Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 10: Chinesische Schadsoftware

Windows 10: Chinesische Schadsoftware


Log-Analyse und Auswertung: Windows 10: Chinesische Schadsoftware

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 26.05.2016, 18:44   #1
Brandon_K
 
Windows 10: Chinesische Schadsoftware - Standard

Windows 10: Chinesische Schadsoftware


Hi Leute,

mein Name ist Ariel und ich bräuchte eure Hilfe!

Auf meinem PC hat sich seit 26.05.15 eine Software mit chinesischen Schriftzeichen verlaufen. Das Softwaresymbol sieht aus wie ein Besen in einem blauen Kreis und in der Taskleiste ist ein blaues Schild mit weißen Elementen zu finden.

Bisweilen merke ich von dieser Software nicht viel, außer, dass eben die Symbole da sind und Firefox eine merkwürdige neue Suchleiste hat. Hinzu kommt, dass hin und wieder kleine Pop-Up-Fenster erscheinen. Es sieht so aus als würde darin die CPU und RAM Auslastung angezeigt werden.

Unter "Programme deinstallieren" kann ich die Software leider nicht löschen und auch der Ordner auf der Systemplatte lässt sich nicht löschen, da mir die Berechtigungen fehlen, obwohl ich auf einem Admin-Windows-Benutzerkonto angemeldet bin.

Hier die bereits erstellten Logs!

Vielen Dank für eure Hilfe!!!!

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-05-2016 01
durchgeführt von Ariel (Administrator) auf ALPHAONE (26-05-2016 19:19:49)
Gestartet von C:\Users\Ariel\Downloads
Geladene Profile: Ariel (Verfügbare Profile: Ariel & UpdatusUser)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCRTP.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
(Sanford, L.P.) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
() C:\Windows\SysWOW64\WinService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe
(Sophos Limited) C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_fc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Spotify Ltd) C:\Users\Ariel\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
() C:\Program Files (x86)\NETGEAR\WG111v2\WG111v2.exe
() C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(腾讯公司) C:\Users\Ariel\AppData\Roaming\Tencent\AndroidServer\1.0.0.512\AndroidServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMDeskTopGC.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Users\Ariel\AppData\Local\Temp\Rar$EX00.281\x86\UnlockerAssistant.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTray.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavMain.exe
(Tencent) C:\Program Files (x86)\Common Files\Tencent\QQDownload\130\Tencentdl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [IDSCCOMK4K] => "C:\Program Files (x86)\Screenify\idsccom_K4K.exe"
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498720 2016-04-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [WinampAgent] => "C:\Program Files (x86)\Winamp\winampa.exe"
HKLM-x32\...\Run: [WSHelperSetup.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020192 2014-06-25] (Wondershare)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020192 2014-06-25] (Wondershare)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [DLSService] => "C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1531872 2016-04-15] (Sophos Limited)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [716224 2016-03-23] (Autodesk, Inc.)
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCTRAY.EXE [362304 2016-05-26] (Tencent)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2244333554-3036078685-3373813463-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2008-01-22] (Nero AG)
HKU\S-1-5-21-2244333554-3036078685-3373813463-1001\...\Run: [WSHelperSetup.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020192 2014-06-25] (Wondershare)
HKU\S-1-5-21-2244333554-3036078685-3373813463-1001\...\Run: [Spotify Web Helper] => C:\Users\Ariel\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-04-01] (Spotify Ltd)
HKU\S-1-5-21-2244333554-3036078685-3373813463-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-2244333554-3036078685-3373813463-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\Ariel\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-2244333554-3036078685-3373813463-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
HKU\S-1-5-21-2244333554-3036078685-3373813463-1001\...\RunOnce: [Uninstall C:\Users\Ariel\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ariel\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-2244333554-3036078685-3373813463-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-2244333554-3036078685-3373813463-1001\...409d6c4515e9\InprocServer32: [Default-shell32] C:\$Recycle.Bin\S-1-5-21-2244333554-3036078685-3373813463-1001\$ebb3d03b2dc924761cba554f164c6fa2\n. ACHTUNG
HKU\S-1-5-18\...\Run: [EPSON Stylus Photo R1800] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATI9LA.EXE [211968 2007-01-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1283112 2016-02-02] (Autodesk, Inc.)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => Keine Datei
AppInit_DLLs: ,C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [231936 2016-04-15] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\\sophos_detoured.dll [289040 2016-04-15] (Sophos Limited)
AppInit_DLLs-x32: ,C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [289040 2016-04-15] (Sophos Limited)
ShellExecuteHooks:  - {7AD1C0F5-07A2-40E5-8608-C6EAA0FF362F} - C:\Users\Ariel\AppData\Local\Microsoft\Windows\INetCookies\x64explibss.dll [416440 2016-05-26] ()
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMGCShellExt64.dll [2016-05-26] (Tencent)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG111v2 Smart Wizard.lnk [2015-10-08]
ShortcutTarget: NETGEAR WG111v2 Smart Wizard.lnk -> C:\Program Files (x86)\NETGEAR\WG111v2\WG111v2.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Spyder3Utility.lnk [2013-12-25]
ShortcutTarget: Spyder3Utility.lnk -> C:\Program Files (x86)\Datacolor\Spyder3Elite\Utility\Spyder3Utility.exe ()
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{38eaf853-75bf-4bf7-91de-847373b8bd69}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{5ae0ab0c-aeb1-47d0-a28c-2061da49df3b}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{8648d16e-4ddc-4775-b61b-569b01c87ecf}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-2244333554-3036078685-3373813463-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-2244333554-3036078685-3373813463-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSWebMon64.dat [2016-05-26] (Tencent)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Kein Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> Keine Datei
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-05] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-05] (Oracle Corporation)
BHO-x32: Kein Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> Keine Datei
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)

FireFox:
========
FF ProfilePath: C:\Users\Ariel\AppData\Roaming\Profiles\a9t5zdky.default
FF NewTab: hxxp://d2ucfwpxlh3zh3.cloudfront.net/?ts=AHEqB38rBXYnBk..&v=20160526&uid=A9053FCB716AB504442777C263B44072&ptid=icb&mode=loadm
FF DefaultSearchEngine: hohosearch
FF SelectedSearchEngine: hohosearch
FF Homepage: www.google.de
FF Keyword.URL: hxxp://d2ucfwpxlh3zh3.cloudfront.net/chrome.php?uid=A9053FCB716AB504442777C263B44072&ptid=icb&ts=AHEqB38rBXYnBk..&v=20160526&mode=ffexttoolbar&q=
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [Keine Datei]
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @dymo.com/DymoLabelFramework -> C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll [2014-03-20] ( Sanford L.P.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-05] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-12-19] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-11-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-11-11] (NVIDIA Corporation)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\npQMExtensionsMozilla.dll [2016-05-26] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2011-04-20] (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2011-05-31] (Wacom)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2244333554-3036078685-3373813463-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ariel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-07] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2244333554-3036078685-3373813463-1001: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2011-05-31] (Wacom)
FF SearchPlugin: C:\Users\Ariel\AppData\Roaming\Profiles\a9t5zdky.default\searchplugins\15i7orzo.xml [2016-05-26]
FF Extension: Flash and Video Download - C:\Users\Ariel\AppData\Roaming\Profiles\a9t5zdky.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-05-26]
FF Extension: Flash and Video Download - C:\Users\Ariel\AppData\Roaming\Mozilla\Firefox\Profiles\cf1typ6d.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-05-26]
FF Extension: GsearchFinder - C:\Users\Ariel\AppData\Roaming\Profiles\a9t5zdky.default\Extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi [2016-05-26]
FF Extension: TSearch - C:\Users\Ariel\AppData\Roaming\Profiles\a9t5zdky.default\Extensions\{6E727987-C8EA-44DA-8749-310C0FBE3C3E} [2016-05-26] [ist nicht signiert]
FF Extension: VK+OK AdBlock - C:\Users\Ariel\AppData\Roaming\Profiles\a9t5zdky.default\Extensions\{FF20459C-DA6E-41A7-80BC-8F4FEFD9C575} [2016-05-26] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-05-12]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-04-23]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1231376 2016-03-23] (Autodesk Inc.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [33072 2014-03-20] (Sanford, L.P.)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-14] (NVIDIA Corporation)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [Datei ist nicht signiert]
S2 ProntSpooler; C:\Users\Ariel\AppData\Local\Apps\2.0\abril.exe [134656 2016-05-19] () [Datei ist nicht signiert]
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCRTP.exe [313936 2016-05-26] (Tencent)
U2 QQRepair11ce; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepair11ce [147176 2016-05-26] ()
S2 QQRepairFixSVC; C:\Program Files (x86)\Tencent\QQPCMGR\QQRepairFixSVC [147176 2016-05-26] ()
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [311544 2016-04-15] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [285136 2016-04-15] (Sophos Limited)
R2 SCM_Service; C:\Windows\SysWOW64\WinService.exe [186848 2010-05-10] ()
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [604000 2016-04-15] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [341800 2014-10-14] (Sophos Limited)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 swi_filter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe [471520 2016-04-15] (Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3339736 2016-04-15] (Sophos Limited)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 Anqhstservice; "C:\Program Files (x86)\Anaqatoch\Anqhstservice.exe" {79740E79-A383-47A7-B513-3DF6563D007F} {A16B1AF7-982D-40C3-B5C1-633E1A6A6678} [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2014-05-27] (Google Inc)
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2014-05-27] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2014-05-27] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2014-05-27] (LG Electronics Inc.)
R1 EterlogicVirtualSerialDriver; C:\WINDOWS\system32\drivers\VSPE.sys [40928 2016-05-10] ()
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2013-07-25] (Apple Inc.) [Datei ist nicht signiert]
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-11-14] (NVIDIA Corporation)
R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMUdisk64.sys [184952 2016-05-18] (Tencent)
R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQSysMonX64.sys [154744 2016-05-26] (电脑管家)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
S3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [3870464 2015-10-01] (Realtek Semiconductor Corporation                           )
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [161024 2014-10-14] (Sophos Limited)
S3 sdcfilter; C:\Windows\system32\DRIVERS\sdcfilter.sys [38144 2016-04-15] (Sophos Limited)
R1 softaal; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\softaal64.sys [44664 2016-05-26] (Tencent)
S4 SophosBootDriver; C:\Windows\system32\DRIVERS\SophosBootDriver.sys [27904 2016-04-15] (Sophos Limited)
S3 Spyder3; C:\Windows\System32\drivers\Spyder3.sys [15360 2010-03-30] ()
R1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\SRepairDrv [179320 2016-05-26] ()
R1 swi_callout; C:\Windows\system32\DRIVERS\swi_callout.sys [32512 2015-04-16] (Sophos Limited)
R3 TAOAccelerator; C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys [99480 2016-05-26] (Tencent)
R2 TAOKernelDriver; C:\WINDOWS\system32\Drivers\TAOKernelEx64.sys [143992 2016-05-26] (Tencent Technology(Shenzhen) Company Limited)
R3 TcHardWare; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\QQPCHW-x64.sys [16552 2016-05-26] (Tencent)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [97400 2016-05-26] (电脑管家)
R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TS888x64.sys [38520 2016-05-26] (Tencent)
S1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSDefenseBT64.sys [28984 2016-05-26] (Tencent)
R2 tsnethlpx64; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsNetHlpX64.sys [57976 2016-05-26] ()
R4 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\11.5.17490.219\TSSysKit64.sys [96888 2016-05-26] (电脑管家)
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [23040 2015-10-30] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WsAudioDevice_383; C:\Windows\system32\drivers\VirtualAudio.sys [31080 2015-02-02] (Wondershare)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-26 19:19 - 2016-05-26 19:20 - 00029383 _____ C:\Users\Ariel\Downloads\FRST.txt
2016-05-26 19:19 - 2016-05-26 19:19 - 02383360 _____ (Farbar) C:\Users\Ariel\Downloads\FRST64.exe
2016-05-26 19:19 - 2016-05-26 19:19 - 00000000 ____D C:\FRST
2016-05-26 19:06 - 2016-05-26 19:06 - 00003654 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-ariel.karwacki@gmx.de
2016-05-26 18:34 - 2016-05-26 18:34 - 00113964 _____ C:\Users\Ariel\Downloads\unlocker1.9.0-portable.zip
2016-05-26 18:22 - 2016-05-26 18:22 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-26 18:22 - 2016-05-26 18:22 - 00001220 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-05-26 18:22 - 2016-05-26 18:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-26 18:20 - 2016-05-26 18:20 - 00242320 _____ C:\Users\Ariel\Downloads\Firefox Setup Stub 46.0.1.exe
2016-05-26 17:43 - 2016-05-26 17:43 - 00038520 _____ (Tencent) C:\WINDOWS\SysWOW64\Drivers\TS888x64.sys
2016-05-26 17:43 - 2016-05-26 17:43 - 00000306 __RSH C:\Users\Ariel\ntuser.pol
2016-05-26 17:38 - 2016-05-26 17:43 - 00000000 ____D C:\ProgramData\TXQMPC
2016-05-26 17:38 - 2016-05-26 17:38 - 00000000 ____D C:\Program Files\Common Files\Tencent
2016-05-26 17:38 - 2016-05-26 17:38 - 00000000 _____ C:\Users\Ariel\Desktop\$电脑管家-清理垃圾$.qmgc
2016-05-26 17:38 - 2016-05-26 17:37 - 00143992 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernelEx64.sys
2016-05-26 17:38 - 2016-05-26 17:37 - 00099480 _____ (Tencent) C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys
2016-05-26 17:38 - 2016-05-26 17:37 - 00097400 _____ (电脑管家) C:\WINDOWS\system32\Drivers\TFsFltX64.sys
2016-05-26 17:37 - 2016-05-26 17:40 - 00000000 ____D C:\Users\Ariel\AppData\Roaming\Tencent
2016-05-26 17:37 - 2016-05-26 17:40 - 00000000 ____D C:\ProgramData\Tencent
2016-05-26 17:37 - 2016-05-26 17:37 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-05-26 17:36 - 2016-05-26 17:36 - 00008894 _____ C:\WINDOWS\System32\Tasks\Anaqatoch Host
2016-05-26 17:36 - 2016-05-26 17:36 - 00000000 ____D C:\WINDOWS\system32\SSL
2016-05-26 17:35 - 2016-05-26 17:35 - 00000000 ____D C:\Users\Ariel\AppData\Local\csdi_monetize_120160526
2016-05-24 17:03 - 2016-05-24 17:03 - 00056322 _____ C:\Users\Ariel\Downloads\Table_bottom_mount_for_a_Kingston_memory_card_reader.zip
2016-05-24 17:03 - 2015-04-08 20:28 - 00034484 _____ C:\Users\Ariel\Desktop\card_reader_holder.stl
2016-05-24 16:51 - 2016-05-24 16:51 - 00000000 ____D C:\ProgramData\FLEXnet
2016-05-24 16:46 - 2016-05-23 08:29 - 00081151 _____ C:\Users\Ariel\Desktop\filament_holder_p01.stl
2016-05-24 16:45 - 2016-05-24 16:46 - 00055280 _____ C:\Users\Ariel\Downloads\Filament_holder_for_Dreamer_and_Creator_Pro.zip
2016-05-23 22:20 - 2016-05-23 22:21 - 00003478 _____ C:\Users\Ariel\Downloads\Swiss_Army_Knife_toothpick.zip
2016-05-22 17:49 - 2016-05-22 17:49 - 00473674 _____ C:\Users\Ariel\Downloads\20160404_backoefele_spargelkarte_web.pdf
2016-05-21 21:35 - 2016-05-21 21:35 - 00000197 ____H C:\Users\Ariel\Documents\Zeichnung1.dwl2
2016-05-21 21:35 - 2016-05-21 21:35 - 00000047 ____H C:\Users\Ariel\Documents\Zeichnung1.dwl
2016-05-21 17:13 - 2016-05-21 17:13 - 00002684 _____ C:\Users\Ariel\Documents\Zeichnung8.stl
2016-05-21 11:08 - 2016-05-21 11:16 - 00039084 _____ C:\Users\Ariel\Documents\Zeichnung7.stl
2016-05-21 10:37 - 2016-05-21 10:37 - 00004284 _____ C:\Users\Ariel\Desktop\Zeichnung4.stl
2016-05-20 20:22 - 2016-05-20 20:22 - 00001441 _____ C:\Users\Public\Desktop\Autodesk Desktop-App.lnk
2016-05-20 20:18 - 2016-05-20 20:18 - 00002076 _____ C:\Users\Public\Desktop\A360 Desktop.lnk
2016-05-20 20:09 - 2016-05-20 20:09 - 00002148 _____ C:\Users\Public\Desktop\Autodesk ReCap 360.lnk
2016-05-20 20:09 - 2016-05-20 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap 360
2016-05-20 19:58 - 2016-05-24 16:51 - 00000000 ____D C:\Users\Ariel\AppData\Local\Autodesk
2016-05-20 19:58 - 2016-05-20 20:22 - 00000000 ____D C:\Program Files (x86)\Autodesk
2016-05-20 19:58 - 2016-05-20 19:58 - 00002173 _____ C:\Users\Public\Desktop\AutoCAD 2017 - Deutsch (German).lnk
2016-05-20 19:58 - 2016-05-20 19:58 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2016-05-20 19:58 - 2016-05-20 19:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2017 - Deutsch (German)
2016-05-20 19:57 - 2016-05-20 19:57 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2016-05-20 19:56 - 2016-05-20 19:56 - 00000000 ____D C:\Users\Ariel\Documents\Inventor Server SDK ACAD 2017
2016-05-20 19:54 - 2016-05-20 20:18 - 00000000 ____D C:\Program Files\Autodesk
2016-05-20 19:54 - 2016-05-20 19:57 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2016-05-20 19:32 - 2016-05-20 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-05-20 19:21 - 2016-05-24 16:51 - 00000000 ____D C:\Users\Ariel\AppData\Roaming\Autodesk
2016-05-20 19:21 - 2016-05-24 16:51 - 00000000 ____D C:\ProgramData\Autodesk
2016-05-20 19:16 - 2016-05-20 19:16 - 18698272 _____ C:\Users\Ariel\Downloads\AutoCAD_2017_German_Win_32_64bit_wi_de-DE_Setup.exe
2016-05-20 19:16 - 2016-05-20 19:16 - 00000000 ____D C:\Autodesk
2016-05-20 19:15 - 2016-05-20 19:15 - 00338256 _____ (Autodesk Inc.) C:\Users\Ariel\Downloads\AutoCAD_2017_German_Win_32_64bit_wi_de-DE_Setup_webinstall.exe
2016-05-20 19:12 - 2016-05-20 19:12 - 00000000 ____D C:\Users\Ariel\AppData\Roaming\Trimble Connect for SketchUp
2016-05-20 19:10 - 2016-05-20 19:10 - 00000000 ____D C:\Users\Ariel\AppData\Roaming\SketchUp
2016-05-20 19:09 - 2016-05-20 19:09 - 00000000 ____D C:\ProgramData\Reprise
2016-05-20 19:08 - 2016-05-20 19:08 - 00000000 ____D C:\ProgramData\SketchUp
2016-05-17 17:41 - 2016-05-17 17:41 - 00300032 _____ C:\Users\Ariel\Downloads\6ZivilrechtlicheRechtsfolgenArt101Abs2AEUV.ppt
2016-05-14 09:39 - 2016-05-14 09:39 - 01047858 _____ C:\Users\Ariel\Downloads\Universal_CD-car_slot_PHONE_holder_mount._iPhone5_iPhone6_etc._Quick_change__.zip
2016-05-13 20:20 - 2016-05-13 20:20 - 12851868 _____ C:\Users\Ariel\Downloads\Air_Raid_Siren_-_hand_crank_version.zip
2016-05-12 22:12 - 2016-05-12 22:12 - 01595457 _____ C:\Users\Ariel\Downloads\All_Alphabet_Letters_A-Z.zip
2016-05-12 17:55 - 2016-05-12 17:59 - 01879017 _____ C:\Users\Ariel\Downloads\Echo__3_tone_whistle.zip
2016-05-12 17:10 - 2016-05-12 17:18 - 00235682 _____ C:\Users\Ariel\Desktop\Unbenannt.pdf
2016-05-10 22:52 - 2016-04-30 08:31 - 03591168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-10 22:52 - 2016-04-23 08:12 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-10 22:52 - 2016-04-23 08:12 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-10 22:52 - 2016-04-23 08:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-10 22:52 - 2016-04-23 08:12 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-10 22:52 - 2016-04-23 08:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-10 22:52 - 2016-04-23 08:12 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-10 22:52 - 2016-04-23 07:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-05-10 22:52 - 2016-04-23 07:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-05-10 22:52 - 2016-04-23 07:24 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-10 22:52 - 2016-04-23 07:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-10 22:52 - 2016-04-23 07:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-10 22:52 - 2016-04-23 07:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-05-10 22:52 - 2016-04-23 07:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-10 22:52 - 2016-04-23 07:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-10 22:52 - 2016-04-23 07:10 - 03673424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-10 22:52 - 2016-04-23 07:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-05-10 22:52 - 2016-04-23 07:09 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-10 22:52 - 2016-04-23 07:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-05-10 22:52 - 2016-04-23 07:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-05-10 22:52 - 2016-04-23 07:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-05-10 22:52 - 2016-04-23 07:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-10 22:52 - 2016-04-23 07:08 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-10 22:52 - 2016-04-23 07:01 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-10 22:52 - 2016-04-23 07:01 - 00650304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-10 22:52 - 2016-04-23 07:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-05-10 22:52 - 2016-04-23 06:39 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-10 22:52 - 2016-04-23 06:32 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-10 22:52 - 2016-04-23 06:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-05-10 22:52 - 2016-04-23 06:31 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-10 22:52 - 2016-04-23 06:30 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-10 22:52 - 2016-04-23 06:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-10 22:52 - 2016-04-23 06:29 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-10 22:52 - 2016-04-23 06:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-10 22:52 - 2016-04-23 06:26 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-10 22:52 - 2016-04-23 06:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-05-10 22:52 - 2016-04-23 06:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-05-10 22:52 - 2016-04-23 06:23 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-10 22:52 - 2016-04-23 06:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-05-10 22:52 - 2016-04-23 06:22 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-10 22:52 - 2016-04-23 06:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-05-10 22:52 - 2016-04-23 06:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-05-10 22:52 - 2016-04-23 06:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-10 22:52 - 2016-04-23 06:19 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-10 22:52 - 2016-04-23 06:19 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-10 22:52 - 2016-04-23 06:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-10 22:52 - 2016-04-23 06:19 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-10 22:52 - 2016-04-23 06:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-10 22:52 - 2016-04-23 06:18 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-10 22:52 - 2016-04-23 06:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-10 22:52 - 2016-04-23 06:18 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-10 22:52 - 2016-04-23 06:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-10 22:52 - 2016-04-23 06:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-10 22:52 - 2016-04-23 06:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-05-10 22:52 - 2016-04-23 06:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-10 22:52 - 2016-04-23 06:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-10 22:52 - 2016-04-23 06:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-05-10 22:52 - 2016-04-23 06:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-10 22:52 - 2016-04-23 06:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-05-10 22:52 - 2016-04-23 06:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-05-10 22:52 - 2016-04-23 06:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-10 22:52 - 2016-04-23 06:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-05-10 22:52 - 2016-04-23 06:14 - 13383168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-10 22:52 - 2016-04-23 06:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-10 22:52 - 2016-04-23 06:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-10 22:52 - 2016-04-23 06:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-05-10 22:52 - 2016-04-23 06:13 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-10 22:52 - 2016-04-23 06:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-05-10 22:52 - 2016-04-23 06:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-05-10 22:52 - 2016-04-23 06:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-05-10 22:52 - 2016-04-23 06:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-05-10 22:52 - 2016-04-23 06:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-05-10 22:52 - 2016-04-23 06:09 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-10 22:52 - 2016-04-23 06:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-05-10 22:52 - 2016-04-23 06:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-05-10 22:52 - 2016-04-23 06:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-05-10 22:52 - 2016-04-23 06:07 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-10 22:52 - 2016-04-23 06:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-05-10 22:52 - 2016-04-23 06:06 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-10 22:52 - 2016-04-23 06:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-10 22:52 - 2016-04-23 06:05 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-10 22:52 - 2016-04-23 06:05 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-10 22:52 - 2016-04-23 06:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-10 22:52 - 2016-04-23 06:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-05-10 22:52 - 2016-04-23 06:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-05-10 22:52 - 2016-04-23 06:04 - 01731072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-10 22:52 - 2016-04-23 06:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-05-10 22:52 - 2016-04-23 06:03 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-10 22:52 - 2016-04-23 06:03 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-10 22:52 - 2016-04-23 06:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-05-10 22:52 - 2016-04-23 06:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-05-10 22:52 - 2016-04-23 06:02 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-10 22:52 - 2016-04-23 06:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-10 22:52 - 2016-04-23 06:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-10 22:51 - 2016-05-06 06:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-10 22:51 - 2016-05-06 06:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-05-10 22:51 - 2016-05-06 06:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-10 22:51 - 2016-05-06 05:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-10 22:51 - 2016-05-06 05:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-10 22:51 - 2016-05-06 05:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-10 22:51 - 2016-05-06 05:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-10 22:51 - 2016-05-06 05:23 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-10 22:51 - 2016-04-30 08:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-10 22:51 - 2016-04-23 08:12 - 00294592 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-10 22:51 - 2016-04-23 08:12 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-10 22:51 - 2016-04-23 07:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-10 22:51 - 2016-04-23 07:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-10 22:51 - 2016-04-23 07:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-10 22:51 - 2016-04-23 07:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-10 22:51 - 2016-04-23 07:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-10 22:51 - 2016-04-23 07:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-10 22:51 - 2016-04-23 07:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-10 22:51 - 2016-04-23 07:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-05-10 22:51 - 2016-04-23 07:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-05-10 22:51 - 2016-04-23 07:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-05-10 22:51 - 2016-04-23 07:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-05-10 22:51 - 2016-04-23 07:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-10 22:51 - 2016-04-23 07:11 - 00696672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-10 22:51 - 2016-04-23 07:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-10 22:51 - 2016-04-23 07:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-10 22:51 - 2016-04-23 07:11 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-10 22:51 - 2016-04-23 07:10 - 00330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-10 22:51 - 2016-04-23 07:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-05-10 22:51 - 2016-04-23 07:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-10 22:51 - 2016-04-23 07:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-05-10 22:51 - 2016-04-23 07:09 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-10 22:51 - 2016-04-23 07:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-05-10 22:51 - 2016-04-23 07:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-10 22:51 - 2016-04-23 07:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-10 22:51 - 2016-04-23 07:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-05-10 22:51 - 2016-04-23 07:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-10 22:51 - 2016-04-23 07:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-05-10 22:51 - 2016-04-23 07:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-10 22:51 - 2016-04-23 07:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-05-10 22:51 - 2016-04-23 07:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-10 22:51 - 2016-04-23 07:01 - 00577368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-10 22:51 - 2016-04-23 07:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-10 22:51 - 2016-04-23 07:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-10 22:51 - 2016-04-23 07:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-10 22:51 - 2016-04-23 07:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-10 22:51 - 2016-04-23 07:00 - 01594920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-10 22:51 - 2016-04-23 07:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-10 22:51 - 2016-04-23 07:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-10 22:51 - 2016-04-23 07:00 - 01372304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-05-10 22:51 - 2016-04-23 07:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-05-10 22:51 - 2016-04-23 07:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-10 22:51 - 2016-04-23 07:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-05-10 22:51 - 2016-04-23 07:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-10 22:51 - 2016-04-23 06:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-10 22:51 - 2016-04-23 06:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-10 22:51 - 2016-04-23 06:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-10 22:51 - 2016-04-23 06:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-10 22:51 - 2016-04-23 06:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-10 22:51 - 2016-04-23 06:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-10 22:51 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-10 22:51 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-10 22:51 - 2016-04-23 06:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-10 22:51 - 2016-04-23 06:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-10 22:51 - 2016-04-23 06:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-10 22:51 - 2016-04-23 06:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-05-10 22:51 - 2016-04-23 06:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-05-10 22:51 - 2016-04-23 06:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-10 22:51 - 2016-04-23 06:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-10 22:51 - 2016-04-23 06:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-10 22:51 - 2016-04-23 06:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-05-10 22:51 - 2016-04-23 06:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-05-10 22:51 - 2016-04-23 06:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-05-10 22:51 - 2016-04-23 06:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-10 22:51 - 2016-04-23 06:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-10 22:51 - 2016-04-23 06:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-10 22:51 - 2016-04-23 06:28 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-10 22:51 - 2016-04-23 06:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-05-10 22:51 - 2016-04-23 06:27 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-10 22:51 - 2016-04-23 06:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-05-10 22:51 - 2016-04-23 06:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-10 22:51 - 2016-04-23 06:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-10 22:51 - 2016-04-23 06:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-10 22:51 - 2016-04-23 06:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-10 22:51 - 2016-04-23 06:25 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-10 22:51 - 2016-04-23 06:24 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-05-10 22:51 - 2016-04-23 06:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-10 22:51 - 2016-04-23 06:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-10 22:51 - 2016-04-23 06:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-10 22:51 - 2016-04-23 06:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-10 22:51 - 2016-04-23 06:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-10 22:51 - 2016-04-23 06:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-05-10 22:51 - 2016-04-23 06:23 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-10 22:51 - 2016-04-23 06:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-10 22:51 - 2016-04-23 06:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-10 22:51 - 2016-04-23 06:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-05-10 22:51 - 2016-04-23 06:22 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-10 22:51 - 2016-04-23 06:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-10 22:51 - 2016-04-23 06:21 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-10 22:51 - 2016-04-23 06:20 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-10 22:51 - 2016-04-23 06:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-10 22:51 - 2016-04-23 06:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-10 22:51 - 2016-04-23 06:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-05-10 22:51 - 2016-04-23 06:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-05-10 22:51 - 2016-04-23 06:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-05-10 22:51 - 2016-04-23 06:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-05-10 22:51 - 2016-04-23 06:18 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-10 22:51 - 2016-04-23 06:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-10 22:51 - 2016-04-23 06:18 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-10 22:51 - 2016-04-23 06:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-10 22:51 - 2016-04-23 06:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-10 22:51 - 2016-04-23 06:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-10 22:51 - 2016-04-23 06:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-05-10 22:51 - 2016-04-23 06:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-10 22:51 - 2016-04-23 06:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-10 22:51 - 2016-04-23 06:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-05-10 22:51 - 2016-04-23 06:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-10 22:51 - 2016-04-23 06:15 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-10 22:51 - 2016-04-23 06:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-10 22:51 - 2016-04-23 06:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-05-10 22:51 - 2016-04-23 06:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-05-10 22:51 - 2016-04-23 06:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-05-10 22:51 - 2016-04-23 06:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-05-10 22:51 - 2016-04-23 06:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-05-10 22:51 - 2016-04-23 06:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-10 22:51 - 2016-04-23 06:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-05-10 22:51 - 2016-04-23 06:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-10 22:51 - 2016-04-23 06:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-10 22:51 - 2016-04-23 06:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-10 22:51 - 2016-04-23 06:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-05-10 22:51 - 2016-04-23 06:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-05-10 22:51 - 2016-04-23 06:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-05-10 22:51 - 2016-04-23 06:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-10 22:51 - 2016-04-23 06:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-10 22:51 - 2016-04-23 05:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-05-10 22:51 - 2016-04-23 04:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-10 22:51 - 2016-04-23 04:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-10 22:51 - 2016-04-19 00:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2016-05-10 21:57 - 2016-05-10 21:57 - 00040928 _____ C:\WINDOWS\system32\Drivers\VSPE.sys
2016-05-10 21:57 - 2016-05-10 21:57 - 00002330 _____ C:\Users\Ariel\Desktop\VSPE.lnk
2016-05-10 21:57 - 2016-05-10 21:57 - 00000000 ____D C:\Users\Ariel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual Serial Ports Emulator
2016-05-10 21:57 - 2016-05-10 21:57 - 00000000 ____D C:\Program Files (x86)\Eterlogic.com
2016-05-10 21:17 - 2016-05-10 21:25 - 00000000 ____D C:\Users\Ariel\AppData\Local\Arduino15
2016-05-10 21:17 - 2016-05-10 21:17 - 00000000 ____D C:\Users\Ariel\Documents\Arduino
2016-05-10 21:17 - 2016-05-10 21:17 - 00000000 ____D C:\Users\Ariel\.oracle_jre_usage
2016-05-10 20:46 - 2016-05-10 20:46 - 00001076 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arduino.lnk
2016-05-10 20:45 - 2016-05-10 20:46 - 00000000 ____D C:\Program Files (x86)\Arduino
2016-05-10 20:26 - 2016-05-10 20:26 - 02124768 _____ C:\Users\Ariel\Downloads\CDM21216_Setup.exe
2016-05-10 20:25 - 2016-05-10 20:26 - 01352960 _____ C:\Users\Ariel\Downloads\CDM v2.12.16 WHQL Certified.zip
2016-05-10 20:18 - 2016-05-10 20:18 - 00000000 ____D C:\Users\Ariel\AppData\Local\Simplify3D
2016-05-10 20:03 - 2016-05-10 20:03 - 00000000 __SHD C:\ProgramData\ms-drivers
2016-05-10 20:03 - 2016-05-10 20:03 - 00000000 __SHD C:\ProgramData\icsxml
2016-05-10 20:03 - 2016-05-10 20:03 - 00000000 __SHD C:\ProgramData\DIBsection
2016-05-10 20:02 - 2016-05-10 20:03 - 00000000 ____D C:\Program Files\Simplify3D-3.0.2
2016-05-10 20:02 - 2016-05-10 20:02 - 00001863 _____ C:\Users\Public\Desktop\Simplify3D.lnk
2016-05-10 20:02 - 2016-05-10 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simplify3D Software
2016-05-04 18:02 - 2015-04-16 19:45 - 00032512 _____ (Sophos Limited) C:\WINDOWS\system32\Drivers\swi_callout.sys
2016-05-02 23:00 - 2016-05-02 23:00 - 00000000 ____D C:\Users\Ariel\AppData\Roaming\java
2016-05-02 22:54 - 2016-05-02 22:54 - 00002241 _____ C:\Users\Ariel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Knuddels.lnk
2016-05-02 22:54 - 2016-05-02 22:54 - 00002211 _____ C:\Users\Ariel\Desktop\Knuddels.lnk
2016-05-02 22:53 - 2016-05-23 22:40 - 00000000 ____D C:\Users\Ariel\Knuddels-Stapp
2016-05-02 22:53 - 2016-05-02 22:53 - 01994832 _____ C:\Users\Ariel\Downloads\KnuddelsSetup.KC3PZ8J.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-26 19:02 - 2012-12-05 14:32 - 00000000 ____D C:\Users\Ariel\Documents\Outlook-Dateien
2016-05-26 18:24 - 2012-12-04 23:45 - 00000000 ____D C:\Users\Ariel\AppData\Local\VirtualStore
2016-05-26 18:22 - 2013-12-26 00:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-26 17:49 - 2015-10-30 20:35 - 00780072 _____ C:\WINDOWS\system32\perfh007.dat
2016-05-26 17:49 - 2015-10-30 20:35 - 00156884 _____ C:\WINDOWS\system32\perfc007.dat
2016-05-26 17:49 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-05-26 17:49 - 2015-08-10 21:52 - 01811252 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-26 17:43 - 2015-12-14 05:02 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-26 17:43 - 2015-12-14 04:54 - 00000000 ____D C:\Users\Ariel
2016-05-26 17:43 - 2015-12-14 04:53 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-26 17:43 - 2015-12-14 04:52 - 05056176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-26 17:42 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-26 17:35 - 2015-08-10 21:50 - 00002756 __RSH C:\ProgramData\ntuser.pol
2016-05-26 17:35 - 2014-08-02 11:36 - 00000000 ____D C:\Users\Ariel\AppData\Local\Apps\2.0
2016-05-26 17:35 - 2013-08-22 17:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-05-26 16:35 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-26 16:35 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-26 13:25 - 2013-10-22 20:22 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C8A17187-61BE-4023-AD7E-A979B4EEBD52}
2016-05-26 13:25 - 2012-12-07 14:14 - 00000000 ____D C:\Users\Ariel\AppData\Local\Adobe
2016-05-26 00:37 - 2014-12-26 15:52 - 00000000 ____D C:\Users\Ariel\AppData\Roaming\FileAdvisor
2016-05-25 14:51 - 2014-12-25 15:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\File Type Advisor
2016-05-24 16:51 - 2013-02-23 15:53 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-05-21 11:08 - 2015-11-08 11:12 - 00000000 ___RD C:\Users\Ariel\3D Objects
2016-05-20 19:56 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-05-20 19:50 - 2015-01-11 12:51 - 00000000 ____D C:\Users\Ariel\AppData\Local\Spotify
2016-05-20 19:49 - 2015-01-11 12:49 - 00000000 ____D C:\Users\Ariel\AppData\Roaming\Spotify
2016-05-20 19:29 - 2012-12-18 23:07 - 00000000 ____D C:\Users\Ariel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-05-20 19:29 - 2012-12-18 22:36 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-20 19:28 - 2015-03-03 11:30 - 00000000 ____D C:\Users\Ariel\AppData\Roaming\DVDVideoSoft
2016-05-20 19:23 - 2013-12-07 21:51 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-19 22:38 - 2015-08-10 21:52 - 00002425 _____ C:\Users\Ariel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-19 22:38 - 2015-08-10 21:52 - 00000000 ___RD C:\Users\Ariel\OneDrive
2016-05-18 12:27 - 2016-04-17 08:57 - 00000000 ____D C:\Users\Ariel\Desktop\Magisterarbeit
2016-05-14 14:30 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-12 15:48 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-05-12 08:11 - 2013-06-30 17:58 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2016-05-12 08:11 - 2013-06-30 17:58 - 00002287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2016-05-12 08:11 - 2013-06-30 17:58 - 00002126 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2016-05-12 08:09 - 2015-06-24 22:12 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-05-12 07:57 - 2015-08-10 21:50 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-12 03:31 - 2015-10-30 20:47 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-12 03:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-12 03:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-12 03:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-12 03:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-12 03:30 - 2015-10-30 09:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-11 21:57 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-05-11 21:57 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 16:38 - 2013-08-31 15:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-11 16:30 - 2012-12-12 22:41 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-04 17:58 - 2012-12-04 23:45 - 00000000 ____D C:\Users\Ariel\AppData\Local\Packages

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-02-16 14:30 - 2015-02-16 14:31 - 0044120 __RSH () C:\Program Files (x86)\DLS8Uninstall.log
2013-04-13 10:13 - 2013-04-13 10:13 - 0000000 _____ () C:\Users\Ariel\AppData\Roaming\.NANotifyHere
2014-03-18 19:35 - 2014-03-18 19:35 - 0000132 _____ () C:\Users\Ariel\AppData\Roaming\Adobe CS6-BMP-Format - Voreinstellungen
2013-06-20 17:38 - 2015-12-18 13:51 - 0000132 _____ () C:\Users\Ariel\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen
2013-01-20 20:15 - 2013-01-20 20:15 - 0000132 _____ () C:\Users\Ariel\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2012-12-24 15:13 - 2013-01-12 12:00 - 0000125 ___SH () C:\ProgramData\.zreglib
2015-12-14 04:52 - 2015-12-14 04:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-12-20 19:29 - 2015-03-19 15:06 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
ZeroAccess:
C:\Users\Ariel\AppData\Local\Google\Desktop\Install
ZeroAccess:
C:\Program Files (x86)\Google\Desktop\Install

Einige Dateien in TEMP:
====================
C:\Users\Ariel\AppData\Local\Temp\AcDeltree.exe
C:\Users\Ariel\AppData\Local\Temp\Babolka.mp3.exe
C:\Users\Ariel\AppData\Local\Temp\cct.dll
C:\Users\Ariel\AppData\Local\Temp\dpnWjSldSxxnpCSj.exe
C:\Users\Ariel\AppData\Local\Temp\Execute2App.exe
C:\Users\Ariel\AppData\Local\Temp\JavaIC.dll
C:\Users\Ariel\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Ariel\AppData\Local\Temp\msscct32.dll
C:\Users\Ariel\AppData\Local\Temp\msvcp90.dll
C:\Users\Ariel\AppData\Local\Temp\msvcr90.dll
C:\Users\Ariel\AppData\Local\Temp\P4DV3EYO6V.exe
C:\Users\Ariel\AppData\Local\Temp\pps-qq-19.exe
C:\Users\Ariel\AppData\Local\Temp\qqpcmgr_v11.5.17490.219_45479_Silence.exe
C:\Users\Ariel\AppData\Local\Temp\setup.exe
C:\Users\Ariel\AppData\Local\Temp\ts_10051.exe
C:\Users\Ariel\AppData\Local\Temp\vk_ok_adblock.exe
C:\Users\Ariel\AppData\Local\Temp\VY5II8VDLD.exe
C:\Users\Ariel\AppData\Local\Temp\wajam_install.exe
C:\Users\Ariel\AppData\Local\Temp\YSearchUtil.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-23 11:06

==================== Ende von FRST.txt ============================
Geändert von Brandon_K (26.05.2016 um 19:10 Uhr)

 

Themen zu Windows 10: Chinesische Schadsoftware
.dll, adobe, akamai, auslastung, bonjour, cpu, defender, desktop, dnsapi.dll, explorer, firefox, google, homepage, mozilla, netgear, prozesse, realtek, registry, rundll, scan, services.exe, software, svchost.exe, taskleiste, usb, windows, windowsapps


« Viren,Trojaner,Würmer,Track cookies und Komische Programe. | Win7 64bit Avast meldet Virus Infektion "die nur schwer mit üblichen Methoden entfernt werden kann"? »


Ähnliche Themen: Windows 10: Chinesische Schadsoftware


  1. Windows 10: Amazon Konto gehackt, kann keine Schadsoftware finden
    Log-Analyse und Auswertung - 30.04.2016 (1)
  2. Windows 7: Office Produkte stürzen ab. Schadsoftware?
    Log-Analyse und Auswertung - 17.04.2016 (11)
  3. Windows 10: Paypal Konto gehackt, kann keine Schadsoftware finden
    Log-Analyse und Auswertung - 31.03.2016 (12)
  4. Windows 7, Dienste, Chinesische Zeichen, Status beendet
    Log-Analyse und Auswertung - 11.10.2015 (17)
  5. Remote-Schadsoftware kontrolliert gesamtes Heimnetzwerk: Manipulation des Windows-Remote-Systems
    Log-Analyse und Auswertung - 10.09.2015 (5)
  6. Black Hat: Schadsoftware per Windows-Update mit WSUS
    Nachrichten - 08.08.2015 (0)
  7. Windows 7 Ultimate: Mögliche Schadsoftware eingefangen
    Plagegeister aller Art und deren Bekämpfung - 13.04.2015 (40)
  8. Win 8.1 : Mozilla Tab-falsche Startseite und Chinesische Schriftzeichen, Windows-Start "Startmenü aktualisiert"
    Log-Analyse und Auswertung - 15.03.2015 (33)
  9. Windows 8.1 - Avira PC Cleaner Schadsoftware TR/Trustezeb.145408 nicht zu löschen
    Log-Analyse und Auswertung - 08.01.2015 (11)
  10. Windows 8; Chinesische Zeichen; Dienste
    Log-Analyse und Auswertung - 24.11.2014 (17)
  11. Schadsoftware auf Windows Vista verursacht Bluescreen ?
    Log-Analyse und Auswertung - 07.10.2014 (64)
  12. Windows XP: Schadsoftware durch VLC-Player-Download
    Plagegeister aller Art und deren Bekämpfung - 27.02.2014 (3)
  13. [WINDOWS 8] Komischer Chinesische Eintrag unter Dienste
    Plagegeister aller Art und deren Bekämpfung - 04.02.2014 (7)
  14. Windows 7: Schadsoftware bei Online-Banking, nach Entfernung läuft MSE nur sporadisch
    Log-Analyse und Auswertung - 14.11.2013 (16)
  15. Schadsoftware könnte Probleme mit Windows-XP-Patch verursachen
    Nachrichten - 14.02.2010 (0)
  16. CHinesische Popups
    Log-Analyse und Auswertung - 26.01.2008 (1)
  17. Chinesische Toolbar
    Plagegeister aller Art und deren Bekämpfung - 18.02.2007 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 10: Chinesische Schadsoftware - Hi Leute, mein Name ist Ariel und ich bräuchte eure Hilfe! Auf meinem PC hat sich seit 26.05.15 eine Software mit chinesischen Schriftzeichen verlaufen. Das Softwaresymbol sieht aus wie ein - Windows 10: Chinesische Schadsoftware...
Archiv
Du betrachtest: Windows 10: Chinesische Schadsoftware auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131