D2783E11858}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AD44FC09-E447-4579-9AD6-03E7A2AA78B1}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD44FC09-E447-4579-9AD6-03E7A2AA78B1}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AFB733F2-0D2C-4058-9991-75088664EFF1}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AFB733F2-0D2C-4058-9991-75088664EFF1}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B5960546-8E6C-4FA6-8012-217121DA00F9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5960546-8E6C-4FA6-8012-217121DA00F9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C6BBFF63-B005-4A4D-9DDE-2642B6A592F7}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6BBFF63-B005-4A4D-9DDE-2642B6A592F7}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D00A1400-245A-41AF-9D86-8831BDD04DF5}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D00A1400-245A-41AF-9D86-8831BDD04DF5}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D8267C45-5483-4503-AA47-8AB8109B57C9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8267C45-5483-4503-AA47-8AB8109B57C9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3604B45-0766-43B1-9096-D6DB6E641030}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3604B45-0766-43B1-9096-D6DB6E641030}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => Schlüssel erfolgreich entfernt
emptytemp => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.

==== Ende von Fixlog 13:29:49 ====
         

Alt 10.01.2016, 10:37   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet - Standard

Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet



Du hast den Fixtext nicht 1:1 bzw nicht vollständig kopiert. Daher noch ein Fix:

FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.01.2016, 17:57   #14
JohnCrane
 
Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet - Standard

Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet



Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-01-2015
durchgeführt von #IchBinAdmin (2016-01-11 18:46:52) Run:2
Gestartet von C:\Users\#IchBinAdmin\Desktop
Geladene Profile: #IchBinAdmin (Verfügbare Profile: #IchBinAdmin)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
emptytemp:
*****************

EmptyTemp: => 726.4 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 18:47:23 ====
         
Hinzuzufügen ist, dass ich zwischendurch noch plötzliche kurze Pingerhöhungen habe und meine Ping auch sonst auch ca 20 ms über normal liegt wobei ich nicht 100% sagen kann dass es an meinem Laptop liegt obwohl ich auf meinem Latop keine Programme gefunden habe die das verursachen könnten.

Alt 11.01.2016, 18:56   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet - Standard

Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet



Okay, dann Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:


1. Schritt: MBAM

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




2. Schritt: ESET

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




3. Schritt: SecurityCheck

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet
avast, ergebnis, festgestellt, free, handy, hoffe, interne, internet, internet langsam, internetseite, internetseiten, lange, lange ladezeiten, langsam, langsames, langsames internet, laptop, problem, schließe, seite, seiten, urlaub, verschiedene, verschiedenen, videos, überprüfen, youtube



Ähnliche Themen: Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet


  1. nur ein PC hat sehr langsames Internet - per LAN
    Netzwerk und Hardware - 14.07.2015 (9)
  2. Windows 8: sehr langsames Internet und viel Werbung
    Plagegeister aller Art und deren Bekämpfung - 28.12.2014 (15)
  3. Sehr langsames Internet
    Plagegeister aller Art und deren Bekämpfung - 12.11.2014 (28)
  4. Windows 7/ Hoher Ping - Sehr langsames Internet
    Plagegeister aller Art und deren Bekämpfung - 12.11.2014 (11)
  5. Schwankende Bandbreite - unabhängig von LAN oder WLAN - Sehr langsames Internet
    Log-Analyse und Auswertung - 03.03.2014 (30)
  6. Fehlermeldung beim starten meines Laptops.
    Plagegeister aller Art und deren Bekämpfung - 07.01.2014 (7)
  7. Sehr viel Werbung und langsames Internet?
    Plagegeister aller Art und deren Bekämpfung - 01.09.2013 (8)
  8. Trojaner an Bord meines Laptops => loardtbs-3.0
    Log-Analyse und Auswertung - 20.06.2013 (13)
  9. Höre Werbungen Im hintergrund meines Laptops
    Plagegeister aller Art und deren Bekämpfung - 20.05.2013 (7)
  10. Trojaner-Befall meines Laptops nach Groupon-Rechnung
    Plagegeister aller Art und deren Bekämpfung - 03.04.2013 (4)
  11. Teile meines Laptops sind nur noch als Verknüpfungen da!?!
    Log-Analyse und Auswertung - 26.10.2011 (8)
  12. Sehr langsames Internet Dsl lite leitung
    Log-Analyse und Auswertung - 22.07.2011 (1)
  13. langsamer start meines laptops.
    Plagegeister aller Art und deren Bekämpfung - 03.04.2009 (2)
  14. Sehr langsames Internet.
    Log-Analyse und Auswertung - 05.03.2009 (3)
  15. Sehr langsames Internet Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 17.01.2009 (1)
  16. sehr langsames internet
    Log-Analyse und Auswertung - 01.01.2009 (10)
  17. Sehr langsames Internet, plötzlich aufgetreten
    Log-Analyse und Auswertung - 28.04.2006 (10)

Zum Thema Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet - Als ich aus meinem 11 Tägigem Urlaub zurückkam bemerkte ich, dass das Internet auf meinem Laptop ungewöhnlich langsam war Internetseiten(zb. Youtube) öffneten sich sehr langsam und auch die Videos ließen - Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet...
Archiv
Du betrachtest: Nach 11 Tägigem nichtbenutzen meines Laptops Sehr Langsames Internet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.