Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
PC führt Programme zT wahllos aus/nicht aus

PC führt Programme zT wahllos aus/nicht aus


Log-Analyse und Auswertung: PC führt Programme zT wahllos aus/nicht aus

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 28.05.2016, 10:51   #1
Zoidbarg
 
PC führt Programme zT wahllos aus/nicht aus - Standard

PC führt Programme zT wahllos aus/nicht aus


Moin!

Ich bin neu auf diesem Forum, deswegen bitte ich um Entschuldigung, sollte ich viel nachfragen (kenne mich mit der Materie schlecht aus).

Seit gestern führt mein PC Programme nicht oder stark verzögert aus.
Einige Beispiele:
- Microsoft Security Essentials starten/aktivieren sich sehr langsam (15mins nach PC Start)
Das Internetsymbol in der Taskleiste hat hierbei lange einen Kreis auf sich, dann kurz das gelbe Symbol und dann ist es normal, das Internet ist die ganze Zeit über nicht beeinträchtigt.
- Firefox funzt ohne Probleme
- Das Startmenü wird zeitweilig nicht anklickbar bzw. permanent unbedienbar
- CS:GO startet gar nicht, LoL z.B. schon (beides Spiele)
- jegliche Downloads (Anti-Malware Tools o.ä.) lassen sich nicht installieren
- abgesicherter Modus arbeitet reibungsfrei

Nach einer gewissen Zeit scheint nach dem Start alles plötzlich wieder zu laufen (die befohlenen Programmaufrufe etc. werden ausgeführt, Virenprogramm von Microsoft startet usw.).

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016
durchgeführt von Thomas (Administrator) auf THOMAS-PC (11-05-2016 12:47:59)
Gestartet von C:\Users\Thomas\Downloads
Geladene Profile: Thomas (Verfügbare Profile: Thomas)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Safe Mode (with Networking)
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [5009096 2016-04-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SPEEDLINK KUDOS] => C:\Program Files (x86)\SPEEDLINK\SPEEDLINK PRIME Gaming Mouse\Gaming Mouse.exe [1470464 2012-03-08] ()
HKLM-x32\...\Run: [Skiller PRO] => C:\Program Files (x86)\Skiller PRO\Monitor.exe [475136 2015-07-17] (Sharkoon Technologies)
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Run: [Spotify Web Helper] => C:\Users\Thomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-04-06] (Spotify Ltd)
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Run: [f.lux] => C:\Users\Thomas\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
BootExecute: autocheck autochk /r \??\C:autocheck autochk * 

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{7F44B7C4-C23C-4E67-B9AC-3F19997CD50C}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-04-29] (Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-04-29] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-04-29] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-04-29] (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-04-29] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-04-29] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)

FireFox:
========
FF ProfilePath: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default
FF Homepage: hxxps://www.youtube.com/watch?v=EiRC80FJbHU
FF NetworkProxy: "autoconfig_url", "hxxp://www.bib.h-bonn-rhein-sieg.de/bibmedia/Downloads/bibliothek/proxy-p-7010.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-04-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-04-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Extension: Reddit Enhancement Suite - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2016-04-06]
FF Extension: Adblock Plus - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-01]

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.twitch.tv/directory/following
CHR StartupUrls: Default -> "hxxps://www.twitch.tv/directory/following"
CHR Profile: C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-17]
CHR Extension: (Google Docs) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-17]
CHR Extension: (Google Drive) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-17]
CHR Extension: (YouTube) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-17]
CHR Extension: (Google Tabellen) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-17]
CHR Extension: (Google Docs Offline) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17]
CHR Extension: (Google Mail) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-17]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-04-15] (Advanced Micro Devices) [Datei ist nicht signiert]
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-01-08] ()
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2911464 2016-04-29] (Microsoft Corporation)
S2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-29] (Digital Wave Ltd.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [202288 2016-04-28] (Microsoft Corporation) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [296648 2016-04-15] (Advanced Micro Devices)
S2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [59624 2014-01-08] (Advanced Micro Devices)
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2016-04-15] (Advanced Micro Devices) [Datei ist nicht signiert]
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2014-10-31] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [305664 2014-10-31] (VIA Technologies, Inc.)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-11 12:47 - 2016-05-11 12:48 - 00012241 _____ C:\Users\Thomas\Downloads\FRST.txt
2016-05-11 12:47 - 2016-05-11 12:47 - 02381312 _____ (Farbar) C:\Users\Thomas\Downloads\FRST64.exe
2016-05-11 12:47 - 2016-05-11 12:47 - 00000000 ____D C:\FRST
2016-05-11 12:18 - 2016-05-11 12:45 - 00001536 _____ C:\Users\Thomas\Desktop\JRT.txt
2016-05-11 12:16 - 2016-05-11 12:44 - 00000000 ____D C:\AdwCleaner
2016-05-11 11:59 - 2016-05-11 11:59 - 01610816 _____ (Malwarebytes) C:\Users\Thomas\Downloads\JRT.exe
2016-05-11 11:58 - 2016-05-11 11:59 - 03640384 _____ C:\Users\Thomas\Downloads\AdwCleaner_5.116.exe
2016-05-11 11:53 - 2016-05-11 11:53 - 22851472 _____ (Malwarebytes ) C:\Users\Thomas\Downloads\mbam-setup-computerbild.8000-2.2.1.1043.exe
2016-05-11 11:03 - 2016-05-11 11:03 - 00000000 ____D C:\Program Files (x86)\ESET
2016-05-11 10:51 - 2016-05-11 10:51 - 00003544 ____N C:\bootsqm.dat
2016-05-10 23:37 - 2016-05-11 11:27 - 00000000 ____D C:\Program Files (x86)\  Malwarebytes Anti-Malware  
2016-05-10 23:37 - 2016-05-11 11:02 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-10 23:37 - 2016-05-10 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\  Malwarebytes Anti-Malware  
2016-05-10 23:37 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-05-10 23:37 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-05-10 23:37 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-05-10 23:06 - 2016-05-11 12:16 - 00707550 _____ C:\Windows\ntbtlog.txt
2016-05-08 12:49 - 2016-05-08 12:49 - 00000000 ___HD C:\ProgramData\CanonIJETV
2016-05-08 12:49 - 2016-05-08 12:49 - 00000000 ____D C:\Program Files (x86)\Canon
2016-05-08 12:14 - 2016-05-08 12:14 - 00000000 ____H C:\Users\Thomas\Documents\Default.rdp
2016-05-07 13:23 - 2016-05-07 13:23 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\WinRAR
2016-05-07 12:51 - 2016-05-11 11:04 - 00000000 ___RD C:\Users\Thomas\Documents\Scanned Documents
2016-05-07 12:51 - 2016-05-07 12:51 - 00000000 ____D C:\Users\Thomas\Documents\Fax
2016-05-06 16:11 - 2016-05-07 11:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-01 15:50 - 2016-05-01 19:05 - 00000000 ____D C:\Users\Thomas\Desktop\Rea
2016-04-25 22:10 - 2016-04-25 22:10 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2016-04-25 22:09 - 2016-02-16 01:27 - 00125720 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-04-25 22:09 - 2016-02-16 01:26 - 00126232 _____ C:\Windows\system32\vulkan-1.dll
2016-04-25 22:09 - 2016-02-16 01:25 - 00045848 _____ C:\Windows\system32\vulkaninfo.exe
2016-04-25 22:09 - 2016-02-16 01:25 - 00042264 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-04-25 22:08 - 2016-04-25 22:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2016-04-25 22:08 - 2016-04-25 22:08 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-04-25 22:01 - 2016-04-25 22:01 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ViaHub3_01011.Wdf
2016-04-25 22:00 - 2016-04-25 22:00 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xhcdrv_01011.Wdf
2016-04-24 15:44 - 2016-04-25 21:38 - 00000944 _____ C:\Users\Thomas\Desktop\Start Tor Browser.lnk
2016-04-24 15:44 - 2016-04-24 15:44 - 00000833 _____ C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-04-24 12:18 - 2016-04-24 21:15 - 00000000 ____D C:\Program Files\WinRAR
2016-04-24 12:18 - 2016-04-24 15:44 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-24 12:18 - 2016-04-24 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-24 12:18 - 2016-04-24 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skiller PRO
2016-04-24 12:18 - 2016-04-24 12:18 - 00000000 ____D C:\Program Files (x86)\Skiller PRO
2016-04-23 23:32 - 2016-04-23 23:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPEEDLINK PRIME
2016-04-23 23:32 - 2016-04-23 23:32 - 00000000 ____D C:\Program Files (x86)\SPEEDLINK
2016-04-17 21:00 - 2016-04-17 21:00 - 00000000 ____D C:\Users\Thomas\Documents\Benutzerdefinierte Office-Vorlagen
2016-04-17 20:58 - 2016-04-17 20:58 - 00000000 ____D C:\Users\Thomas\AppData\LocalLow\Temp
2016-04-17 20:30 - 2016-04-17 20:31 - 00000000 ____D C:\Users\Thomas\Desktop\MS Office
2016-04-17 20:18 - 2016-04-17 20:18 - 00002180 _____ C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-04-17 20:18 - 2016-04-17 20:18 - 00002120 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-04-17 20:18 - 2016-04-17 20:18 - 00002120 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-04-17 20:18 - 2016-04-17 20:18 - 00000000 ___RD C:\Users\Thomas\OneDrive
2016-04-17 20:18 - 2016-04-17 20:18 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-04-17 20:18 - 2016-04-17 20:18 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-04-17 20:03 - 2016-04-17 20:03 - 00002509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-04-17 20:03 - 2016-04-17 20:03 - 00002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-04-17 20:03 - 2016-04-17 20:03 - 00002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-04-17 20:03 - 2016-04-17 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2016-04-17 19:59 - 2016-05-07 11:43 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-17 19:59 - 2016-04-17 19:59 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-04-17 19:56 - 2016-05-07 11:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-04-17 19:56 - 2016-04-17 19:56 - 00000000 ____D C:\Users\Thomas\Desktop\Chemsketch
2016-04-17 19:56 - 2016-04-17 19:56 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-04-17 19:51 - 2016-04-17 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACDLabs Freeware 2015
2016-04-17 19:50 - 2016-04-17 19:51 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Advanced Chemistry Development
2016-04-17 19:50 - 2016-04-17 19:51 - 00000000 ____D C:\ProgramData\Advanced Chemistry Development
2016-04-17 19:50 - 2016-04-17 19:51 - 00000000 ____D C:\ACD2015FREE
2016-04-17 15:04 - 2016-05-03 14:09 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-17 15:03 - 2016-05-11 11:46 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-17 15:03 - 2016-05-10 23:08 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-17 15:03 - 2016-04-17 15:41 - 00000000 ____D C:\Users\Thomas\AppData\Local\Google
2016-04-17 15:03 - 2016-04-17 15:04 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-17 15:03 - 2016-04-17 15:03 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-04-17 15:03 - 2016-04-17 15:03 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-04-17 14:59 - 2016-04-17 14:59 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\LolClient
2016-04-16 17:36 - 2016-05-05 14:17 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\DVDVideoSoft
2016-04-16 17:36 - 2016-04-16 17:36 - 00001398 _____ C:\Users\Public\Desktop\Free YouTube To MP3 Converter.lnk
2016-04-16 17:36 - 2016-04-16 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-04-16 17:36 - 2016-04-16 17:36 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2016-04-16 17:36 - 2016-04-16 17:36 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-04-15 23:15 - 2016-04-15 23:15 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2016-04-15 23:15 - 2016-04-15 23:15 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2016-04-15 23:15 - 2016-04-15 23:15 - 00110880 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2016-04-15 23:15 - 2016-04-15 23:15 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2016-04-15 23:15 - 2016-04-15 23:15 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2016-04-15 23:15 - 2016-04-15 23:15 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2016-04-15 23:15 - 2016-04-15 23:15 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2016-04-15 23:15 - 2016-04-15 23:15 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2016-04-15 23:14 - 2016-04-15 23:14 - 09526616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2016-04-15 23:14 - 2016-04-15 23:14 - 00120656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2016-04-15 23:13 - 2016-04-15 23:13 - 08844232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2016-04-15 23:11 - 2016-04-15 23:11 - 00296648 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2016-04-15 23:05 - 2016-04-15 23:05 - 26345472 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2016-04-15 22:57 - 2016-04-15 22:57 - 06956032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2016-04-15 22:54 - 2016-04-15 22:54 - 48212480 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2016-04-15 22:54 - 2016-04-15 22:54 - 00235008 _____ C:\Windows\system32\clinfo.exe
2016-04-15 22:53 - 2016-04-15 22:53 - 05420032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2016-04-15 22:52 - 2016-04-15 22:52 - 40126976 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2016-04-15 22:51 - 2016-04-15 22:51 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-04-15 22:51 - 2016-04-15 22:51 - 00059392 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-04-15 22:49 - 2016-04-15 22:49 - 26886656 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2016-04-15 22:49 - 2016-04-15 22:49 - 21730304 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2016-04-15 22:28 - 2016-04-15 22:28 - 00701440 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2016-04-15 22:28 - 2016-04-15 22:28 - 00580096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2016-04-15 22:27 - 2016-04-15 22:27 - 30380032 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2016-04-15 22:27 - 2016-04-15 22:27 - 06884864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2016-04-15 22:27 - 2016-04-15 22:27 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2016-04-15 22:27 - 2016-04-15 22:27 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2016-04-15 22:24 - 2016-04-15 22:24 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2016-04-15 22:24 - 2016-04-15 22:24 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2016-04-15 22:23 - 2016-04-15 22:23 - 05398016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2016-04-15 22:22 - 2016-04-15 22:22 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2016-04-15 22:22 - 2016-04-15 22:22 - 00096256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2016-04-15 22:21 - 2016-04-15 22:21 - 25070080 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2016-04-15 22:21 - 2016-04-15 22:21 - 00103424 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2016-04-15 22:20 - 2016-04-15 22:20 - 00097280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2016-04-15 22:20 - 2016-04-15 22:20 - 00089600 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2016-04-15 22:19 - 2016-04-15 22:19 - 15711744 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2016-04-15 22:19 - 2016-04-15 22:19 - 00698768 _____ C:\Windows\SysWOW64\atiapfxx.blb
2016-04-15 22:19 - 2016-04-15 22:19 - 00698768 _____ C:\Windows\system32\atiapfxx.blb
2016-04-15 22:19 - 2016-04-15 22:19 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2016-04-15 22:19 - 2016-04-15 22:19 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2016-04-15 22:19 - 2016-04-15 22:19 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2016-04-15 22:19 - 2016-04-15 22:19 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2016-04-15 22:19 - 2016-04-15 22:19 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2016-04-15 22:18 - 2016-04-15 22:18 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2016-04-15 22:17 - 2016-04-15 22:17 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2016-04-15 22:15 - 2016-04-15 22:15 - 00564736 _____ (AMD) C:\Windows\system32\atieclxx.exe
2016-04-15 22:15 - 2016-04-15 22:15 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2016-04-15 22:15 - 2016-04-15 22:15 - 00224256 _____ C:\Windows\system32\dgtrayicon.exe
2016-04-15 22:15 - 2016-04-15 22:15 - 00209920 _____ C:\Windows\system32\GameManager64.dll
2016-04-15 22:15 - 2016-04-15 22:15 - 00204800 _____ C:\Windows\system32\amdgfxinfo64.dll
2016-04-15 22:15 - 2016-04-15 22:15 - 00189952 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2016-04-15 22:15 - 2016-04-15 22:15 - 00162304 _____ C:\Windows\system32\atieah64.exe
2016-04-15 22:15 - 2016-04-15 22:15 - 00145408 _____ C:\Windows\SysWOW64\atieah32.exe
2016-04-15 22:15 - 2016-04-15 22:15 - 00078336 _____ (AMD) C:\Windows\system32\atimuixx.dll
2016-04-15 22:14 - 2016-04-15 22:14 - 00251392 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2016-04-15 22:14 - 2016-04-15 22:14 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2016-04-15 22:12 - 2016-04-15 22:12 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2016-04-15 22:12 - 2016-04-15 22:12 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00944640 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00944640 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00157696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00142336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00075776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2016-04-15 22:10 - 2016-04-15 22:10 - 00676864 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2016-04-15 22:10 - 2016-04-15 22:10 - 00195072 _____ C:\Windows\system32\hsa-thunk64.dll
2016-04-15 22:10 - 2016-04-15 22:10 - 00174592 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2016-04-15 18:28 - 2016-04-15 18:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-04-15 16:23 - 2016-04-15 16:23 - 02412544 _____ C:\Windows\system32\amdacpusl.pdb
2016-04-15 16:20 - 2016-04-15 16:20 - 00364544 _____ (Advanced Micro Devices) C:\Windows\system32\amdacpusl.dll
2016-04-15 16:20 - 2016-04-15 16:20 - 00306176 _____ C:\Windows\system32\amdacpusl.pdb.pub
2016-04-15 16:20 - 2016-04-15 16:20 - 00248832 _____ (Advanced Micro Devices) C:\Windows\SysWOW64\amdacpusl.dll
2016-04-12 21:16 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-12 21:16 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-12 21:16 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-12 21:16 - 2016-03-29 19:53 - 03216896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-12 21:16 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-12 21:16 - 2016-03-18 01:04 - 05551336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-12 21:16 - 2016-03-18 01:04 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-12 21:16 - 2016-03-18 01:04 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-12 21:16 - 2016-03-18 01:04 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-04-12 21:16 - 2016-03-18 01:01 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-12 21:16 - 2016-03-18 01:01 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-12 21:16 - 2016-03-18 00:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-04-12 21:16 - 2016-03-18 00:57 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-04-12 21:16 - 2016-03-18 00:57 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-04-12 21:16 - 2016-03-18 00:57 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-04-12 21:16 - 2016-03-18 00:57 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-04-12 21:16 - 2016-03-18 00:57 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-12 21:16 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-12 21:16 - 2016-03-18 00:56 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-04-12 21:16 - 2016-03-18 00:54 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-12 21:16 - 2016-03-18 00:54 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-12 21:16 - 2016-03-18 00:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-04-12 21:16 - 2016-03-18 00:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-04-12 21:16 - 2016-03-18 00:53 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-12 21:16 - 2016-03-18 00:53 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-12 21:16 - 2016-03-18 00:53 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-12 21:16 - 2016-03-18 00:53 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-04-12 21:16 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-04-12 21:16 - 2016-03-18 00:33 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-12 21:16 - 2016-03-18 00:31 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-04-12 21:16 - 2016-03-18 00:31 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-04-12 21:16 - 2016-03-18 00:31 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-12 21:16 - 2016-03-18 00:31 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-04-12 21:16 - 2016-03-18 00:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-04-12 21:16 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-04-12 21:16 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-04-12 21:16 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-04-12 21:16 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-04-12 21:16 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-04-12 21:16 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-04-12 21:16 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-12 21:16 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-04-12 21:16 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-04-12 21:16 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-04-12 21:16 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-04-12 21:16 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-04-12 21:16 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-12 21:16 - 2016-03-17 23:53 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-04-12 21:16 - 2016-03-17 23:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-04-12 21:16 - 2016-03-17 23:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-04-12 21:16 - 2016-03-17 23:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-04-12 21:16 - 2016-03-17 23:44 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-04-12 21:16 - 2016-03-17 23:43 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-04-12 21:16 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-04-12 21:16 - 2016-03-17 23:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-12 21:16 - 2016-03-17 23:37 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-12 21:16 - 2016-03-17 23:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-12 21:16 - 2016-03-17 23:35 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-04-12 21:16 - 2016-03-17 23:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-04-12 21:16 - 2016-03-17 23:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-04-12 21:16 - 2016-03-17 23:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-04-12 21:16 - 2016-03-17 23:30 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-04-12 21:16 - 2016-03-17 23:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-04-12 21:16 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-04-12 21:16 - 2016-03-17 23:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-12 21:16 - 2016-03-17 23:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-12 21:16 - 2016-03-17 23:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-12 21:16 - 2016-03-17 23:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-12 21:16 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-12 21:16 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-12 21:16 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-12 21:16 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-12 21:16 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-12 21:16 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-12 21:16 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-12 21:16 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-12 21:16 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-12 21:16 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-12 21:16 - 2016-03-11 20:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-04-12 21:16 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-04-12 21:16 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-12 21:16 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-12 21:16 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-12 21:16 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-04-12 21:16 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-04-12 21:16 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-04-12 21:16 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-04-12 21:16 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-04-12 21:16 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-04-12 21:16 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-11 12:09 - 2009-07-14 06:45 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-11 12:09 - 2009-07-14 06:45 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-11 11:51 - 2011-04-12 09:43 - 00699092 _____ C:\Windows\system32\perfh007.dat
2016-05-11 11:51 - 2011-04-12 09:43 - 00149232 _____ C:\Windows\system32\perfc007.dat
2016-05-11 11:51 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-11 11:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-11 11:46 - 2016-04-08 16:36 - 00000000 ____D C:\Users\Thomas\AppData\Local\Apps\2.0
2016-05-11 11:46 - 2016-04-06 21:40 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-11 11:46 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-11 11:45 - 2016-04-09 11:54 - 00000000 ____D C:\Users\Thomas\AppData\Local\Downloaded Installations
2016-05-11 11:42 - 2016-04-06 21:00 - 00000000 ____D C:\60123cffff02c322a6
2016-05-10 23:48 - 2016-04-06 21:53 - 00000000 ____D C:\Users\Thomas\AppData\Local\ElevatedDiagnostics
2016-05-10 23:27 - 2014-01-11 18:52 - 00000000 ____D C:\Users\Thomas\Desktop\#I so'n Shit
2016-05-10 23:26 - 2016-04-07 15:20 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-05-10 23:20 - 2016-04-10 00:44 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-10 23:14 - 2016-04-06 22:57 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Skype
2016-05-10 22:12 - 2016-04-06 20:55 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\TS3Client
2016-05-10 20:25 - 2016-04-07 16:27 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-10 20:24 - 2016-04-07 16:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-08 12:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-05-07 11:20 - 2016-04-06 20:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-06 11:46 - 2016-04-08 16:28 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-06 11:46 - 2016-04-08 16:28 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-05 14:19 - 2016-04-10 15:23 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-01 18:18 - 2016-04-06 21:29 - 00000000 ____D C:\Users\Thomas\AppData\Local\Spotify
2016-05-01 17:54 - 2016-04-06 21:28 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Spotify
2016-04-26 17:45 - 2016-04-06 20:55 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-04-25 22:11 - 2016-04-06 21:49 - 00004230 _____ C:\Windows\System32\Tasks\AMD Updater
2016-04-25 22:11 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-04-25 22:09 - 2016-04-06 21:42 - 00000000 ____D C:\Program Files\AMD
2016-04-25 22:09 - 2016-04-06 21:14 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-25 22:08 - 2016-04-06 21:43 - 00000000 ____D C:\Program Files (x86)\AMD
2016-04-25 22:04 - 2016-04-06 21:40 - 00000000 ____D C:\AMD
2016-04-24 12:18 - 2016-04-06 20:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-22 09:57 - 2010-11-21 05:27 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-18 19:08 - 2009-07-14 06:45 - 00424696 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-17 20:50 - 2016-04-06 21:22 - 00110176 _____ C:\Users\Thomas\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-17 20:18 - 2016-04-06 19:37 - 00000000 ____D C:\Users\Thomas
2016-04-17 17:03 - 2016-04-10 21:32 - 00000000 ____D C:\Program Files\Common Files\logishrd
2016-04-15 23:14 - 2016-04-04 06:16 - 00152568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2016-04-15 23:14 - 2016-04-04 06:16 - 00133528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2016-04-15 23:14 - 2016-04-04 06:15 - 11631488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2016-04-15 23:14 - 2016-04-04 06:15 - 09588416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2016-04-15 23:14 - 2016-04-04 06:15 - 08585696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2016-04-15 23:14 - 2016-04-04 06:15 - 07394016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2016-04-15 23:14 - 2016-04-04 06:15 - 01519920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2016-04-15 23:14 - 2016-04-04 06:15 - 01248000 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2016-04-15 23:14 - 2016-04-04 06:15 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2016-04-15 22:24 - 2016-04-04 04:25 - 00865280 _____ (AMD) C:\Windows\system32\coinst_16.15.dll
2016-04-15 22:15 - 2016-04-04 03:57 - 00186368 _____ C:\Windows\SysWOW64\GameManager32.dll
2016-04-15 22:11 - 2016-04-04 03:33 - 01276416 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2016-04-13 19:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-04-11 07:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-04-06 21:12 - 2016-04-06 21:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Thomas\AppData\Local\Temp\libeay32.dll
C:\Users\Thomas\AppData\Local\Temp\msvcr120.dll
C:\Users\Thomas\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-08 17:08

==================== Ende von FRST.txt ============================
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-05-2016
durchgeführt von Thomas (2016-05-11 12:48:16)
Gestartet von C:\Users\Thomas\Downloads
Windows 7 Professional Service Pack 1 (X64) (2016-04-06 17:37:00)
Start-Modus: Safe Mode (with Networking)
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-758422454-1604163277-2610386603-500 - Administrator - Disabled)
Gast (S-1-5-21-758422454-1604163277-2610386603-501 - Limited - Disabled)
Thomas (S-1-5-21-758422454-1604163277-2610386603-1000 - Administrator - Enabled) => C:\Users\Thomas

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACD/Labs Freeware in C:\ACD2015FREE\ (HKLM-x32\...\ACDLabs in C__ACD2015FREE_) (Version: v14.00, FREE - ACD/Labs)
ACP Application (Version: 2016.0415.1620.42 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{34D5220A-58D0-473C-90E4-15136C3FB0E3}) (Version: 4.3.1.0690 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
f.lux (HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Flux) (Version:  - )
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.6.328 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.6868.2060 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Mozilla Thunderbird 45.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.0 (x86 de)) (Version: 45.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6828.1015 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6828.1015 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6828.1015 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Skiller PRO (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 2.1.15.6 - Sharkoon Technologies)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
SPEEDLINK PRIME Gaming Mouse (HKLM-x32\...\SPEEDLINK KUDOS) (Version:  - )
Spotify (HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Spotify) (Version: 1.0.26.132.ga4e3ccee - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-758422454-1604163277-2610386603-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-758422454-1604163277-2610386603-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1814CA9E-7654-4C59-A165-834EAFF679D5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-04-29] (Microsoft Corporation)
Task: {27A11073-67A1-4E9E-8D6E-45BDC9C1B526} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-04-24] (Microsoft Corporation)
Task: {27D6393D-4FA7-49C0-BE3D-07B63F1744C5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {29C10ED2-A5DB-47E4-90CB-64F2328E12F5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-10] (Adobe Systems Incorporated)
Task: {2B3D71FA-7E23-4D26-825C-F593771E4CD8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {6278FE4B-B427-4684-98CD-0860249EFF41} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-04-29] (Microsoft Corporation)
Task: {8BD2EB0E-CC15-4B5E-96EE-86402FE4DE2E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-04-29] (Microsoft Corporation)
Task: {9304EBB5-82CD-4F09-B853-E07F96DD2FAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17] (Google Inc.)
Task: {B03D6180-4DBB-4D79-800E-2FA7B7550D83} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-04-29] (Microsoft Corporation)
Task: {D122ABCC-35C0-4196-9705-4C9E5608F49A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-04-29] (Microsoft Corporation)
Task: {DAF3A632-9FB4-418A-9FFA-AE2B117D2E43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17] (Google Inc.)
Task: {E81E985F-3881-447F-B0A0-40F0625F0B5B} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-04-15] (Advanced Micro Devices, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============


==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-758422454-1604163277-2610386603-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{1BCAC893-CFF5-4B9B-B850-44B7676B9E6C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7111D390-46B3-475F-80D1-301F5CDBB677}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A4AB2E0E-53C0-4177-9A3E-20002042C1D7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C4571AB8-9671-4363-B564-69DB43825264}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2FAD3544-A9CF-429F-BBC3-0A9ABF814914}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{36A774A3-45F8-474F-A081-87A5A9C1E404}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8EC2A934-959C-4D2A-BC87-C8720EA64DE9}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5AACE038-93F5-4799-9AE6-F166A1ADCEC0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D17EAD2D-00F5-4473-9873-7CBF0C0914D2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E76E4D58-B87C-4CED-9F5B-711B2906D389}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AC3BC60B-C4A3-4230-BDA5-4AD011A42F8C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{93B56332-F08C-4B6B-93F4-A3F34F9C5A36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{200E9D49-D84B-4235-A117-7685E9F00AD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6867D683-685D-4382-9E43-7C6CDDB4BE9D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{25B354C7-1BA0-4185-B445-EC8D1A210A17}C:\users\thomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E44951C8-D687-4754-8D0B-8AB1B23EF7F4}C:\users\thomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9C60BA12-94B0-4E54-BF18-5AB6F5E4C1F3}] => (Block) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{39537144-DD55-4166-9463-33EF7C683842}] => (Block) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9EDC795F-272A-4EB3-AD00-1A91DCDE93CA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{BBA74933-FA30-4DA3-B21A-25D571817B41}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{B012F289-0C94-4CA8-AB32-1DA7A4B769E8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{0E1C8AF4-9E36-458A-9836-A67DE07796CD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{A5D40BF6-B394-4075-92B5-40FAC0B071F9}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{D4E6A0F9-6BA8-46E9-81CE-15A620FC7729}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{3056E7AE-0BC8-4731-9E16-9E4EAEDC3026}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{704ADC8C-BBA6-4E33-91D1-C5BF2058EAE0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{7E0479A9-88A2-4214-9B71-542190D6AFCA}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{7AFF1394-3682-4074-A63B-78CB06000157}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{006E7432-7673-4D85-9C07-6A4C56E8CFB0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{04A0DEE9-698B-445C-951D-BD6AA2D243AA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe

==================== Wiederherstellungspunkte =========================

06-05-2016 11:46:34 Windows Update
06-05-2016 18:25:46 Windows Update
07-05-2016 02:00:30 Windows Update
07-05-2016 11:24:18 Windows Update
07-05-2016 14:36:19 Windows Update
08-05-2016 01:52:15 Windows Update
08-05-2016 11:55:58 Windows Update
08-05-2016 17:10:43 Windows Update
09-05-2016 00:19:15 Windows Update
09-05-2016 17:37:19 Windows Update
09-05-2016 18:33:28 Windows Update
10-05-2016 00:59:20 Windows Update
10-05-2016 14:13:09 Windows Update
10-05-2016 22:12:04 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/11/2016 12:44:59 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\Thomas\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; Beschreibung = JRT Pre-Junkware Removal; Fehler = 0x8007043c).

Error: (05/11/2016 12:23:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RadeonSettings.exe, Version: 10.1.1.1622, Zeitstempel: 0x5711503b
Name des fehlerhaften Moduls: MSVCR120.dll, Version: 12.0.21005.1, Zeitstempel: 0x524f83ff
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000000000074a46
ID des fehlerhaften Prozesses: 0x70c
Startzeit der fehlerhaften Anwendung: 0xRadeonSettings.exe0
Pfad der fehlerhaften Anwendung: RadeonSettings.exe1
Pfad des fehlerhaften Moduls: RadeonSettings.exe2
Berichtskennung: RadeonSettings.exe3

Error: (05/11/2016 12:18:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/11/2016 12:17:04 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\Thomas\AppData\Local\Temp\jrt\CreateRestorePoint.exe  "JRT Pre-Junkware Removal"; Beschreibung = JRT Pre-Junkware Removal; Fehler = 0x8007043c).

Error: (05/11/2016 11:48:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/11/2016 11:40:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/11/2016 11:36:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/11/2016 11:03:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/11/2016 11:03:21 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (05/11/2016 11:03:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.


Systemfehler:
=============
Error: (05/11/2016 12:47:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (05/11/2016 12:47:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (05/11/2016 12:47:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (05/11/2016 12:47:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (05/11/2016 12:47:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (05/11/2016 12:47:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (05/11/2016 12:44:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (05/11/2016 12:44:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (05/11/2016 12:44:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (05/11/2016 12:44:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


==================== Speicherinformationen =========================== 

Prozessor: AMD FX-8320E Eight-Core Processor 
Prozentuale Nutzung des RAM: 10%
Installierter physikalischer RAM: 16350.65 MB
Verfügbarer physikalischer RAM: 14670.25 MB
Summe virtueller Speicher: 32699.48 MB
Verfügbarer virtueller Speicher: 31094.45 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:342.01 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 85DD657B)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Alt 28.05.2016, 10:55   #2
Zoidbarg
 
PC führt Programme zT wahllos aus/nicht aus - Standard

PC führt Programme zT wahllos aus/nicht aus


Code:
ATTFilter
10:55:22.0848 0x1a6c  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
10:55:36.0841 0x1a6c  ============================================================
10:55:36.0841 0x1a6c  Current date / time: 2016/05/27 10:55:36.0841
10:55:36.0841 0x1a6c  SystemInfo:
10:55:36.0841 0x1a6c  
10:55:36.0841 0x1a6c  OS Version: 6.1.7601 ServicePack: 1.0
10:55:36.0841 0x1a6c  Product type: Workstation
10:55:36.0841 0x1a6c  ComputerName: THOMAS-PC
10:55:36.0841 0x1a6c  UserName: Thomas
10:55:36.0841 0x1a6c  Windows directory: C:\Windows
10:55:36.0841 0x1a6c  System windows directory: C:\Windows
10:55:36.0841 0x1a6c  Running under WOW64
10:55:36.0841 0x1a6c  Processor architecture: Intel x64
10:55:36.0841 0x1a6c  Number of processors: 8
10:55:36.0841 0x1a6c  Page size: 0x1000
10:55:36.0841 0x1a6c  Boot type: Normal boot
10:55:36.0841 0x1a6c  ============================================================
10:55:36.0950 0x1a6c  KLMD registered as C:\Windows\system32\drivers\86345052.sys
10:55:37.0558 0x1a6c  System UUID: {71019C58-4816-56F5-548D-3AC9F487C3AC}
10:55:37.0964 0x1a6c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:55:37.0979 0x1a6c  ============================================================
10:55:37.0979 0x1a6c  \Device\Harddisk0\DR0:
10:55:37.0979 0x1a6c  MBR partitions:
10:55:37.0979 0x1a6c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
10:55:37.0979 0x1a6c  ============================================================
10:55:37.0979 0x1a6c  C: <-> \Device\Harddisk0\DR0\Partition1
10:55:37.0979 0x1a6c  ============================================================
10:55:37.0979 0x1a6c  Initialize success
10:55:37.0979 0x1a6c  ============================================================
10:56:11.0235 0x134c  ============================================================
10:56:11.0235 0x134c  Scan started
10:56:11.0235 0x134c  Mode: Manual; SigCheck; TDLFS; 
10:56:11.0235 0x134c  ============================================================
10:56:11.0235 0x134c  KSN ping started
10:56:13.0553 0x134c  KSN ping finished: true
10:56:13.0764 0x134c  ================ Scan system memory ========================
10:56:13.0764 0x134c  System memory - ok
10:56:13.0765 0x134c  ================ Scan services =============================
10:56:13.0798 0x134c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:56:13.0843 0x134c  1394ohci - ok
10:56:13.0856 0x134c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:56:13.0871 0x134c  ACPI - ok
10:56:13.0874 0x134c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:56:13.0889 0x134c  AcpiPmi - ok
10:56:13.0894 0x134c  [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:56:13.0904 0x134c  AdobeARMservice - ok
10:56:13.0929 0x134c  [ 6A050671F2C76FB48131F12786802807, 71B37A9CEAE5AB1B069FB010BC547E14445461885B74FA879E63F9F2DAF644A5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:56:13.0947 0x134c  AdobeFlashPlayerUpdateSvc - ok
10:56:13.0961 0x134c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
10:56:13.0983 0x134c  adp94xx - ok
10:56:13.0994 0x134c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
10:56:14.0012 0x134c  adpahci - ok
10:56:14.0019 0x134c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
10:56:14.0033 0x134c  adpu320 - ok
10:56:14.0038 0x134c  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:56:14.0054 0x134c  AeLookupSvc - ok
10:56:14.0066 0x134c  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
10:56:14.0089 0x134c  AFD - ok
10:56:14.0093 0x134c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:56:14.0103 0x134c  agp440 - ok
10:56:14.0107 0x134c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
10:56:14.0122 0x134c  ALG - ok
10:56:14.0125 0x134c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:56:14.0134 0x134c  aliide - ok
10:56:14.0144 0x134c  [ B31F6F6CBE002161AD2EA27733D4D1A4, 4765B4E7F893724B1EE57D2555881D7498DB22940BB99586CA025269C437B1F1 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:56:14.0170 0x134c  AMD External Events Utility - ok
10:56:14.0173 0x134c  AMD FUEL Service - ok
10:56:14.0182 0x134c  [ BFFC39EA0FD433AA21BBDA36E111ABCA, 05EBBFB3B66BF868538D9C00157051671C26265BD4A738BC54707B0E913AAD51 ] amdacpksd       C:\Windows\system32\drivers\amdacpksd.sys
10:56:14.0195 0x134c  amdacpksd - ok
10:56:14.0201 0x134c  [ 3785941746AC5AC844832CB965DEBF9D, 136DED7611C85FA192B1FC57F98C018F657D502DFC431A61C4C2360BB15D84F9 ] amdacpusrsvc    C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
10:56:14.0207 0x134c  amdacpusrsvc - detected UnsignedFile.Multi.Generic ( 1 )
10:56:16.0634 0x134c  amdacpusrsvc ( UnsignedFile.Multi.Generic ) - warning
10:56:18.0993 0x134c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:56:19.0014 0x134c  amdide - ok
10:56:19.0022 0x134c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
10:56:19.0033 0x134c  AmdK8 - ok
10:56:19.0035 0x134c  amdkmdag - ok
10:56:19.0047 0x134c  [ F6A33C17A38EC7555161599458E5A59A, 0FD503F3CD91B47802A4773714C3E07632004D27FE1BC44185E1217775F0FB49 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
10:56:19.0067 0x134c  amdkmdap - ok
10:56:19.0072 0x134c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
10:56:19.0083 0x134c  AmdPPM - ok
10:56:19.0088 0x134c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:56:19.0099 0x134c  amdsata - ok
10:56:19.0106 0x134c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
10:56:19.0118 0x134c  amdsbs - ok
10:56:19.0121 0x134c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:56:19.0130 0x134c  amdxata - ok
10:56:19.0134 0x134c  [ EBECBA1E37CE98BA2BD64A22A788DAC5, 247C474DAF9FFFF7FB46EB6185088B94B886A7685F98CABE1983EFEAEE1A8338 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
10:56:19.0144 0x134c  amd_sata - ok
10:56:19.0147 0x134c  [ 7F1B42E70FAE147B14B28B83E003F039, 093C2B57AFDC93E667A3AB1F74442DBA42B0DE2132388E73BDC3D09FDBB1B3D0 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
10:56:19.0155 0x134c  amd_xata - ok
10:56:19.0158 0x134c  [ F2154A205F4B784B61A72AEBC72BDC5F, A1D962BCF952FAD8016D9210327E7C1044BF4D3D035C7443F8671DDA16E0A390 ] AODDriver4.2    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
10:56:19.0167 0x134c  AODDriver4.2 - ok
10:56:19.0171 0x134c  [ 1FDE3302A17928B999E6BBA6D346F7DB, 186029C1C62842F1FE21AAD445134A3DEDB978D2E27169D5016C3149FCC42E5C ] AODDriver4.3.0  C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys
10:56:19.0179 0x134c  AODDriver4.3.0 - ok
10:56:19.0184 0x134c  [ 24D5D2C9F24B9B7AF63182F5A444C3F9, 02D781C0FFADD355851D37B5401EFD8798F113BB5BC17A994AC5CF548360C3D2 ] AODService      C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
10:56:19.0194 0x134c  AODService - ok
10:56:19.0199 0x134c  [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
10:56:19.0213 0x134c  AppHostSvc - ok
10:56:19.0217 0x134c  [ 6474F8823C7188D2DA579F01FB6CED6B, 81D4E9D026CA60FB8840D520D151B8C2F4745A75DF90A4D6C80641F1A23AB605 ] AppID           C:\Windows\system32\drivers\appid.sys
10:56:19.0231 0x134c  AppID - ok
10:56:19.0235 0x134c  [ 8F58BA1F7772D6D7CE45F03309608001, CDB109E0DD241042C058F7D81A1BDEBC34435CB2DC4A7A7A3692193DD5806097 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:56:19.0245 0x134c  AppIDSvc - ok
10:56:19.0249 0x134c  [ B62867835B41BCD839D9896AB4D7DF09, 98036D0202DB6171E90485898175833AC44873A85E6453EBE928E433B364CE07 ] Appinfo         C:\Windows\System32\appinfo.dll
10:56:19.0263 0x134c  Appinfo - ok
10:56:19.0269 0x134c  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:56:19.0280 0x134c  Apple Mobile Device Service - ok
10:56:19.0286 0x134c  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
10:56:19.0303 0x134c  AppMgmt - ok
10:56:19.0308 0x134c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
10:56:19.0318 0x134c  arc - ok
10:56:19.0323 0x134c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:56:19.0333 0x134c  arcsas - ok
10:56:19.0345 0x134c  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:56:19.0356 0x134c  aspnet_state - ok
10:56:19.0359 0x134c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:56:19.0389 0x134c  AsyncMac - ok
10:56:19.0393 0x134c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:56:19.0402 0x134c  atapi - ok
10:56:19.0407 0x134c  [ D67188D9964E08CF344AF8390BA22E75, C4A1DD5AD5D691FAA74764105C701717F41682320ED65584FF4C84B995AAB283 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
10:56:19.0420 0x134c  AtiHDAudioService - ok
10:56:19.0436 0x134c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:56:19.0463 0x134c  AudioEndpointBuilder - ok
10:56:19.0479 0x134c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:56:19.0503 0x134c  AudioSrv - ok
10:56:19.0509 0x134c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:56:19.0527 0x134c  AxInstSV - ok
10:56:19.0539 0x134c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
10:56:19.0560 0x134c  b06bdrv - ok
10:56:19.0569 0x134c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:56:19.0584 0x134c  b57nd60a - ok
10:56:19.0590 0x134c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:56:19.0605 0x134c  BDESVC - ok
10:56:19.0608 0x134c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:56:19.0634 0x134c  Beep - ok
10:56:19.0651 0x134c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
10:56:19.0679 0x134c  BFE - ok
10:56:19.0699 0x134c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:56:19.0747 0x134c  BITS - ok
10:56:19.0751 0x134c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:56:19.0762 0x134c  blbdrive - ok
10:56:19.0773 0x134c  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:56:19.0790 0x134c  Bonjour Service - ok
10:56:19.0795 0x134c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:56:19.0809 0x134c  bowser - ok
10:56:19.0813 0x134c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
10:56:19.0825 0x134c  BrFiltLo - ok
10:56:19.0828 0x134c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
10:56:19.0839 0x134c  BrFiltUp - ok
10:56:19.0845 0x134c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
10:56:19.0861 0x134c  Browser - ok
10:56:19.0869 0x134c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:56:19.0888 0x134c  Brserid - ok
10:56:19.0892 0x134c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:56:19.0905 0x134c  BrSerWdm - ok
10:56:19.0908 0x134c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:56:19.0920 0x134c  BrUsbMdm - ok
10:56:19.0923 0x134c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:56:19.0933 0x134c  BrUsbSer - ok
10:56:19.0937 0x134c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
10:56:19.0950 0x134c  BTHMODEM - ok
10:56:19.0956 0x134c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
10:56:19.0984 0x134c  bthserv - ok
10:56:19.0988 0x134c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:56:20.0015 0x134c  cdfs - ok
10:56:20.0020 0x134c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
10:56:20.0033 0x134c  cdrom - ok
10:56:20.0038 0x134c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:56:20.0064 0x134c  CertPropSvc - ok
10:56:20.0068 0x134c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
10:56:20.0081 0x134c  circlass - ok
10:56:20.0090 0x134c  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
10:56:20.0107 0x134c  CLFS - ok
10:56:20.0172 0x134c  [ 9A62177931525A679F7ECB295442D89F, F2946F677F0602AE89E90BB62718B6AD0A4B430DE22801A0D2A358146D698D54 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
10:56:20.0176 0x18d0  Object required for P2P: [ 6A050671F2C76FB48131F12786802807 ] AdobeFlashPlayerUpdateSvc
10:56:20.0243 0x134c  ClickToRunSvc - ok
10:56:20.0253 0x134c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:56:20.0264 0x134c  clr_optimization_v2.0.50727_32 - ok
10:56:20.0270 0x134c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:56:20.0280 0x134c  clr_optimization_v2.0.50727_64 - ok
10:56:20.0289 0x134c  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:56:20.0302 0x134c  clr_optimization_v4.0.30319_32 - ok
10:56:20.0307 0x134c  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:56:20.0319 0x134c  clr_optimization_v4.0.30319_64 - ok
10:56:20.0323 0x134c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
10:56:20.0333 0x134c  CmBatt - ok
10:56:20.0336 0x134c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:56:20.0345 0x134c  cmdide - ok
10:56:20.0357 0x134c  [ CA3FB5A6B626D8A00A89E049CF95954E, CD5E3E40972513195108BA46CEC1D0AEA6B09A67EEBDD17EB759BD1729B07C06 ] CNG             C:\Windows\system32\Drivers\cng.sys
10:56:20.0380 0x134c  CNG - ok
10:56:20.0384 0x134c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
10:56:20.0393 0x134c  Compbatt - ok
10:56:20.0396 0x134c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
10:56:20.0409 0x134c  CompositeBus - ok
10:56:20.0411 0x134c  COMSysApp - ok
10:56:20.0415 0x134c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
10:56:20.0424 0x134c  crcdisk - ok
10:56:20.0432 0x134c  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:56:20.0448 0x134c  CryptSvc - ok
10:56:20.0461 0x134c  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
10:56:20.0485 0x134c  CSC - ok
10:56:20.0509 0x134c  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
10:56:20.0533 0x134c  CscService - ok
10:56:20.0548 0x134c  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:56:20.0572 0x134c  DcomLaunch - ok
10:56:20.0581 0x134c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:56:20.0614 0x134c  defragsvc - ok
10:56:20.0619 0x134c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:56:20.0646 0x134c  DfsC - ok
10:56:20.0656 0x134c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:56:20.0676 0x134c  Dhcp - ok
10:56:20.0708 0x134c  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
10:56:20.0752 0x134c  DiagTrack - ok
10:56:20.0766 0x134c  [ BB5C615C2F0D6F392B3C93B988969E02, 13F30E2BEE863823FB85A57C407060B2677D1EF95908D49D97FD0551D29E1969 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
10:56:20.0781 0x134c  DigitalWave.Update.Service - ok
10:56:20.0785 0x134c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:56:20.0813 0x134c  discache - ok
10:56:20.0818 0x134c  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
10:56:20.0828 0x134c  Disk - ok
10:56:20.0833 0x134c  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
10:56:20.0848 0x134c  dmvsc - ok
10:56:20.0855 0x134c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:56:20.0871 0x134c  Dnscache - ok
10:56:20.0879 0x134c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:56:20.0911 0x134c  dot3svc - ok
10:56:20.0918 0x134c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
10:56:20.0947 0x134c  DPS - ok
10:56:20.0950 0x134c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:56:20.0962 0x134c  drmkaud - ok
10:56:20.0983 0x134c  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:56:21.0012 0x134c  DXGKrnl - ok
10:56:21.0019 0x134c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
10:56:21.0048 0x134c  EapHost - ok
10:56:21.0113 0x134c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
10:56:21.0190 0x134c  ebdrv - ok
10:56:21.0199 0x134c  [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] EFS             C:\Windows\System32\lsass.exe
10:56:21.0213 0x134c  EFS - ok
10:56:21.0229 0x134c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:56:21.0256 0x134c  ehRecvr - ok
10:56:21.0262 0x134c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
10:56:21.0274 0x134c  ehSched - ok
10:56:21.0287 0x134c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
10:56:21.0306 0x134c  elxstor - ok
10:56:21.0310 0x134c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:56:21.0320 0x134c  ErrDev - ok
10:56:21.0333 0x134c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
10:56:21.0368 0x134c  EventSystem - ok
10:56:21.0375 0x134c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:56:21.0404 0x134c  exfat - ok
10:56:21.0411 0x134c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:56:21.0441 0x134c  fastfat - ok
10:56:21.0457 0x134c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
10:56:21.0484 0x134c  Fax - ok
10:56:21.0488 0x134c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
10:56:21.0499 0x134c  fdc - ok
10:56:21.0502 0x134c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
10:56:21.0529 0x134c  fdPHost - ok
10:56:21.0532 0x134c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:56:21.0559 0x134c  FDResPub - ok
10:56:21.0563 0x134c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:56:21.0573 0x134c  FileInfo - ok
10:56:21.0577 0x134c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:56:21.0604 0x134c  Filetrace - ok
10:56:21.0607 0x134c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
10:56:21.0618 0x134c  flpydisk - ok
10:56:21.0626 0x134c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:56:21.0641 0x134c  FltMgr - ok
10:56:21.0667 0x134c  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
10:56:21.0704 0x134c  FontCache - ok
10:56:21.0709 0x134c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:56:21.0719 0x134c  FontCache3.0.0.0 - ok
10:56:21.0723 0x134c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:56:21.0734 0x134c  FsDepends - ok
10:56:21.0738 0x134c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:56:21.0748 0x134c  Fs_Rec - ok
10:56:21.0755 0x134c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:56:21.0771 0x134c  fvevol - ok
10:56:21.0775 0x134c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:56:21.0785 0x134c  gagp30kx - ok
10:56:21.0787 0x134c  gdrv - ok
10:56:21.0805 0x134c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:56:21.0847 0x134c  gpsvc - ok
10:56:21.0854 0x134c  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:56:21.0866 0x134c  gupdate - ok
10:56:21.0871 0x134c  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:56:21.0882 0x134c  gupdatem - ok
10:56:21.0885 0x134c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:56:21.0898 0x134c  hcw85cir - ok
10:56:21.0908 0x134c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:56:21.0927 0x134c  HdAudAddService - ok
10:56:21.0932 0x134c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
10:56:21.0947 0x134c  HDAudBus - ok
10:56:21.0950 0x134c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
10:56:21.0961 0x134c  HidBatt - ok
10:56:21.0966 0x134c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
10:56:21.0979 0x134c  HidBth - ok
10:56:21.0983 0x134c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
10:56:21.0995 0x134c  HidIr - ok
10:56:21.0999 0x134c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
10:56:22.0027 0x134c  hidserv - ok
10:56:22.0031 0x134c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:56:22.0043 0x134c  HidUsb - ok
10:56:22.0048 0x134c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:56:22.0076 0x134c  hkmsvc - ok
10:56:22.0084 0x134c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:56:22.0102 0x134c  HomeGroupListener - ok
10:56:22.0108 0x134c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:56:22.0123 0x134c  HomeGroupProvider - ok
10:56:22.0127 0x134c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:56:22.0138 0x134c  HpSAMD - ok
10:56:22.0156 0x134c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:56:22.0185 0x134c  HTTP - ok
10:56:22.0189 0x134c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:56:22.0198 0x134c  hwpolicy - ok
10:56:22.0203 0x134c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:56:22.0216 0x134c  i8042prt - ok
10:56:22.0227 0x134c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:56:22.0244 0x134c  iaStorV - ok
10:56:22.0263 0x134c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:56:22.0290 0x134c  idsvc - ok
10:56:22.0294 0x134c  IEEtwCollectorService - ok
10:56:22.0299 0x134c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
10:56:22.0308 0x134c  iirsp - ok
10:56:22.0327 0x134c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
10:56:22.0355 0x134c  IKEEXT - ok
10:56:22.0361 0x134c  IntcAzAudAddService - ok
10:56:22.0364 0x134c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:56:22.0373 0x134c  intelide - ok
10:56:22.0377 0x134c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
10:56:22.0388 0x134c  intelppm - ok
10:56:22.0392 0x134c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:56:22.0421 0x134c  IPBusEnum - ok
10:56:22.0426 0x134c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:56:22.0454 0x134c  IpFilterDriver - ok
10:56:22.0467 0x134c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:56:22.0492 0x134c  iphlpsvc - ok
10:56:22.0497 0x134c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:56:22.0508 0x134c  IPMIDRV - ok
10:56:22.0513 0x134c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:56:22.0541 0x134c  IPNAT - ok
10:56:22.0555 0x134c  [ F4B68F7C1666A2A6CD1D37A08F1D6DF1, 63A3D85B07D10E6B3F4E84FDD6EA6C00F2756E1C9B3E57C11A2FFCD815E99946 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:56:22.0577 0x134c  iPod Service - ok
10:56:22.0581 0x134c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:56:22.0594 0x134c  IRENUM - ok
10:56:22.0597 0x134c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:56:22.0597 0x18d0  Object send P2P result: true
10:56:22.0606 0x134c  isapnp - ok
10:56:22.0614 0x134c  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:56:22.0628 0x134c  iScsiPrt - ok
10:56:22.0632 0x134c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:56:22.0642 0x134c  kbdclass - ok
10:56:22.0645 0x134c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:56:22.0655 0x134c  kbdhid - ok
10:56:22.0658 0x134c  [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] KeyIso          C:\Windows\system32\lsass.exe
10:56:22.0667 0x134c  KeyIso - ok
10:56:22.0672 0x134c  [ 033D1EA0A55D92B4C0F7EDB7DF8F0E5A, 31E48564C7F3AD6BB71C0E366D25D4FD55A60B48CD2B28FCB8A7A834ED7568E6 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:56:22.0682 0x134c  KSecDD - ok
10:56:22.0688 0x134c  [ 1FA53C950F443B25A79C731EF8362E7D, 00A5D62BF1F953848B3019A3771CB240915E34D536A43EA5B35F312D6F67EDC4 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:56:22.0700 0x134c  KSecPkg - ok
10:56:22.0704 0x134c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:56:22.0732 0x134c  ksthunk - ok
10:56:22.0742 0x134c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:56:22.0778 0x134c  KtmRm - ok
10:56:22.0787 0x134c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:56:22.0824 0x134c  LanmanServer - ok
10:56:22.0830 0x134c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:56:22.0859 0x134c  LanmanWorkstation - ok
10:56:22.0865 0x134c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:56:22.0896 0x134c  lltdio - ok
10:56:22.0905 0x134c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:56:22.0939 0x134c  lltdsvc - ok
10:56:22.0943 0x134c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:56:22.0971 0x134c  lmhosts - ok
10:56:22.0978 0x134c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
10:56:22.0989 0x134c  LSI_FC - ok
10:56:22.0994 0x134c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
10:56:23.0005 0x134c  LSI_SAS - ok
10:56:23.0009 0x134c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
10:56:23.0020 0x134c  LSI_SAS2 - ok
10:56:23.0025 0x134c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:56:23.0037 0x134c  LSI_SCSI - ok
10:56:23.0042 0x134c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:56:23.0072 0x134c  luafv - ok
10:56:23.0083 0x134c  [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
10:56:23.0098 0x134c  LVRS64 - ok
10:56:23.0197 0x134c  [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
10:56:23.0311 0x134c  LVUVC64 - ok
10:56:23.0323 0x134c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:56:23.0336 0x134c  Mcx2Svc - ok
10:56:23.0340 0x134c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
10:56:23.0351 0x134c  megasas - ok
10:56:23.0359 0x134c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
10:56:23.0375 0x134c  MegaSR - ok
10:56:23.0379 0x134c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
10:56:23.0409 0x134c  MMCSS - ok
10:56:23.0413 0x134c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
10:56:23.0442 0x134c  Modem - ok
10:56:23.0446 0x134c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:56:23.0460 0x134c  monitor - ok
10:56:23.0464 0x134c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:56:23.0474 0x134c  mouclass - ok
10:56:23.0478 0x134c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:56:23.0489 0x134c  mouhid - ok
10:56:23.0494 0x134c  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:56:23.0505 0x134c  mountmgr - ok
10:56:23.0510 0x134c  [ FC9A9C09B35A93F76A03D5E355FA862C, B7ED57B9D39D547BA2927FC5F02C2475BF131FDB8AD40FFDE72C966506756B56 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:56:23.0522 0x134c  MozillaMaintenance - ok
10:56:23.0531 0x134c  [ DA0FAEE45D6F03D7647851A20977A7D0, AFB1EA053CD4BCA903868896D020205D4C207C85314E6C56C4663922A3F9BD6A ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
10:56:23.0549 0x134c  MpFilter - ok
10:56:23.0555 0x134c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:56:23.0567 0x134c  mpio - ok
10:56:23.0571 0x134c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:56:23.0600 0x134c  mpsdrv - ok
10:56:23.0619 0x134c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:56:23.0664 0x134c  MpsSvc - ok
10:56:23.0671 0x134c  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:56:23.0687 0x134c  MRxDAV - ok
10:56:23.0694 0x134c  [ A3A4D13D413D4F39BE3AD4C59ECACDED, 0C4AF0A66E68233D76B958A9D99C09BFCADFB0347855FB6EA5CE3F4356542B83 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:56:23.0710 0x134c  mrxsmb - ok
10:56:23.0719 0x134c  [ 62C90A2C681A85B33E365D259B74EAC5, 510E5FD19AF98D9B56666F9AE3DAC89399677D51C48A3602A4C125EE12203621 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:56:23.0735 0x134c  mrxsmb10 - ok
10:56:23.0740 0x134c  [ 3751A25C842BDE4B7AF895F70A3EE3A2, 8C3DA4C03B88A0D860DBA907B115C2AE99D7F168DA7BB36A8D3C9F1D19678A8C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:56:23.0753 0x134c  mrxsmb20 - ok
10:56:23.0756 0x134c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:56:23.0766 0x134c  msahci - ok
10:56:23.0772 0x134c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:56:23.0784 0x134c  msdsm - ok
10:56:23.0789 0x134c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
10:56:23.0804 0x134c  MSDTC - ok
10:56:23.0810 0x134c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:56:23.0839 0x134c  Msfs - ok
10:56:23.0842 0x134c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:56:23.0870 0x134c  mshidkmdf - ok
10:56:23.0873 0x134c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:56:23.0882 0x134c  msisadrv - ok
10:56:23.0888 0x134c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:56:23.0920 0x134c  MSiSCSI - ok
10:56:23.0923 0x134c  msiserver - ok
10:56:23.0926 0x134c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:56:23.0954 0x134c  MSKSSRV - ok
10:56:23.0957 0x134c  [ C66FE30BBA4604A06EE9E4180ABE4BD9, 43E60C15C05FF19082142BB9D1F29D1B3269AD4A7FB32AF109AE63FE5A6AA0A9 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:56:23.0968 0x134c  MsMpSvc - ok
10:56:23.0971 0x134c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:56:23.0999 0x134c  MSPCLOCK - ok
10:56:24.0002 0x134c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:56:24.0031 0x134c  MSPQM - ok
10:56:24.0042 0x134c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:56:24.0058 0x134c  MsRPC - ok
10:56:24.0064 0x134c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
10:56:24.0074 0x134c  mssmbios - ok
10:56:24.0077 0x134c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:56:24.0104 0x134c  MSTEE - ok
10:56:24.0107 0x134c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
10:56:24.0117 0x134c  MTConfig - ok
10:56:24.0121 0x134c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:56:24.0131 0x134c  Mup - ok
10:56:24.0143 0x134c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:56:24.0179 0x134c  napagent - ok
10:56:24.0189 0x134c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:56:24.0209 0x134c  NativeWifiP - ok
10:56:24.0230 0x134c  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:56:24.0260 0x134c  NDIS - ok
10:56:24.0265 0x134c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:56:24.0293 0x134c  NdisCap - ok
10:56:24.0297 0x134c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:56:24.0324 0x134c  NdisTapi - ok
10:56:24.0328 0x134c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:56:24.0356 0x134c  Ndisuio - ok
10:56:24.0362 0x134c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:56:24.0391 0x134c  NdisWan - ok
10:56:24.0395 0x134c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:56:24.0422 0x134c  NDProxy - ok
10:56:24.0425 0x134c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:56:24.0453 0x134c  NetBIOS - ok
10:56:24.0461 0x134c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:56:24.0492 0x134c  NetBT - ok
10:56:24.0496 0x134c  [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] Netlogon        C:\Windows\system32\lsass.exe
10:56:24.0508 0x134c  Netlogon - ok
10:56:24.0518 0x134c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:56:24.0554 0x134c  Netman - ok
10:56:24.0560 0x134c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:56:24.0573 0x134c  NetMsmqActivator - ok
10:56:24.0578 0x134c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:56:24.0591 0x134c  NetPipeActivator - ok
10:56:24.0603 0x134c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:56:24.0641 0x134c  netprofm - ok
10:56:24.0647 0x134c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:56:24.0660 0x134c  NetTcpActivator - ok
10:56:24.0665 0x134c  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:56:24.0677 0x134c  NetTcpPortSharing - ok
10:56:24.0681 0x134c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
10:56:24.0691 0x134c  nfrd960 - ok
10:56:24.0697 0x134c  [ 6D79C8CB73187FBEAAD1F680FADF98D3, 0075B2CCC4FFF929023F95686D7BBE32C0FCE05DEB2159C0784AF85D64E1B66E ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:56:24.0711 0x134c  NisDrv - ok
10:56:24.0720 0x134c  [ B8F4F580638373FBF72F2B572446D294, A5CD9ABCA5CDC335D2C6FDCB81327B600150E45BB867B88859A00AF974B42F85 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
10:56:24.0739 0x134c  NisSrv - ok
10:56:24.0747 0x134c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:56:24.0768 0x134c  NlaSvc - ok
10:56:24.0772 0x134c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:56:24.0800 0x134c  Npfs - ok
10:56:24.0803 0x134c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
10:56:24.0833 0x134c  nsi - ok
10:56:24.0836 0x134c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:56:24.0865 0x134c  nsiproxy - ok
10:56:24.0903 0x134c  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:56:24.0948 0x134c  Ntfs - ok
10:56:24.0954 0x134c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:56:24.0982 0x134c  Null - ok
10:56:24.0989 0x134c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:56:25.0001 0x134c  nvraid - ok
10:56:25.0007 0x134c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:56:25.0020 0x134c  nvstor - ok
10:56:25.0025 0x134c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:56:25.0036 0x134c  nv_agp - ok
10:56:25.0041 0x134c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:56:25.0053 0x134c  ohci1394 - ok
10:56:25.0060 0x134c  [ 2D1931102E3FA5942DA27A8F3942418B, 30BAB70BA85274D373A11D41E8C20CB8556D7EF7FFFB8D82C88C4002CCA79B37 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:56:25.0075 0x134c  ose - ok
10:56:25.0180 0x134c  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:56:25.0300 0x134c  osppsvc - ok
10:56:25.0317 0x134c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:56:25.0337 0x134c  p2pimsvc - ok
10:56:25.0349 0x134c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:56:25.0368 0x134c  p2psvc - ok
10:56:25.0373 0x134c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
10:56:25.0385 0x134c  Parport - ok
10:56:25.0389 0x134c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:56:25.0399 0x134c  partmgr - ok
10:56:25.0406 0x134c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:56:25.0424 0x134c  PcaSvc - ok
10:56:25.0431 0x134c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
10:56:25.0443 0x134c  pci - ok
10:56:25.0446 0x134c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:56:25.0455 0x134c  pciide - ok
10:56:25.0462 0x134c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:56:25.0476 0x134c  pcmcia - ok
10:56:25.0480 0x134c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:56:25.0490 0x134c  pcw - ok
10:56:25.0506 0x134c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:56:25.0530 0x134c  PEAUTH - ok
10:56:25.0559 0x134c  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
10:56:25.0601 0x134c  PeerDistSvc - ok
10:56:25.0624 0x134c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:56:25.0635 0x134c  PerfHost - ok
10:56:25.0669 0x134c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
10:56:25.0727 0x134c  pla - ok
10:56:25.0740 0x134c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:56:25.0763 0x134c  PlugPlay - ok
10:56:25.0767 0x134c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:56:25.0778 0x134c  PNRPAutoReg - ok
10:56:25.0787 0x134c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:56:25.0804 0x134c  PNRPsvc - ok
10:56:25.0817 0x134c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:56:25.0853 0x134c  PolicyAgent - ok
10:56:25.0861 0x134c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
10:56:25.0892 0x134c  Power - ok
10:56:25.0898 0x134c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:56:25.0926 0x134c  PptpMiniport - ok
10:56:25.0931 0x134c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
10:56:25.0943 0x134c  Processor - ok
10:56:25.0951 0x134c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:56:25.0969 0x134c  ProfSvc - ok
10:56:25.0973 0x134c  [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:56:25.0983 0x134c  ProtectedStorage - ok
10:56:25.0990 0x134c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:56:26.0020 0x134c  Psched - ok
10:56:26.0053 0x134c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
10:56:26.0094 0x134c  ql2300 - ok
10:56:26.0102 0x134c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
10:56:26.0114 0x134c  ql40xx - ok
10:56:26.0123 0x134c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
10:56:26.0143 0x134c  QWAVE - ok
10:56:26.0147 0x134c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:56:26.0162 0x134c  QWAVEdrv - ok
10:56:26.0166 0x134c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:56:26.0194 0x134c  RasAcd - ok
10:56:26.0198 0x134c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:56:26.0226 0x134c  RasAgileVpn - ok
10:56:26.0231 0x134c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
10:56:26.0262 0x134c  RasAuto - ok
10:56:26.0267 0x134c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:56:26.0295 0x134c  Rasl2tp - ok
10:56:26.0304 0x134c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:56:26.0337 0x134c  RasMan - ok
10:56:26.0342 0x134c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:56:26.0373 0x134c  RasPppoe - ok
10:56:26.0378 0x134c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:56:26.0408 0x134c  RasSstp - ok
10:56:26.0417 0x134c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:56:26.0451 0x134c  rdbss - ok
10:56:26.0455 0x134c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:56:26.0468 0x134c  rdpbus - ok
10:56:26.0471 0x134c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:56:26.0500 0x134c  RDPCDD - ok
10:56:26.0509 0x134c  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
10:56:26.0526 0x134c  RDPDR - ok
10:56:26.0530 0x134c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:56:26.0561 0x134c  RDPENCDD - ok
10:56:26.0566 0x134c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:56:26.0595 0x134c  RDPREFMP - ok
10:56:26.0601 0x134c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:56:26.0615 0x134c  RdpVideoMiniport - ok
10:56:26.0624 0x134c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:56:26.0642 0x134c  RDPWD - ok
10:56:26.0649 0x134c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:56:26.0664 0x134c  rdyboost - ok
10:56:26.0670 0x134c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:56:26.0700 0x134c  RemoteAccess - ok
10:56:26.0707 0x134c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:56:26.0739 0x134c  RemoteRegistry - ok
10:56:26.0743 0x134c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:56:26.0773 0x134c  RpcEptMapper - ok
10:56:26.0776 0x134c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:56:26.0787 0x134c  RpcLocator - ok
10:56:26.0799 0x134c  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
10:56:26.0820 0x134c  RpcSs - ok
10:56:26.0825 0x134c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:56:26.0853 0x134c  rspndr - ok
10:56:26.0876 0x134c  [ F668E1FA742B84FEF0F25E8933BD0CC8, 9755826C8A472C342B4948D8D36D190E54DAD05188D4A6E05994ECE529B13CCD ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
10:56:26.0909 0x134c  RTL8167 - ok
10:56:26.0913 0x134c  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
10:56:26.0923 0x134c  s3cap - ok
10:56:26.0927 0x134c  [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] SamSs           C:\Windows\system32\lsass.exe
10:56:26.0938 0x134c  SamSs - ok
10:56:26.0943 0x134c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:56:26.0955 0x134c  sbp2port - ok
10:56:26.0962 0x134c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:56:26.0994 0x134c  SCardSvr - ok
10:56:26.0998 0x134c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:56:27.0025 0x134c  scfilter - ok
10:56:27.0050 0x134c  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
10:56:27.0088 0x134c  Schedule - ok
10:56:27.0095 0x134c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:56:27.0122 0x134c  SCPolicySvc - ok
10:56:27.0129 0x134c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:56:27.0146 0x134c  SDRSVC - ok
10:56:27.0150 0x134c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:56:27.0164 0x134c  secdrv - ok
10:56:27.0168 0x134c  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
10:56:27.0182 0x134c  seclogon - ok
10:56:27.0186 0x134c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
10:56:27.0215 0x134c  SENS - ok
10:56:27.0218 0x134c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:56:27.0233 0x134c  SensrSvc - ok
10:56:27.0236 0x134c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:56:27.0247 0x134c  Serenum - ok
10:56:27.0251 0x134c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:56:27.0263 0x134c  Serial - ok
10:56:27.0267 0x134c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
10:56:27.0278 0x134c  sermouse - ok
10:56:27.0287 0x134c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:56:27.0317 0x134c  SessionEnv - ok
10:56:27.0321 0x134c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:56:27.0333 0x134c  sffdisk - ok
10:56:27.0337 0x134c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:56:27.0350 0x134c  sffp_mmc - ok
10:56:27.0353 0x134c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:56:27.0365 0x134c  sffp_sd - ok
10:56:27.0369 0x134c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
10:56:27.0379 0x134c  sfloppy - ok
10:56:27.0391 0x134c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:56:27.0426 0x134c  SharedAccess - ok
10:56:27.0438 0x134c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:56:27.0474 0x134c  ShellHWDetection - ok
10:56:27.0479 0x134c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
10:56:27.0489 0x134c  SiSRaid2 - ok
10:56:27.0494 0x134c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:56:27.0505 0x134c  SiSRaid4 - ok
10:56:27.0515 0x134c  [ 3E98CE04689597C76B3EF4D3D0323836, F7FFF675066281190C236F2995EB003A1779231E5164EEE6BEE334A4240B1DF9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
10:56:27.0532 0x134c  SkypeUpdate - ok
10:56:27.0538 0x134c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:56:27.0569 0x134c  Smb - ok
10:56:27.0576 0x134c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:56:27.0588 0x134c  SNMPTRAP - ok
10:56:27.0591 0x134c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:56:27.0600 0x134c  spldr - ok
10:56:27.0615 0x134c  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
10:56:27.0654 0x134c  Spooler - ok
10:56:27.0729 0x134c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:56:27.0834 0x134c  sppsvc - ok
10:56:27.0844 0x134c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:56:27.0874 0x134c  sppuinotify - ok
10:56:27.0887 0x134c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:56:27.0910 0x134c  srv - ok
10:56:27.0921 0x134c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:56:27.0940 0x134c  srv2 - ok
10:56:27.0947 0x134c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:56:27.0961 0x134c  srvnet - ok
10:56:27.0968 0x134c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:56:28.0001 0x134c  SSDPSRV - ok
10:56:28.0006 0x134c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:56:28.0038 0x134c  SstpSvc - ok
10:56:28.0057 0x134c  [ BE826A247D22F2FDF24B92AD40049F89, 06996ECCE5A694DEFDC99DB56F45DD0ABD9A2150581F1FD132FBBD863C474DE3 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:56:28.0082 0x134c  Steam Client Service - ok
10:56:28.0087 0x134c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
10:56:28.0097 0x134c  stexstor - ok
10:56:28.0112 0x134c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:56:28.0140 0x134c  stisvc - ok
10:56:28.0145 0x134c  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
10:56:28.0155 0x134c  storflt - ok
10:56:28.0159 0x134c  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
10:56:28.0173 0x134c  StorSvc - ok
10:56:28.0178 0x134c  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
10:56:28.0187 0x134c  storvsc - ok
10:56:28.0190 0x134c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
10:56:28.0200 0x134c  swenum - ok
10:56:28.0213 0x134c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
10:56:28.0253 0x134c  swprv - ok
10:56:28.0290 0x134c  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
10:56:28.0433 0x134c  SysMain - ok
10:56:28.0441 0x134c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:56:28.0459 0x134c  TabletInputService - ok
10:56:28.0469 0x134c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:56:28.0503 0x134c  TapiSrv - ok
10:56:28.0545 0x134c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:56:28.0595 0x134c  Tcpip - ok
10:56:28.0638 0x134c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:56:28.0686 0x134c  TCPIP6 - ok
10:56:28.0695 0x134c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:56:28.0706 0x134c  tcpipreg - ok
10:56:28.0711 0x134c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:56:28.0725 0x134c  TDPIPE - ok
10:56:28.0728 0x134c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:56:28.0739 0x134c  TDTCP - ok
10:56:28.0745 0x134c  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:56:28.0757 0x134c  tdx - ok
10:56:28.0761 0x134c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
10:56:28.0772 0x134c  TermDD - ok
10:56:28.0789 0x134c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
10:56:28.0818 0x134c  TermService - ok
10:56:28.0823 0x134c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:56:28.0840 0x134c  Themes - ok
10:56:28.0845 0x134c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
10:56:28.0875 0x134c  THREADORDER - ok
10:56:28.0883 0x134c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:56:28.0915 0x134c  TrkWks - ok
10:56:28.0921 0x134c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:56:28.0952 0x134c  TrustedInstaller - ok
10:56:28.0958 0x134c  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:56:28.0972 0x134c  tssecsrv - ok
10:56:28.0976 0x134c  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:56:28.0990 0x134c  TsUsbFlt - ok
10:56:28.0993 0x134c  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
10:56:29.0006 0x134c  TsUsbGD - ok
10:56:29.0012 0x134c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:56:29.0041 0x134c  tunnel - ok
10:56:29.0045 0x134c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:56:29.0056 0x134c  uagp35 - ok
10:56:29.0066 0x134c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:56:29.0098 0x134c  udfs - ok
10:56:29.0105 0x134c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:56:29.0118 0x134c  UI0Detect - ok
10:56:29.0122 0x134c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:56:29.0131 0x134c  uliagpkx - ok
10:56:29.0136 0x134c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
10:56:29.0147 0x134c  umbus - ok
10:56:29.0150 0x134c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
10:56:29.0160 0x134c  UmPass - ok
10:56:29.0167 0x134c  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
10:56:29.0182 0x134c  UmRdpService - ok
10:56:29.0194 0x134c  [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
10:56:29.0211 0x134c  UMVPFSrv - ok
10:56:29.0222 0x134c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:56:29.0257 0x134c  upnphost - ok
10:56:29.0262 0x134c  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
10:56:29.0277 0x134c  USBAAPL64 - ok
10:56:29.0282 0x134c  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A, DE1CDDEEF2285CC8387E88ACB13C000576DC8819DF6DC648C988068B5C83BB15 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
10:56:29.0297 0x134c  usbaudio - ok
10:56:29.0302 0x134c  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829, 5D6E404FE0AB875202CA1A3E8E9D2F4368DF6ACCFA1C872ECFAF8399CBA3A485 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:56:29.0314 0x134c  usbccgp - ok
10:56:29.0319 0x134c  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:56:29.0333 0x134c  usbcir - ok
10:56:29.0337 0x134c  [ 74EE782B1D9C241EFE425565854C661C, E8258EA65B0FCAD4E077B176E9D9324646B652D6E651241E397346A39770D065 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
10:56:29.0348 0x134c  usbehci - ok
10:56:29.0353 0x134c  [ 5A4AC5D05A7C97C68596416C05D6F2B4, 1CDE5172B763D2D65379B9F3ABACC080AF676DB9354EC98A455E620C4CE3E18A ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
10:56:29.0362 0x134c  usbfilter - ok
10:56:29.0372 0x134c  [ DC96BD9CCB8403251BCF25047573558E, 66EBF8A6B3BC0634F32DDCC8BA31F1EB5987E8C6853E1DC26005E3EED0945565 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:56:29.0389 0x134c  usbhub - ok
10:56:29.0393 0x134c  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
10:56:29.0403 0x134c  usbohci - ok
10:56:29.0407 0x134c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
10:56:29.0420 0x134c  usbprint - ok
10:56:29.0425 0x134c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:56:29.0439 0x134c  USBSTOR - ok
10:56:29.0443 0x134c  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:56:29.0454 0x134c  usbuhci - ok
10:56:29.0458 0x134c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
10:56:29.0487 0x134c  UxSms - ok
10:56:29.0491 0x134c  [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] VaultSvc        C:\Windows\system32\lsass.exe
10:56:29.0501 0x134c  VaultSvc - ok
10:56:29.0505 0x134c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:56:29.0515 0x134c  vdrvroot - ok
10:56:29.0528 0x134c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
10:56:29.0566 0x134c  vds - ok
10:56:29.0571 0x134c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:56:29.0583 0x134c  vga - ok
10:56:29.0587 0x134c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:56:29.0614 0x134c  VgaSave - ok
10:56:29.0621 0x134c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:56:29.0634 0x134c  vhdmp - ok
10:56:29.0638 0x134c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:56:29.0647 0x134c  viaide - ok
10:56:29.0654 0x134c  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
10:56:29.0667 0x134c  vmbus - ok
10:56:29.0671 0x134c  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
10:56:29.0681 0x134c  VMBusHID - ok
10:56:29.0686 0x134c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:56:29.0696 0x134c  volmgr - ok
10:56:29.0707 0x134c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:56:29.0723 0x134c  volmgrx - ok
10:56:29.0732 0x134c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:56:29.0747 0x134c  volsnap - ok
10:56:29.0754 0x134c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
10:56:29.0766 0x134c  vsmraid - ok
10:56:29.0801 0x134c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
10:56:29.0864 0x134c  VSS - ok
10:56:29.0875 0x134c  [ 9B84E527379C3F4482F7F6A218B5751F, E00DAC7252D675F9E9F9531364CC74D02D72CE82B2C06DFCF70D8882DC6B3BF4 ] VUSB3HUB        C:\Windows\system32\DRIVERS\ViaHub3.sys
10:56:29.0893 0x134c  VUSB3HUB - ok
10:56:29.0897 0x134c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
10:56:29.0911 0x134c  vwifibus - ok
10:56:29.0922 0x134c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
10:56:29.0959 0x134c  W32Time - ok
10:56:29.0973 0x134c  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC           C:\Windows\system32\inetsrv\iisw3adm.dll
10:56:29.0993 0x134c  W3SVC - ok
10:56:29.0997 0x134c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
10:56:30.0008 0x134c  WacomPen - ok
10:56:30.0013 0x134c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:56:30.0041 0x134c  WANARP - ok
10:56:30.0045 0x134c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:56:30.0073 0x134c  Wanarpv6 - ok
10:56:30.0085 0x134c  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
10:56:30.0104 0x134c  WAS - ok
10:56:30.0137 0x134c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:56:30.0184 0x134c  wbengine - ok
10:56:30.0194 0x134c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:56:30.0213 0x134c  WbioSrvc - ok
10:56:30.0224 0x134c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:56:30.0245 0x134c  wcncsvc - ok
10:56:30.0250 0x134c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:56:30.0265 0x134c  WcsPlugInService - ok
10:56:30.0268 0x134c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
10:56:30.0277 0x134c  Wd - ok
10:56:30.0295 0x134c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:56:30.0322 0x134c  Wdf01000 - ok
10:56:30.0328 0x134c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:56:30.0344 0x134c  WdiServiceHost - ok
10:56:30.0349 0x134c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:56:30.0361 0x134c  WdiSystemHost - ok
10:56:30.0369 0x134c  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
10:56:30.0388 0x134c  WebClient - ok
10:56:30.0397 0x134c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:56:30.0430 0x134c  Wecsvc - ok
10:56:30.0435 0x134c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:56:30.0466 0x134c  wercplsupport - ok
10:56:30.0471 0x134c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:56:30.0501 0x134c  WerSvc - ok
10:56:30.0504 0x134c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:56:30.0531 0x134c  WfpLwf - ok
10:56:30.0535 0x134c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:56:30.0548 0x134c  WIMMount - ok
10:56:30.0556 0x134c  WinDefend - ok
10:56:30.0558 0x1abc  Object required for P2P: [ DA0FAEE45D6F03D7647851A20977A7D0 ] MpFilter
10:56:30.0562 0x134c  WinHttpAutoProxySvc - ok
10:56:30.0575 0x134c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:56:30.0610 0x134c  Winmgmt - ok
10:56:30.0655 0x134c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
10:56:30.0716 0x134c  WinRM - ok
10:56:30.0726 0x134c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:56:30.0739 0x134c  WinUsb - ok
10:56:30.0760 0x134c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:56:30.0793 0x134c  Wlansvc - ok
10:56:30.0798 0x134c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:56:30.0809 0x134c  WmiAcpi - ok
10:56:30.0817 0x134c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:56:30.0832 0x134c  wmiApSrv - ok
10:56:30.0835 0x134c  WMPNetworkSvc - ok
10:56:30.0839 0x134c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:56:30.0854 0x134c  WPCSvc - ok
10:56:30.0860 0x134c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:56:30.0874 0x134c  WPDBusEnum - ok
10:56:30.0879 0x134c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:56:30.0909 0x134c  ws2ifsl - ok
10:56:30.0915 0x134c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
10:56:30.0932 0x134c  wscsvc - ok
10:56:30.0937 0x134c  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
10:56:30.0950 0x134c  WSDPrintDevice - ok
10:56:30.0953 0x134c  WSearch - ok
10:56:31.0012 0x134c  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:56:31.0081 0x134c  wuauserv - ok
10:56:31.0090 0x134c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:56:31.0105 0x134c  WudfPf - ok
10:56:31.0111 0x134c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:56:31.0125 0x134c  WUDFRd - ok
10:56:31.0130 0x134c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:56:31.0143 0x134c  wudfsvc - ok
10:56:31.0151 0x134c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:56:31.0169 0x134c  WwanSvc - ok
10:56:31.0179 0x134c  [ 05E47B40CE30DEEF07E49B41178B3273, 1504C086E46ADC020D2C600393F5A58656BBC8885FA8777F307F0A9F2F1E8465 ] xhcdrv          C:\Windows\system32\DRIVERS\xhcdrv.sys
10:56:31.0197 0x134c  xhcdrv - ok
10:56:31.0201 0x134c  ================ Scan global ===============================
10:56:31.0204 0x134c  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
10:56:31.0211 0x134c  [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
10:56:31.0222 0x134c  [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
10:56:31.0230 0x134c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:56:31.0239 0x134c  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
10:56:31.0246 0x134c  [ Global ] - ok
10:56:31.0246 0x134c  ================ Scan MBR ==================================
10:56:31.0248 0x134c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:56:31.0314 0x134c  \Device\Harddisk0\DR0 - ok
10:56:31.0314 0x134c  ================ Scan VBR ==================================
10:56:31.0316 0x134c  [ 1657A05D297BC85A388212388AB7FBEA ] \Device\Harddisk0\DR0\Partition1
10:56:31.0317 0x134c  \Device\Harddisk0\DR0\Partition1 - ok
10:56:31.0317 0x134c  ================ Scan generic autorun ======================
10:56:31.0344 0x134c  [ DD7B4F9E6B71A599FEF4BD9DA0AE57C2, 6B22356F74F7ED069A3FC39C62326AA98A70D0E860A2EB29A6C46F4077FB567A ] c:\Program Files\Microsoft Security Client\msseces.exe
10:56:31.0383 0x134c  MSC - ok
10:56:31.0391 0x134c  [ 404A6E6550DB206EA6E9B1AC642102B2, 33CAF3CDEF820DFC97844BBCA56B95B6D31D1C682C69A29D14F7A0C9058AC8EF ] C:\Program Files\iTunes\iTunesHelper.exe
10:56:31.0403 0x134c  iTunesHelper - ok
10:56:31.0531 0x134c  [ E7079E1F6631F12750B7708FB8F5D007, E4CB290D7AF6A28C02A26221618B83C29DD86BF9B26460B91FD42F4C7DEE4218 ] C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
10:56:31.0670 0x134c  StartCN - ok
10:56:31.0712 0x134c  [ 69A649BFBD52265A71A26C17899EA287, 4C96F09BD69FAAAF3467BDF3883BE63651EA2EB9447E6CE28BCD7BF9EB9E17B5 ] C:\Program Files (x86)\SPEEDLINK\SPEEDLINK PRIME Gaming Mouse\Gaming Mouse.exe
10:56:31.0746 0x134c  SPEEDLINK KUDOS - detected UnsignedFile.Multi.Generic ( 1 )
10:56:32.0992 0x1abc  Object send P2P result: true
10:56:32.0996 0x1abc  Object required for P2P: [ 6D79C8CB73187FBEAAD1F680FADF98D3 ] NisDrv
10:56:34.0067 0x134c  SPEEDLINK KUDOS ( UnsignedFile.Multi.Generic ) - warning
10:56:35.0411 0x1abc  Object send P2P result: true
10:56:35.0421 0x1abc  Object required for P2P: [ 3E98CE04689597C76B3EF4D3D0323836 ] SkypeUpdate
10:56:36.0429 0x134c  [ 1504D15BCD8D3EC9C08F7BCB394CE5E2, 6B150B4819D9F7DF6893463986DB59ADDF71A05E03F10C2F59462480EF9486F4 ] C:\Program Files (x86)\Skiller PRO\Monitor.exe
10:56:36.0443 0x134c  Skiller PRO - detected UnsignedFile.Multi.Generic ( 1 )
10:56:37.0836 0x1abc  Object send P2P result: true
10:56:38.0768 0x134c  Detect skipped due to KSN trusted
10:56:38.0768 0x134c  Skiller PRO - ok
10:56:38.0768 0x134c  Sidebar - ok
10:56:38.0773 0x134c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:56:38.0789 0x134c  mctadmin - ok
10:56:38.0789 0x134c  Sidebar - ok
10:56:38.0794 0x134c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:56:38.0809 0x134c  mctadmin - ok
10:56:38.0857 0x134c  [ 8E3A4D64A060C5CAA90F3B0C15A7DFE9, 62CEE1449AF368A5FA16DDF9690526965C32979564CF66BD8B3BB534110A910C ] C:\Users\Thomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe
10:56:38.0895 0x134c  Spotify Web Helper - ok
10:56:38.0957 0x134c  [ 341ADA552AAC541FD34C262296C256EE, 32672460EDDD46550955508343904705D8F26E10F713E3CACDC84689567A9ECF ] C:\Program Files (x86)\Steam\steam.exe
10:56:39.0031 0x134c  Steam - ok
10:56:39.0058 0x134c  [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\Thomas\AppData\Local\FluxSoftware\Flux\flux.exe
10:56:39.0090 0x134c  f.lux - ok
10:56:39.0091 0x134c  Waiting for KSN requests completion. In queue: 5
10:56:40.0092 0x134c  Waiting for KSN requests completion. In queue: 5
10:56:41.0092 0x134c  Waiting for KSN requests completion. In queue: 5
10:56:41.0413 0x1370  Object required for P2P: [ 8E3A4D64A060C5CAA90F3B0C15A7DFE9 ] C:\Users\Thomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe
10:56:42.0092 0x134c  Waiting for KSN requests completion. In queue: 3
10:56:43.0092 0x134c  Waiting for KSN requests completion. In queue: 3
10:56:43.0841 0x1370  Object send P2P result: true
10:56:43.0841 0x1370  Object required for P2P: [ 341ADA552AAC541FD34C262296C256EE ] C:\Program Files (x86)\Steam\steam.exe
10:56:44.0092 0x134c  Waiting for KSN requests completion. In queue: 2
10:56:45.0092 0x134c  Waiting for KSN requests completion. In queue: 2
10:56:46.0092 0x134c  Waiting for KSN requests completion. In queue: 2
10:56:46.0281 0x1370  Object send P2P result: true
10:56:47.0101 0x134c  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.9.218.0 ), 0x61000 ( enabled : updated )
10:56:47.0104 0x134c  Win FW state via NFP2: enabled ( trusted )
10:56:49.0449 0x134c  ============================================================
10:56:49.0449 0x134c  Scan finished
10:56:49.0449 0x134c  ============================================================
10:56:49.0455 0x12ac  Detected object count: 2
10:56:49.0455 0x12ac  Actual detected object count: 2
10:57:19.0472 0x12ac  amdacpusrsvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:57:19.0473 0x12ac  amdacpusrsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:57:19.0473 0x12ac  SPEEDLINK KUDOS ( UnsignedFile.Multi.Generic ) - skipped by user
10:57:19.0474 0x12ac  SPEEDLINK KUDOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
__________________
Alt 29.05.2016, 19:04   #3
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
PC führt Programme zT wahllos aus/nicht aus - Standard

PC führt Programme zT wahllos aus/nicht aus




Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.


Los geht's:

Bitte FRST-Scan im Normal-Modus:

Schritt 1



Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________
__________________
Alt 29.05.2016, 20:41   #4
Zoidbarg
 
PC führt Programme zT wahllos aus/nicht aus - Standard

PC führt Programme zT wahllos aus/nicht aus


Könnte ich nochmal den Link für das Programm erhalten?

Alt 29.05.2016, 20:49   #5
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
PC führt Programme zT wahllos aus/nicht aus - Standard

PC führt Programme zT wahllos aus/nicht aus


Klaro.

Schritt 1



Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 30.05.2016, 17:53   #6
Zoidbarg
 
PC führt Programme zT wahllos aus/nicht aus - Standard

PC führt Programme zT wahllos aus/nicht aus


Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-05-2016 02
durchgeführt von Thomas (Administrator) auf THOMAS-PC (30-05-2016 18:52:05)
Gestartet von C:\Users\Thomas\Downloads
Geladene Profile: Thomas (Verfügbare Profile: Thomas)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Spotify Ltd) C:\Users\Thomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Flux Software LLC) C:\Users\Thomas\AppData\Local\FluxSoftware\Flux\flux.exe
() C:\Program Files (x86)\SPEEDLINK\SPEEDLINK PRIME Gaming Mouse\Gaming Mouse.exe
(Sharkoon Technologies) C:\Program Files (x86)\Skiller PRO\Monitor.EXE
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
() C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.223.127.0.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-05-11] (Apple Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6564552 2016-05-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SPEEDLINK KUDOS] => C:\Program Files (x86)\SPEEDLINK\SPEEDLINK PRIME Gaming Mouse\Gaming Mouse.exe [1470464 2012-03-08] ()
HKLM-x32\...\Run: [Skiller PRO] => C:\Program Files (x86)\Skiller PRO\Monitor.exe [475136 2015-07-17] (Sharkoon Technologies)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Run: [Spotify Web Helper] => C:\Users\Thomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-05-11] (Spotify Ltd)
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Run: [f.lux] => C:\Users\Thomas\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{7F44B7C4-C23C-4E67-B9AC-3F19997CD50C}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-05-02] (Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-05-02] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-02] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-05-02] (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-05-02] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)

FireFox:
========
FF ProfilePath: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default
FF Homepage: hxxps://www.reddit.com/
FF NetworkProxy: "proxy_over_tls", false
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-05-02] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-05-02] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Extension: Reddit Enhancement Suite - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2016-04-06]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2016-05-18]
FF Extension: Adblock Plus - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-01]

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.twitch.tv/directory/following
CHR StartupUrls: Default -> "hxxps://www.twitch.tv/directory/following"
CHR Profile: C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-17]
CHR Extension: (Google Docs) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-17]
CHR Extension: (Google Drive) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-17]
CHR Extension: (YouTube) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-17]
CHR Extension: (Google Tabellen) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-17]
CHR Extension: (Google Docs Offline) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17]
CHR Extension: (Google Mail) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-17]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-05-20] (Advanced Micro Devices) [Datei ist nicht signiert]
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-01-08] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2911472 2016-05-02] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-29] (Digital Wave Ltd.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [296648 2016-05-20] (Advanced Micro Devices)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [59624 2014-01-08] (Advanced Micro Devices)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2014-10-31] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [305664 2014-10-31] (VIA Technologies, Inc.)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-30 18:52 - 2016-05-30 18:52 - 00015200 _____ C:\Users\Thomas\Downloads\FRST.txt
2016-05-30 18:51 - 2016-05-30 18:51 - 02383872 _____ (Farbar) C:\Users\Thomas\Downloads\FRST64.exe
2016-05-29 23:03 - 2016-05-29 23:03 - 00000000 ____D C:\Users\Thomas\Documents\League of Legends
2016-05-28 13:57 - 2016-05-28 13:57 - 00006663 _____ C:\Users\Thomas\Downloads\Muster-Anschreiben-Naturwissenschaftler.pdf
2016-05-28 13:48 - 2016-05-28 13:48 - 00013077 _____ C:\Users\Thomas\Downloads\studentenjob_musteranschreiben.pdf
2016-05-27 15:23 - 2016-05-27 15:23 - 00003011 _____ C:\Users\Thomas\Downloads\TwitchHTML5-master.zip
2016-05-27 10:55 - 2016-05-27 10:58 - 00203436 _____ C:\TDSSKiller.3.1.0.9_27.05.2016_10.55.22_log.txt
2016-05-27 10:54 - 2016-05-27 10:55 - 00202236 _____ C:\TDSSKiller.3.1.0.9_27.05.2016_10.54.18_log.txt
2016-05-27 10:42 - 2016-05-27 10:42 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Thomas\Downloads\tdsskiller.exe
2016-05-24 16:48 - 2016-05-24 16:48 - 02684989 _____ C:\Users\Thomas\Downloads\Proteine.zip
2016-05-24 16:48 - 2016-05-24 16:48 - 00012930 _____ C:\Users\Thomas\Downloads\Aminosauren.zip
2016-05-24 16:47 - 2016-05-24 16:48 - 00051960 _____ C:\Users\Thomas\Downloads\DNA.zip
2016-05-24 16:15 - 2016-05-24 21:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-05-20 23:48 - 2016-05-20 23:48 - 00141280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2016-05-20 23:48 - 2016-05-20 23:48 - 00122704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00150544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00141280 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00125288 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2016-05-20 23:46 - 2016-05-20 23:46 - 09798560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2016-05-20 23:46 - 2016-05-20 23:46 - 08577456 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2016-05-20 23:44 - 2016-05-20 23:44 - 00296648 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2016-05-20 23:41 - 2016-05-20 23:41 - 27015680 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2016-05-20 23:35 - 2016-05-20 23:35 - 48616960 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2016-05-20 23:35 - 2016-05-20 23:35 - 00252928 _____ C:\Windows\system32\clinfo.exe
2016-05-20 23:34 - 2016-05-20 23:34 - 38098432 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2016-05-20 23:33 - 2016-05-20 23:33 - 00096256 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-05-20 23:33 - 2016-05-20 23:33 - 00087040 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-05-20 23:32 - 2016-05-20 23:32 - 27433472 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2016-05-20 23:31 - 2016-05-20 23:31 - 21600768 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2016-05-20 23:30 - 2016-05-20 23:30 - 08699392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2016-05-20 23:26 - 2016-05-20 23:26 - 06951424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2016-05-20 23:14 - 2016-05-20 23:14 - 30188032 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2016-05-20 23:13 - 2016-05-20 23:13 - 00730112 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2016-05-20 23:13 - 2016-05-20 23:13 - 00605696 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2016-05-20 23:12 - 2016-05-20 23:12 - 06965248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2016-05-20 23:12 - 2016-05-20 23:12 - 00142336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2016-05-20 23:12 - 2016-05-20 23:12 - 00117760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 05643776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 00716128 _____ C:\Windows\SysWOW64\atiapfxx.blb
2016-05-20 23:09 - 2016-05-20 23:09 - 00716128 _____ C:\Windows\system32\atiapfxx.blb
2016-05-20 23:09 - 2016-05-20 23:09 - 00385536 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2016-05-20 23:09 - 2016-05-20 23:09 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2016-05-20 23:08 - 2016-05-20 23:08 - 15711744 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2016-05-20 23:08 - 2016-05-20 23:08 - 14302720 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 24836096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 00113152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 00092160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 00038400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2016-05-20 23:04 - 2016-05-20 23:04 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2016-05-20 23:02 - 2016-05-20 23:02 - 00588288 _____ (AMD) C:\Windows\system32\atieclxx.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2016-05-20 23:02 - 2016-05-20 23:02 - 00306688 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00274432 _____ C:\Windows\system32\dgtrayicon.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00258560 _____ C:\Windows\system32\GameManager64.dll
2016-05-20 23:02 - 2016-05-20 23:02 - 00230912 _____ C:\Windows\system32\amdgfxinfo64.dll
2016-05-20 23:02 - 2016-05-20 23:02 - 00212480 _____ C:\Windows\system32\atieah64.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00202752 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2016-05-20 23:02 - 2016-05-20 23:02 - 00190464 _____ C:\Windows\SysWOW64\atieah32.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00093696 _____ (AMD) C:\Windows\system32\atimuixx.dll
2016-05-20 23:01 - 2016-05-20 23:01 - 00270336 _____ (AMD) C:\Windows\system32\atitmm64.dll
2016-05-20 22:59 - 2016-05-20 22:59 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2016-05-20 22:57 - 2016-05-20 22:57 - 01304576 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00973824 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00973824 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00498176 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2016-05-20 22:57 - 2016-05-20 22:57 - 00185344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00159232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00119808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00106496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00101376 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2016-05-20 22:56 - 2016-05-20 22:56 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2016-05-20 22:55 - 2016-05-20 22:55 - 00251392 _____ C:\Windows\system32\hsa-thunk64.dll
2016-05-20 22:55 - 2016-05-20 22:55 - 00217088 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2016-05-20 17:21 - 2016-05-20 17:21 - 02412544 _____ C:\Windows\system32\amdacpusl.pdb
2016-05-20 17:12 - 2016-05-20 17:12 - 00364544 _____ (Advanced Micro Devices) C:\Windows\system32\amdacpusl.dll
2016-05-20 17:12 - 2016-05-20 17:12 - 00306176 _____ C:\Windows\system32\amdacpusl.pdb.pub
2016-05-20 17:12 - 2016-05-20 17:12 - 00248832 _____ (Advanced Micro Devices) C:\Windows\SysWOW64\amdacpusl.dll
2016-05-18 20:03 - 2016-04-14 18:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-05-18 20:03 - 2016-04-14 18:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-05-18 20:03 - 2016-04-14 18:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-05-18 20:03 - 2016-04-14 18:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-05-18 20:03 - 2016-04-14 18:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-05-18 20:03 - 2016-04-14 18:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-05-18 20:03 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-05-18 20:03 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-05-18 20:03 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-05-18 20:03 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-05-18 20:03 - 2016-04-14 17:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-05-18 20:03 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-05-18 20:03 - 2016-04-12 03:23 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-05-18 20:03 - 2016-04-12 03:23 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-18 20:03 - 2016-04-12 03:20 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-05-18 20:03 - 2016-04-12 03:01 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-05-18 20:03 - 2016-04-12 03:01 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-18 20:03 - 2016-04-12 03:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-05-18 20:03 - 2016-04-12 02:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-18 20:03 - 2016-04-12 02:43 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-18 20:03 - 2016-04-12 02:43 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-18 20:03 - 2016-04-12 02:43 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-18 20:03 - 2016-04-12 02:42 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-18 20:03 - 2016-04-12 02:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-05-18 20:03 - 2016-04-12 02:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-05-18 20:03 - 2016-04-09 08:58 - 14186496 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-05-18 20:03 - 2016-04-09 08:57 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-05-18 20:03 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-05-18 20:03 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-05-18 20:03 - 2016-04-09 07:53 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-05-18 20:03 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-05-18 18:32 - 2016-05-18 18:32 - 00000000 ____D C:\Users\Thomas\Documents\UnrealTournament
2016-05-18 18:32 - 2016-05-18 18:32 - 00000000 ____D C:\Users\Thomas\AppData\Local\UnrealTournament
2016-05-18 17:14 - 2016-05-18 18:48 - 00000000 ____D C:\Program Files\Epic Games
2016-05-18 17:04 - 2016-05-18 17:04 - 00000000 ____D C:\Users\Thomas\AppData\Local\UnrealEngineLauncher
2016-05-18 17:03 - 2016-05-18 17:03 - 00000000 ____D C:\Users\Thomas\AppData\Local\UnrealEngine
2016-05-18 17:03 - 2016-05-18 17:03 - 00000000 ____D C:\Users\Thomas\AppData\Local\EpicGamesLauncher
2016-05-18 17:02 - 2016-05-18 17:05 - 00002517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2016-05-18 17:02 - 2016-05-18 17:05 - 00002505 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2016-05-18 17:02 - 2016-05-18 17:04 - 00000000 ____D C:\ProgramData\Epic
2016-05-18 17:02 - 2016-05-18 17:02 - 00000000 ____D C:\Program Files (x86)\Epic Games
2016-05-18 17:01 - 2016-05-18 17:01 - 33619968 _____ C:\Users\Thomas\Downloads\EpicGamesLauncherInstaller-2.11.9-2970807.msi
2016-05-17 20:38 - 2016-05-17 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-05-17 20:38 - 2016-05-17 20:38 - 00000000 ____D C:\Program Files\iTunes
2016-05-17 20:38 - 2016-05-17 20:38 - 00000000 ____D C:\Program Files\iPod
2016-05-17 20:38 - 2016-05-17 20:38 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-05-16 20:25 - 2016-05-16 20:27 - 63261230 _____ C:\Users\Thomas\Downloads\Fest & Flauschig - Aufbau West mit Olli Schulz und Jan Böhmermann.m4a
2016-05-15 00:14 - 2016-05-15 00:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-15 00:07 - 2016-05-15 00:08 - 22851472 _____ (Malwarebytes ) C:\Users\Thomas\Downloads\mbam-setup-computerbild.8000-2.2.1.1043.exe
2016-05-15 00:02 - 2016-05-15 00:02 - 00985600 _____ C:\Users\Thomas\Downloads\MicrosoftFixit50123.msi
2016-05-14 18:41 - 2016-05-14 18:41 - 01622481 _____ C:\Users\Thomas\Downloads\Dissertation_R_Nobis_ThULB.pdf
2016-05-14 13:18 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-14 13:18 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-14 13:18 - 2015-12-20 20:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-05-14 13:18 - 2015-12-20 20:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-05-14 13:18 - 2015-12-20 16:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-05-14 13:18 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-05-14 13:18 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2016-05-14 13:18 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2016-05-14 13:18 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-05-14 13:18 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2016-05-14 13:18 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2016-05-14 13:18 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2016-05-14 13:18 - 2014-12-11 19:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2016-05-14 13:18 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-05-14 13:18 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-05-14 13:18 - 2012-06-01 07:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2016-05-14 13:18 - 2012-06-01 07:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2016-05-14 13:18 - 2012-06-01 07:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2016-05-14 13:18 - 2012-06-01 07:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2016-05-14 13:18 - 2012-06-01 07:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2016-05-14 13:18 - 2012-06-01 07:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2016-05-14 13:18 - 2012-06-01 06:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2016-05-14 13:18 - 2012-06-01 06:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2016-05-14 13:18 - 2012-06-01 06:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2016-05-14 13:18 - 2012-06-01 06:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2016-05-14 13:18 - 2012-06-01 06:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2016-05-14 13:18 - 2012-06-01 06:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2016-05-14 13:17 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-14 13:17 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-14 00:33 - 2015-11-10 20:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-05-14 00:33 - 2015-11-10 20:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-05-14 00:33 - 2015-11-10 20:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-05-14 00:33 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-05-14 00:33 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-05-14 00:28 - 2015-12-08 23:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-05-14 00:28 - 2015-12-08 21:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-05-14 00:28 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-05-14 00:28 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-05-14 00:01 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2016-05-14 00:01 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-05-14 00:01 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-05-14 00:01 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2016-05-14 00:01 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2016-05-14 00:01 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2016-05-14 00:01 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2016-05-14 00:01 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2016-05-14 00:01 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2016-05-14 00:01 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2016-05-14 00:00 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2016-05-14 00:00 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2016-05-14 00:00 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2016-05-14 00:00 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2016-05-13 23:59 - 2016-05-13 23:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-05-13 23:59 - 2016-05-13 23:59 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-05-13 23:59 - 2016-05-13 23:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-05-13 23:56 - 2015-12-16 20:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-05-13 23:56 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-05-13 23:56 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-05-13 23:56 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-05-13 23:56 - 2015-12-16 20:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-05-13 23:56 - 2015-12-16 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-05-13 23:56 - 2015-12-16 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-05-13 23:56 - 2015-12-16 20:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-05-13 23:56 - 2015-12-16 16:38 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2016-05-13 23:56 - 2015-12-16 16:37 - 00419928 _____ C:\Windows\system32\locale.nls
2016-05-13 23:56 - 2015-08-05 19:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2016-05-13 23:56 - 2015-08-05 19:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-05-13 23:54 - 2016-03-09 21:00 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-05-13 23:54 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-05-13 23:54 - 2016-03-09 20:40 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-05-13 23:54 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-05-13 23:49 - 2016-05-13 23:53 - 00000000 ____D C:\Windows\system32\MRT
2016-05-13 23:49 - 2016-05-13 23:49 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-13 23:28 - 2016-05-13 23:28 - 00000000 ____D C:\Windows\SysWOW64\BestPractices
2016-05-13 23:28 - 2016-05-13 23:28 - 00000000 ____D C:\Windows\system32\BestPractices
2016-05-13 23:28 - 2016-05-13 23:28 - 00000000 ____D C:\inetpub
2016-05-13 11:35 - 2016-05-26 17:58 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-13 11:35 - 2016-05-26 17:58 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-11 23:37 - 2016-05-11 23:37 - 00000000 ____D C:\Users\Thomas\AppData\Local\GWX
2016-05-11 14:13 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-11 14:13 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-11 14:13 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-11 14:13 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-11 14:13 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-11 14:13 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-05-11 14:13 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-05-11 14:13 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-05-11 14:13 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-11 14:13 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-11 14:13 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-11 14:13 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-11 14:13 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-11 14:13 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-11 14:13 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-11 14:13 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-05-11 14:13 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-05-11 14:13 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-05-11 14:13 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-05-11 14:13 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-11 14:13 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-05-11 14:13 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-05-11 13:27 - 2016-05-11 13:27 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\library_dir
2016-05-11 12:47 - 2016-05-30 18:52 - 00000000 ____D C:\FRST
2016-05-11 12:18 - 2016-05-11 12:45 - 00001536 _____ C:\Users\Thomas\Desktop\JRT.txt
2016-05-11 12:16 - 2016-05-11 12:44 - 00000000 ____D C:\AdwCleaner
2016-05-11 11:03 - 2016-05-11 11:03 - 00000000 ____D C:\Program Files (x86)\ESET
2016-05-11 00:41 - 2016-05-11 00:41 - 00096256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2016-05-11 00:40 - 2016-05-11 00:40 - 00103424 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2016-05-11 00:36 - 2016-05-20 23:12 - 00865280 _____ (AMD) C:\Windows\system32\coinst_16.20.dll
2016-05-11 00:36 - 2016-05-11 00:36 - 00865280 _____ (AMD) C:\Windows\system32\SETE622.tmp
2016-05-10 23:37 - 2016-05-24 13:56 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-05-10 23:06 - 2016-05-13 23:13 - 00967006 _____ C:\Windows\ntbtlog.txt
2016-05-09 07:05 - 2016-05-09 07:05 - 00874790 _____ C:\Windows\system32\amdicdxx.dat
2016-05-08 12:49 - 2016-05-08 12:49 - 00000000 ___HD C:\ProgramData\CanonIJETV
2016-05-08 12:49 - 2016-05-08 12:49 - 00000000 ____D C:\Program Files (x86)\Canon
2016-05-08 12:14 - 2016-05-08 12:14 - 00000000 ____H C:\Users\Thomas\Documents\Default.rdp
2016-05-07 13:23 - 2016-05-07 13:23 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\WinRAR
2016-05-07 12:51 - 2016-05-11 11:04 - 00000000 ___RD C:\Users\Thomas\Documents\Scanned Documents
2016-05-07 12:51 - 2016-05-07 12:51 - 00000000 ____D C:\Users\Thomas\Documents\Fax
2016-05-06 22:45 - 2016-05-06 22:45 - 00368416 _____ C:\Windows\system32\ativvaxy_el_nd.dat
2016-05-06 16:11 - 2016-05-07 11:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-01 15:50 - 2016-05-24 22:07 - 00000000 ____D C:\Users\Thomas\Desktop\Rea

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-30 18:51 - 2016-04-06 21:40 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-30 18:51 - 2016-04-06 20:55 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\TS3Client
2016-05-30 18:39 - 2011-04-12 09:43 - 01335862 _____ C:\Windows\system32\perfh007.dat
2016-05-30 18:39 - 2011-04-12 09:43 - 00343982 _____ C:\Windows\system32\perfc007.dat
2016-05-30 18:39 - 2009-07-14 07:13 - 00006408 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-30 18:35 - 2016-04-17 15:03 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-30 18:35 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-30 00:20 - 2016-04-07 15:20 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-05-30 00:14 - 2016-04-17 15:03 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-30 00:08 - 2016-04-10 00:44 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-29 23:25 - 2016-04-17 20:58 - 00000000 ____D C:\Users\Thomas\AppData\LocalLow\Temp
2016-05-29 22:36 - 2016-04-06 22:57 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Skype
2016-05-29 22:28 - 2009-07-14 06:45 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-29 22:28 - 2009-07-14 06:45 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-28 11:45 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-05-25 17:21 - 2016-04-06 21:49 - 00004230 _____ C:\Windows\System32\Tasks\AMD Updater
2016-05-25 17:02 - 2016-04-06 21:43 - 00000000 ____D C:\Program Files (x86)\AMD
2016-05-25 17:02 - 2016-04-06 21:42 - 00000000 ____D C:\Program Files\AMD
2016-05-25 17:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-25 17:00 - 2016-04-06 21:40 - 00000000 ____D C:\AMD
2016-05-25 16:18 - 2016-04-06 20:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-23 19:53 - 2016-04-06 21:29 - 00000000 ____D C:\Users\Thomas\AppData\Local\Spotify
2016-05-23 19:53 - 2016-04-06 21:28 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Spotify
2016-05-22 22:05 - 2016-04-07 16:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-20 23:47 - 2016-04-04 06:16 - 00166488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2016-05-20 23:47 - 2016-04-04 06:16 - 00137136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 10694160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 08876704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 08865344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 01511680 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 01242832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 00123776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2016-05-20 23:46 - 2016-04-04 06:15 - 06999496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2016-05-20 23:02 - 2016-04-04 03:57 - 00223744 _____ C:\Windows\SysWOW64\GameManager32.dll
2016-05-19 14:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-05-18 17:04 - 2016-04-06 21:14 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-18 14:11 - 2016-04-17 19:59 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-18 14:10 - 2016-04-17 19:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-05-17 21:05 - 2014-01-11 18:52 - 00000000 ____D C:\Users\Thomas\Desktop\#I so'n Shit
2016-05-17 20:38 - 2016-04-06 21:21 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-05-17 14:19 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-05-16 20:25 - 2016-04-16 17:36 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\DVDVideoSoft
2016-05-14 23:29 - 2009-07-14 06:45 - 00424696 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-14 23:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2016-05-14 23:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2016-05-14 02:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-05-13 23:28 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-05-13 23:18 - 2014-08-09 16:19 - 00000000 ___RD C:\Users\Thomas\Dropbox
2016-05-13 23:14 - 2016-04-06 21:53 - 00000000 ____D C:\Users\Thomas\AppData\Local\ElevatedDiagnostics
2016-05-13 11:35 - 2016-04-10 15:23 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-13 01:15 - 2016-04-17 15:04 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-13 01:08 - 2016-04-10 00:44 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 01:08 - 2016-04-10 00:44 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 01:08 - 2016-04-10 00:44 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-12 22:54 - 2016-04-06 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-05-11 14:09 - 2016-04-17 15:03 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 14:09 - 2016-04-17 15:03 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-11 11:46 - 2016-04-08 16:36 - 00000000 ____D C:\Users\Thomas\AppData\Local\Apps\2.0
2016-05-11 11:45 - 2016-04-09 11:54 - 00000000 ____D C:\Users\Thomas\AppData\Local\Downloaded Installations
2016-05-11 11:42 - 2016-04-06 21:00 - 00000000 ____D C:\60123cffff02c322a6
2016-05-11 01:09 - 2016-04-04 06:16 - 00166488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETDE39.tmp
2016-05-11 01:09 - 2016-04-04 06:16 - 00137136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETE3C5.tmp
2016-05-11 01:09 - 2016-04-04 06:15 - 08873608 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETD911.tmp
2016-05-11 01:09 - 2016-04-04 06:15 - 08865344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETD679.tmp
2016-05-11 01:09 - 2016-04-04 06:15 - 06999496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETD5EA.tmp
2016-05-11 01:09 - 2016-04-04 06:15 - 01510144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETDEAA.tmp
2016-05-11 01:09 - 2016-04-04 06:15 - 01241296 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETDEDB.tmp
2016-05-11 01:09 - 2016-04-04 06:15 - 00123776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\SETE384.tmp
2016-05-11 00:27 - 2016-04-04 03:57 - 00223744 _____ C:\Windows\SysWOW64\SETDCF7.tmp
2016-05-10 20:25 - 2016-04-07 16:27 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-08 12:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-04-06 21:12 - 2016-04-06 21:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Thomas\AppData\Local\Temp\libeay32.dll
C:\Users\Thomas\AppData\Local\Temp\msvcr120.dll
C:\Users\Thomas\AppData\Local\Temp\playstv_patch.exe
C:\Users\Thomas\AppData\Local\Temp\raptrpatch.exe
C:\Users\Thomas\AppData\Local\Temp\raptr_stub.exe
C:\Users\Thomas\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-28 19:50

==================== Ende von FRST.txt ============================
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-05-2016 02
durchgeführt von Thomas (2016-05-30 18:52:46)
Gestartet von C:\Users\Thomas\Downloads
Windows 7 Professional Service Pack 1 (X64) (2016-04-06 17:37:00)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-758422454-1604163277-2610386603-500 - Administrator - Disabled)
Gast (S-1-5-21-758422454-1604163277-2610386603-501 - Limited - Disabled)
Thomas (S-1-5-21-758422454-1604163277-2610386603-1000 - Administrator - Enabled) => C:\Users\Thomas

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACD/Labs Freeware in C:\ACD2015FREE\ (HKLM-x32\...\ACDLabs in C__ACD2015FREE_) (Version: v14.00, FREE - ACD/Labs)
ACP Application (Version: 2016.0520.1712.17 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{34D5220A-58D0-473C-90E4-15136C3FB0E3}) (Version: 4.3.1.0690 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Epic Games Launcher (HKLM-x32\...\{CA4F7840-CC89-451D-8453-392F2EDAA605}) (Version: 1.1.70.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
f.lux (HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Flux) (Version:  - )
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.6.328 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
iTunes (HKLM\...\{58D7E5F7-BAD1-49C5-93C8-B655736EDA00}) (Version: 12.4.0.119 - Apple Inc.)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.6868.2062 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Mozilla Thunderbird 45.1.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.0 (x86 de)) (Version: 45.1.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Skiller PRO (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 2.1.15.6 - Sharkoon Technologies)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
SPEEDLINK PRIME Gaming Mouse (HKLM-x32\...\SPEEDLINK KUDOS) (Version:  - )
Spotify (HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-758422454-1604163277-2610386603-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-758422454-1604163277-2610386603-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {15FE0B6C-6F9D-4CE1-98EF-E2F5F33A4845} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-02] (Microsoft Corporation)
Task: {27D6393D-4FA7-49C0-BE3D-07B63F1744C5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {29C10ED2-A5DB-47E4-90CB-64F2328E12F5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {2B3D71FA-7E23-4D26-825C-F593771E4CD8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {49C0D252-62E5-45C7-9C09-CDD4CEDA94DA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-05] (Microsoft Corporation)
Task: {80B348DC-5F01-49E8-BC90-AD93FFCEEA62} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-05] (Microsoft Corporation)
Task: {9304EBB5-82CD-4F09-B853-E07F96DD2FAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17] (Google Inc.)
Task: {D122ABCC-35C0-4196-9705-4C9E5608F49A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-05-05] (Microsoft Corporation)
Task: {DAF3A632-9FB4-418A-9FFA-AE2B117D2E43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17] (Google Inc.)
Task: {E81E985F-3881-447F-B0A0-40F0625F0B5B} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-05-20] (Advanced Micro Devices, Inc.)
Task: {FF1C5EBB-E5CD-4FA8-A11A-41021CA2DD57} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-02] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-08-30 19:47 - 2013-08-30 19:47 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-22 14:41 - 2012-10-22 14:41 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-22 14:42 - 2012-10-22 14:42 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-17 19:56 - 2016-05-02 04:01 - 00417472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2012-03-08 05:12 - 2012-03-08 05:12 - 01470464 _____ () C:\Program Files (x86)\SPEEDLINK\SPEEDLINK PRIME Gaming Mouse\Gaming Mouse.exe
2016-04-22 01:07 - 2016-04-22 01:07 - 00313656 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2015-10-22 13:22 - 2016-04-26 17:45 - 00174872 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2015-10-22 13:21 - 2016-04-26 17:45 - 00103192 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2015-10-22 13:21 - 2016-04-26 17:45 - 00107800 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2015-10-22 13:22 - 2016-04-26 17:45 - 00312088 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2015-10-22 13:22 - 2016-04-26 17:45 - 00485656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2016-04-06 21:48 - 2016-04-06 21:48 - 00103424 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
2016-04-16 17:36 - 2016-03-29 00:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-04-16 17:36 - 2016-03-29 00:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-04-16 17:36 - 2016-03-29 00:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-04-16 17:36 - 2016-03-29 00:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-04-16 17:36 - 2016-03-29 00:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-04-16 17:36 - 2016-03-29 00:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-04-04 03:57 - 2016-05-20 23:02 - 00223744 _____ () C:\Windows\SysWOW64\GameManager32.dll
2016-04-06 21:42 - 2016-04-29 22:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-04-06 21:42 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-04-06 21:42 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-04-06 21:42 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-04-06 21:42 - 2016-04-30 02:10 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2016-04-06 21:42 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-04-06 21:42 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-04-06 21:42 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-04-06 21:42 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-04-06 21:42 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-04-06 21:42 - 2016-04-30 02:10 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-04-06 21:42 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-05-30 18:51 - 2016-05-30 18:51 - 00155232 ___HT () C:\Users\Thomas\AppData\Local\Temp\~CE85.tmp
2016-04-24 12:18 - 2015-07-20 17:15 - 00057344 _____ () C:\Program Files (x86)\Skiller PRO\lan.dll
2016-04-24 12:18 - 2012-08-14 22:41 - 00061440 _____ () C:\Program Files (x86)\Skiller PRO\hiddriver.dll
2016-04-06 21:42 - 2016-04-28 03:00 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-06 21:49 - 2016-05-05 12:45 - 00198144 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\launcher.dll
2016-04-06 21:48 - 2016-04-06 21:48 - 00317952 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00203776 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\vstdlib.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00390656 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\filesystem_stdio.dll
2016-04-06 21:48 - 2016-05-22 22:04 - 06971392 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\engine.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00166912 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\inputsystem.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 01174016 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vphysics.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 01242112 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\materialsystem.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00355840 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\datacache.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00610816 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\studiorender.dll
2016-04-06 21:49 - 2016-05-05 12:45 - 00164864 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\soundemittersystem.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00708096 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vscript.dll
2016-04-06 21:49 - 2016-05-05 12:45 - 00134656 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\valve_avi.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 01336832 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vguimatsurface.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00395264 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vgui2.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 03276288 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\scaleformui.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 01769984 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\shaderapidx9.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00143360 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\localize.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00230912 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dbg.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 01016832 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dx9.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00584704 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\matchmaking.dll
2016-04-06 21:48 - 2016-05-22 22:03 - 12712448 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\client.dll
2016-04-06 21:48 - 2016-05-22 22:04 - 10263040 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\server.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00094208 _____ () C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\scenefilecache.dll
2016-04-06 21:49 - 2016-05-05 12:45 - 00084992 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vaudio_miles.dll
2016-04-06 21:48 - 2016-04-06 21:48 - 00071680 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\mssmp3.asi
2016-04-06 21:48 - 2016-04-06 21:48 - 00012800 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\mssds3d.flt
2016-04-06 21:48 - 2016-04-06 21:48 - 00055808 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\msseax.flt
2016-04-06 21:49 - 2016-05-05 12:45 - 00173568 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vaudio_celt.dll
2016-04-06 21:48 - 2016-05-05 12:45 - 00974848 _____ () c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\serverbrowser.dll
2016-04-06 21:42 - 2015-09-25 01:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-758422454-1604163277-2610386603-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{1BCAC893-CFF5-4B9B-B850-44B7676B9E6C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7111D390-46B3-475F-80D1-301F5CDBB677}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A4AB2E0E-53C0-4177-9A3E-20002042C1D7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C4571AB8-9671-4363-B564-69DB43825264}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2FAD3544-A9CF-429F-BBC3-0A9ABF814914}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{36A774A3-45F8-474F-A081-87A5A9C1E404}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5AACE038-93F5-4799-9AE6-F166A1ADCEC0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D17EAD2D-00F5-4473-9873-7CBF0C0914D2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E76E4D58-B87C-4CED-9F5B-711B2906D389}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AC3BC60B-C4A3-4230-BDA5-4AD011A42F8C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{93B56332-F08C-4B6B-93F4-A3F34F9C5A36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{200E9D49-D84B-4235-A117-7685E9F00AD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6867D683-685D-4382-9E43-7C6CDDB4BE9D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{25B354C7-1BA0-4185-B445-EC8D1A210A17}C:\users\thomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E44951C8-D687-4754-8D0B-8AB1B23EF7F4}C:\users\thomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9C60BA12-94B0-4E54-BF18-5AB6F5E4C1F3}] => (Block) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{39537144-DD55-4166-9463-33EF7C683842}] => (Block) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9EDC795F-272A-4EB3-AD00-1A91DCDE93CA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{BBA74933-FA30-4DA3-B21A-25D571817B41}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{B012F289-0C94-4CA8-AB32-1DA7A4B769E8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{0E1C8AF4-9E36-458A-9836-A67DE07796CD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{04A0DEE9-698B-445C-951D-BD6AA2D243AA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{9B4A8547-A8A2-43E3-8D3E-DDFA4F740689}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{4413B138-BB2B-4F17-80EE-0A27F117B626}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{040FD958-5701-424B-97AD-F962EEC8BA2D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{372EBF4E-BDA0-41FF-AD6C-53B78DC18B73}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{38C4DFE6-9166-4F9E-AE16-FF8F0FE2A98D}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{84C52CDD-7C66-403F-BE49-BDEA926B5BF2}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{FC285D08-4A1A-4901-9CC9-CB28AF2F5DF1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{99DFCD0E-F2CD-4A9E-B724-E5E25AFD6C69}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{740FCBC3-A4D3-4A3D-B3CC-5E656DCC5FE9}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{799231B6-3B0E-4909-B188-F152276B6C49}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{A038B329-29C2-4041-A19D-56B47D5FAAA1}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{45A133EC-4E01-4B76-8709-DCCA7F6B7F2A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{3CF14EA0-D892-424E-9C74-BA1EFD3D93D6}C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{902BD277-E7B5-441E-9F6F-C61AF6AF7FA9}C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [TCP Query User{047EECAB-C51C-4DED-BDDF-29B8FB1CA506}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{AD5FA729-B796-401F-BC28-C4ED603C9B9A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{9B9F5C7C-6F5B-4058-BE3C-79408F2C3002}C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Block) C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{7ECDD799-55F7-4B0D-B7FF-8ECB77C4038B}C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Block) C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe

==================== Wiederherstellungspunkte =========================

18-05-2016 20:00:34 Windows Update
18-05-2016 20:01:07 Windows Update
18-05-2016 20:01:43 Windows Update
18-05-2016 20:03:09 Windows Update
22-05-2016 22:04:55 Windows Update
25-05-2016 17:01:36 Gerätetreiber-Paketinstallation: Advanced Micro Devices, Inc. Grafikkarte
26-05-2016 17:20:16 Windows Update
26-05-2016 17:58:52 Windows Update
30-05-2016 18:51:48 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/30/2016 06:39:37 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (05/30/2016 06:39:37 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (05/30/2016 06:39:37 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (05/30/2016 06:37:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/30/2016 06:35:26 PM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description: ATI EEU Client event error

Error: (05/29/2016 09:36:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (05/29/2016 09:36:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (05/29/2016 09:36:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (05/29/2016 09:34:04 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (05/29/2016 09:34:04 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.


Systemfehler:
=============
Error: (05/30/2016 06:50:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.

Error: (05/29/2016 09:47:48 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.

Error: (05/29/2016 07:20:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.

Error: (05/29/2016 12:27:01 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.

Error: (05/28/2016 08:09:59 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.

Error: (05/28/2016 12:00:44 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.

Error: (05/27/2016 10:54:10 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.

Error: (05/26/2016 05:19:26 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.

Error: (05/25/2016 10:48:47 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.

Error: (05/25/2016 04:50:56 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "SABINEJAENICKE",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7F44B7C4-C23C-4E67-B9AC-3F19997CD50C}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.


==================== Speicherinformationen =========================== 

Prozessor: AMD FX-8320E Eight-Core Processor 
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 16350.65 MB
Verfügbarer physikalischer RAM: 11571.52 MB
Summe virtueller Speicher: 32699.48 MB
Verfügbarer virtueller Speicher: 27079.27 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:320.67 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 85DD657B)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Alt 30.05.2016, 18:16   #7
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
PC führt Programme zT wahllos aus/nicht aus - Standard

PC führt Programme zT wahllos aus/nicht aus


Schritt 1
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 30.05.2016, 21:19   #8
Zoidbarg
 
PC führt Programme zT wahllos aus/nicht aus - Standard

PC führt Programme zT wahllos aus/nicht aus


Code:
ATTFilter
ComboFix 16-05-31.01 - Thomas 30.05.2016  22:05:25.1.8 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.16351.12890 [GMT 2:00]
ausgeführt von:: c:\users\Thomas\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
SP: Microsoft Security Essentials *Enabled/Updated* {CDE0C533-D3CD-62A1-E772-AFADDF863628}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\SET4461.tmp
c:\windows\SysWow64\SET450F.tmp
c:\windows\SysWow64\SET47C6.tmp
c:\windows\SysWow64\SET4C39.tmp
c:\windows\SysWow64\SET4E7A.tmp
c:\windows\SysWow64\SET5343.tmp
c:\windows\SysWow64\SET5364.tmp
c:\windows\SysWow64\SET71E9.tmp
c:\windows\SysWow64\SET7268.tmp
c:\windows\SysWow64\SET751F.tmp
c:\windows\SysWow64\SET7905.tmp
c:\windows\SysWow64\SET7AE9.tmp
c:\windows\SysWow64\SET7F83.tmp
c:\windows\SysWow64\SET7FA4.tmp
c:\windows\SysWow64\SETD5EA.tmp
c:\windows\SysWow64\SETD679.tmp
c:\windows\SysWow64\SETD911.tmp
c:\windows\SysWow64\SETDCF7.tmp
c:\windows\SysWow64\SETDEDB.tmp
c:\windows\SysWow64\SETE0B2.tmp
c:\windows\SysWow64\SETE131.tmp
c:\windows\SysWow64\SETE384.tmp
c:\windows\SysWow64\SETE3C5.tmp
c:\windows\SysWow64\SETE417.tmp
c:\windows\SysWow64\SETE80C.tmp
c:\windows\SysWow64\SETEA4E.tmp
c:\windows\SysWow64\SETEEE8.tmp
c:\windows\SysWow64\SETEF09.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2016-04-28 bis 2016-05-30  ))))))))))))))))))))))))))))))
.
.
2016-05-30 20:09 . 2016-05-30 20:09	--------	d-----w-	c:\users\Default\AppData\Local\temp
2016-05-30 16:52 . 2016-05-26 20:28	11895896	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8B56FDFB-4D46-436B-A9D5-1F05C299305B}\mpengine.dll
2016-05-30 16:51 . 2016-05-26 20:28	11895896	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-05-24 14:15 . 2016-05-24 19:17	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2016-05-22 20:05 . 2016-05-12 10:53	1167568	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EF8A72DD-0949-44D6-8CC7-6DA0E15BA815}\gapaengine.dll
2016-05-20 21:48 . 2016-05-20 21:48	141280	----a-w-	c:\windows\system32\amdave64.dll
2016-05-20 21:48 . 2016-05-20 21:48	122704	----a-w-	c:\windows\SysWow64\amdave32.dll
2016-05-20 21:47 . 2016-05-20 21:47	141280	----a-w-	c:\windows\system32\amdhcp64.dll
2016-05-20 21:47 . 2016-05-20 21:47	125288	----a-w-	c:\windows\SysWow64\amdhcp32.dll
2016-05-20 21:47 . 2016-05-20 21:47	109856	----a-w-	c:\windows\system32\atimpc64.dll
2016-05-20 21:47 . 2016-05-20 21:47	109856	----a-w-	c:\windows\system32\amdpcom64.dll
2016-05-20 21:47 . 2016-05-20 21:47	92328	----a-w-	c:\windows\SysWow64\atimpc32.dll
2016-05-20 21:47 . 2016-05-20 21:47	92328	----a-w-	c:\windows\SysWow64\amdpcom32.dll
2016-05-20 21:47 . 2016-05-20 21:47	150544	----a-w-	c:\windows\system32\atiu9p64.dll
2016-05-20 21:46 . 2016-05-20 21:46	9798560	----a-w-	c:\windows\system32\atiumd6a.dll
2016-05-20 21:46 . 2016-05-20 21:46	8577456	----a-w-	c:\windows\system32\atiumd64.dll
2016-05-20 21:44 . 2016-05-20 21:44	296648	----a-w-	c:\windows\system32\drivers\amdacpksd.sys
2016-05-20 21:41 . 2016-05-20 21:41	27015680	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2016-05-20 21:35 . 2016-05-20 21:35	252928	----a-w-	c:\windows\system32\clinfo.exe
2016-05-20 21:35 . 2016-05-20 21:35	48616960	----a-w-	c:\windows\system32\amdocl64.dll
2016-05-20 21:34 . 2016-05-20 21:34	38098432	----a-w-	c:\windows\SysWow64\amdocl.dll
2016-05-20 21:33 . 2016-05-20 21:33	96256	----a-w-	c:\windows\system32\OpenCL.dll
2016-05-20 21:33 . 2016-05-20 21:33	87040	----a-w-	c:\windows\SysWow64\OpenCL.dll
2016-05-20 21:32 . 2016-05-20 21:32	27433472	----a-w-	c:\windows\system32\amdocl12cl64.dll
2016-05-20 21:31 . 2016-05-20 21:31	21600768	----a-w-	c:\windows\SysWow64\amdocl12cl.dll
2016-05-20 21:30 . 2016-05-20 21:30	8699392	----a-w-	c:\windows\system32\amdvlk64.dll
2016-05-20 21:26 . 2016-05-20 21:26	6951424	----a-w-	c:\windows\SysWow64\amdvlk32.dll
2016-05-20 21:14 . 2016-05-20 21:14	30188032	----a-w-	c:\windows\system32\atio6axx.dll
2016-05-20 21:13 . 2016-05-20 21:13	730112	----a-w-	c:\windows\system32\amdlvr64.dll
2016-05-20 21:13 . 2016-05-20 21:13	605696	----a-w-	c:\windows\SysWow64\amdlvr32.dll
2016-05-20 21:12 . 2016-05-20 21:12	142336	----a-w-	c:\windows\system32\mantle64.dll
2016-05-20 21:12 . 2016-05-20 21:12	117760	----a-w-	c:\windows\SysWow64\mantle32.dll
2016-05-20 21:12 . 2016-05-20 21:12	6965248	----a-w-	c:\windows\system32\amdmantle64.dll
2016-05-20 21:09 . 2016-05-20 21:09	385536	----a-w-	c:\windows\system32\atiapfxx.exe
2016-05-20 21:09 . 2016-05-20 21:09	62464	----a-w-	c:\windows\system32\aticalrt64.dll
2016-05-20 21:09 . 2016-05-20 21:09	52224	----a-w-	c:\windows\SysWow64\aticalrt.dll
2016-05-20 21:09 . 2016-05-20 21:09	55808	----a-w-	c:\windows\system32\aticalcl64.dll
2016-05-20 21:09 . 2016-05-20 21:09	49152	----a-w-	c:\windows\SysWow64\aticalcl.dll
2016-05-20 21:09 . 2016-05-20 21:09	5643776	----a-w-	c:\windows\SysWow64\amdmantle32.dll
2016-05-20 21:08 . 2016-05-20 21:08	15711744	----a-w-	c:\windows\system32\aticaldd64.dll
2016-05-20 21:08 . 2016-05-20 21:08	14302720	----a-w-	c:\windows\SysWow64\aticaldd.dll
2016-05-20 21:06 . 2016-05-20 21:06	24836096	----a-w-	c:\windows\SysWow64\atioglxx.dll
2016-05-20 21:06 . 2016-05-20 21:06	50688	----a-w-	c:\windows\system32\amdmmcl6.dll
2016-05-20 21:06 . 2016-05-20 21:06	38400	----a-w-	c:\windows\SysWow64\amdmmcl.dll
2016-05-20 21:06 . 2016-05-20 21:06	113152	----a-w-	c:\windows\system32\mantleaxl64.dll
2016-05-20 21:06 . 2016-05-20 21:06	92160	----a-w-	c:\windows\SysWow64\mantleaxl32.dll
2016-05-20 21:02 . 2016-05-20 21:02	442368	----a-w-	c:\windows\system32\atidemgy.dll
2016-05-20 21:02 . 2016-05-20 21:02	274432	----a-w-	c:\windows\system32\dgtrayicon.exe
2016-05-20 21:02 . 2016-05-20 21:02	258560	----a-w-	c:\windows\system32\GameManager64.dll
2016-05-20 21:02 . 2016-05-20 21:02	212480	----a-w-	c:\windows\system32\atieah64.exe
2016-05-20 21:02 . 2016-05-20 21:02	190464	----a-w-	c:\windows\SysWow64\atieah32.exe
2016-05-20 21:02 . 2016-05-20 21:02	230912	----a-w-	c:\windows\system32\amdgfxinfo64.dll
2016-05-20 21:02 . 2016-05-20 21:02	202752	----a-w-	c:\windows\SysWow64\amdgfxinfo32.dll
2016-05-20 21:02 . 2016-05-20 21:02	93696	----a-w-	c:\windows\system32\atimuixx.dll
2016-05-20 21:02 . 2016-05-20 21:02	588288	----a-w-	c:\windows\system32\atieclxx.exe
2016-05-20 21:02 . 2016-05-20 21:02	306688	----a-w-	c:\windows\system32\atiesrxx.exe
2016-05-20 21:01 . 2016-05-20 21:01	270336	----a-w-	c:\windows\system32\atitmm64.dll
2016-05-20 20:57 . 2016-05-20 20:57	1304576	----a-w-	c:\windows\system32\atiadlxx.dll
2016-05-20 20:57 . 2016-05-20 20:57	973824	----a-w-	c:\windows\SysWow64\atiadlxy.dll
2016-05-20 20:57 . 2016-05-20 20:57	973824	----a-w-	c:\windows\SysWow64\atiadlxx.dll
2016-05-20 20:57 . 2016-05-20 20:57	106496	----a-w-	c:\windows\system32\atig6pxx.dll
2016-05-20 20:57 . 2016-05-20 20:57	91136	----a-w-	c:\windows\SysWow64\atiglpxx.dll
2016-05-20 20:57 . 2016-05-20 20:57	91136	----a-w-	c:\windows\system32\atiglpxx.dll
2016-05-20 20:57 . 2016-05-20 20:57	185344	----a-w-	c:\windows\system32\atig6txx.dll
2016-05-20 20:57 . 2016-05-20 20:57	159232	----a-w-	c:\windows\SysWow64\atigktxx.dll
2016-05-20 20:57 . 2016-05-20 20:57	498176	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2016-05-20 20:57 . 2016-05-20 20:57	119808	----a-w-	c:\windows\system32\atisamu64.dll
2016-05-20 20:57 . 2016-05-20 20:57	101376	----a-w-	c:\windows\SysWow64\atisamu32.dll
2016-05-20 20:56 . 2016-05-20 20:56	43520	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2016-05-20 20:55 . 2016-05-20 20:55	251392	----a-w-	c:\windows\system32\hsa-thunk64.dll
2016-05-20 20:55 . 2016-05-20 20:55	217088	----a-w-	c:\windows\SysWow64\hsa-thunk.dll
2016-05-20 15:12 . 2016-05-20 15:12	364544	----a-w-	c:\windows\system32\amdacpusl.dll
2016-05-20 15:12 . 2016-05-20 15:12	248832	----a-w-	c:\windows\SysWow64\amdacpusl.dll
2016-05-18 16:32 . 2016-05-18 16:32	--------	d-----w-	c:\users\Thomas\AppData\Local\UnrealTournament
2016-05-18 15:14 . 2016-05-18 16:48	--------	d-----w-	c:\program files\Epic Games
2016-05-18 15:03 . 2016-05-18 15:03	--------	d-----w-	c:\users\Thomas\AppData\Local\UnrealEngine
2016-05-18 15:03 . 2016-05-18 15:03	--------	d-----w-	c:\users\Thomas\AppData\Local\EpicGamesLauncher
2016-05-18 15:02 . 2016-05-18 15:04	--------	d-----w-	c:\programdata\Epic
2016-05-18 15:02 . 2016-05-18 15:02	--------	d-----w-	c:\program files (x86)\Epic Games
2016-05-17 18:38 . 2016-05-17 18:38	--------	d-----w-	c:\program files\iPod
2016-05-17 18:38 . 2016-05-17 18:38	--------	d-----w-	c:\program files (x86)\iTunes
2016-05-17 18:38 . 2016-05-17 18:38	--------	d-----w-	c:\program files\iTunes
2016-05-14 22:14 . 2016-05-14 22:14	--------	d-----w-	c:\programdata\Malwarebytes
2016-05-14 11:17 . 2016-04-09 04:20	1230848	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2016-05-14 11:17 . 2016-04-09 03:52	1424896	----a-w-	c:\windows\system32\WindowsCodecs.dll
2016-05-13 22:33 . 2015-11-10 18:55	1648128	----a-w-	c:\windows\system32\DWrite.dll
2016-05-13 22:33 . 2015-11-10 18:55	1180160	----a-w-	c:\windows\system32\FntCache.dll
2016-05-13 22:33 . 2015-11-10 18:39	1251328	----a-w-	c:\windows\SysWow64\DWrite.dll
2016-05-13 22:33 . 2015-07-30 18:06	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2016-05-13 22:33 . 2015-07-30 17:57	1987584	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2016-05-13 22:28 . 2015-12-08 21:54	2285056	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2016-05-13 22:28 . 2015-12-08 19:07	2777088	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2016-05-13 22:28 . 2015-02-04 03:16	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2016-05-13 22:28 . 2015-02-04 02:54	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2016-05-13 22:01 . 2013-10-02 04:51	3584	----a-w-	c:\windows\system32\drivers\de-DE\tsusbflt.sys.mui
2016-05-13 22:01 . 2013-10-02 01:10	44544	----a-w-	c:\windows\system32\TsUsbGDCoInstaller.dll
2016-05-13 22:01 . 2013-10-02 02:22	56832	----a-w-	c:\windows\system32\drivers\TsUsbFlt.sys
2016-05-13 22:01 . 2013-10-02 02:11	13824	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-05-13 22:01 . 2013-10-02 02:08	12800	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-05-13 22:01 . 2013-10-02 01:48	56832	----a-w-	c:\windows\system32\MsRdpWebAccess.dll
2016-05-13 22:01 . 2013-10-02 01:48	18944	----a-w-	c:\windows\system32\wksprtPS.dll
2016-05-13 22:01 . 2013-10-02 00:14	50176	----a-w-	c:\windows\SysWow64\MsRdpWebAccess.dll
2016-05-13 22:01 . 2013-10-02 00:14	17920	----a-w-	c:\windows\SysWow64\wksprtPS.dll
2016-05-13 22:01 . 2013-10-01 23:31	1147392	----a-w-	c:\windows\system32\mstsc.exe
2016-05-13 22:01 . 2013-10-01 22:34	1068544	----a-w-	c:\windows\SysWow64\mstsc.exe
2016-05-13 22:00 . 2012-08-23 14:10	19456	----a-w-	c:\windows\system32\drivers\rdpvideominiport.sys
2016-05-13 22:00 . 2012-08-23 14:08	30208	----a-w-	c:\windows\system32\drivers\TsUsbGD.sys
2016-05-13 22:00 . 2012-08-23 11:12	192000	----a-w-	c:\windows\SysWow64\rdpendp_winip.dll
2016-05-13 22:00 . 2012-08-23 10:51	228864	----a-w-	c:\windows\system32\rdpendp_winip.dll
2016-05-13 21:59 . 2016-05-13 21:59	--------	d-----w-	c:\program files\Microsoft Silverlight
2016-05-13 21:59 . 2016-05-13 21:59	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2016-05-13 21:56 . 2015-12-16 18:55	69120	----a-w-	c:\windows\system32\nlsbres.dll
2016-05-13 21:56 . 2015-12-16 18:53	7168	----a-w-	c:\windows\system32\KBDAZEL.DLL
2016-05-13 21:56 . 2015-12-16 18:53	7168	----a-w-	c:\windows\system32\KBDAZE.DLL
2016-05-13 21:56 . 2015-12-16 18:48	6656	----a-w-	c:\windows\SysWow64\KBDAZEL.DLL
2016-05-13 21:56 . 2015-12-16 18:47	69120	----a-w-	c:\windows\SysWow64\nlsbres.dll
2016-05-13 21:56 . 2015-12-16 18:53	7168	----a-w-	c:\windows\system32\kbdgeoqw.dll
2016-05-13 21:56 . 2015-12-16 18:48	6656	----a-w-	c:\windows\SysWow64\kbdgeoqw.dll
2016-05-13 21:56 . 2015-08-05 17:56	22528	----a-w-	c:\windows\system32\icaapi.dll
2016-05-13 21:56 . 2015-08-05 17:06	39936	----a-w-	c:\windows\system32\drivers\tssecsrv.sys
2016-05-13 21:54 . 2016-03-09 19:00	396800	----a-w-	c:\windows\system32\webio.dll
2016-05-13 21:54 . 2016-03-09 19:00	444416	----a-w-	c:\windows\system32\winhttp.dll
2016-05-13 21:54 . 2016-03-09 18:40	351744	----a-w-	c:\windows\SysWow64\winhttp.dll
2016-05-13 21:54 . 2016-03-09 18:40	316416	----a-w-	c:\windows\SysWow64\webio.dll
2016-05-13 21:49 . 2016-05-13 21:53	--------	d-----w-	c:\windows\system32\MRT
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-05-29 22:20 . 2016-04-07 13:20	65536	----a-w-	c:\windows\system32\spu_storage.bin
2016-05-20 21:47 . 2016-04-04 04:16	166488	----a-w-	c:\windows\system32\atiuxp64.dll
2016-05-20 21:47 . 2016-04-04 04:16	137136	----a-w-	c:\windows\SysWow64\atiuxpag.dll
2016-05-20 21:47 . 2016-04-04 04:15	123776	----a-w-	c:\windows\SysWow64\atiu9pag.dll
2016-05-20 21:47 . 2016-04-04 04:15	1511680	----a-w-	c:\windows\system32\aticfx64.dll
2016-05-20 21:47 . 2016-04-04 04:15	1242832	----a-w-	c:\windows\SysWow64\aticfx32.dll
2016-05-20 21:47 . 2016-04-04 04:15	10694160	----a-w-	c:\windows\system32\atidxx64.dll
2016-05-20 21:47 . 2016-04-04 04:15	8876704	----a-w-	c:\windows\SysWow64\atidxx32.dll
2016-05-20 21:47 . 2016-04-04 04:15	8865344	----a-w-	c:\windows\SysWow64\atiumdva.dll
2016-05-20 21:46 . 2016-04-04 04:15	6999496	----a-w-	c:\windows\SysWow64\atiumdag.dll
2016-05-20 21:02 . 2016-04-04 01:57	223744	----a-w-	c:\windows\SysWow64\GameManager32.dll
2016-05-12 23:08 . 2016-04-09 22:44	797376	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2016-05-12 23:08 . 2016-04-09 22:44	142528	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-05-12 10:53 . 2016-04-14 16:38	1167568	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2016-05-10 23:09 . 2016-04-04 04:16	166488	----a-w-	c:\windows\system32\SETDE39.tmp
2016-05-10 23:09 . 2016-04-04 04:15	1510144	----a-w-	c:\windows\system32\SETDEAA.tmp
2016-05-02 12:18 . 2016-04-17 18:02	2405656	----a-w-	c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2016-04-29 19:48 . 2016-04-04 04:16	152568	----a-w-	c:\windows\system32\SET4DB9.tmp
2016-04-29 19:48 . 2016-04-04 04:15	1519920	----a-w-	c:\windows\system32\SET4E4A.tmp
2016-04-29 19:48 . 2016-04-04 04:15	11631488	----a-w-	c:\windows\system32\SET43F2.tmp
2016-04-22 07:57 . 2010-11-21 03:27	453288	------w-	c:\windows\system32\MpSigStub.exe
2016-04-15 21:14 . 2016-04-04 04:16	152568	----a-w-	c:\windows\system32\SETE9AC.tmp
2016-04-15 21:14 . 2016-04-04 04:15	1519920	----a-w-	c:\windows\system32\SETEA1D.tmp
2016-04-15 21:14 . 2016-04-04 04:15	11631488	----a-w-	c:\windows\system32\SETE043.tmp
2016-04-15 20:24 . 2016-04-04 02:25	865280	----a-w-	c:\windows\system32\SETF1D3.tmp
2016-04-15 20:11 . 2016-04-04 01:33	1276416	----a-w-	c:\windows\system32\SETD87C.tmp
2016-04-09 06:54 . 2016-05-11 12:13	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2016-04-08 16:08 . 2016-04-08 16:08	940032	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2016-04-08 16:08 . 2016-04-08 16:08	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2016-04-08 16:08 . 2016-04-08 16:08	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2016-04-08 16:08 . 2016-04-08 16:08	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2016-04-08 16:08 . 2016-04-08 16:08	235008	----a-w-	c:\windows\system32\elshyph.dll
2016-04-08 16:08 . 2016-04-08 16:08	1950720	----a-w-	c:\windows\SysWow64\wininet.dll
2016-04-08 16:08 . 2016-04-08 16:08	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2016-04-08 16:07 . 2016-04-08 16:07	64000	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2016-04-08 16:07 . 2016-04-08 16:07	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2016-04-08 16:07 . 2016-04-08 16:07	62464	----a-w-	c:\windows\SysWow64\iesetup.dll
2016-04-08 16:07 . 2016-04-08 16:07	60416	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2016-04-08 16:07 . 2016-04-08 16:07	503808	----a-w-	c:\windows\SysWow64\vbscript.dll
2016-04-08 16:07 . 2016-04-08 16:07	47616	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2016-04-08 16:07 . 2016-04-08 16:07	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2016-04-08 16:07 . 2016-04-08 16:07	341504	----a-w-	c:\windows\SysWow64\html.iec
2016-04-08 16:07 . 2016-04-08 16:07	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2016-04-08 16:07 . 2016-04-08 16:07	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2016-04-08 16:07 . 2016-04-08 16:07	2052608	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2016-04-08 16:07 . 2016-04-08 16:07	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2016-04-08 16:07 . 2016-04-08 16:07	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2016-04-08 16:07 . 2016-04-08 16:07	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2016-04-08 16:07 . 2016-04-08 16:07	115712	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2016-04-08 16:07 . 2016-04-08 16:07	1155072	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2016-04-08 16:07 . 2016-04-08 16:07	942592	----a-w-	c:\windows\system32\jsIntl.dll
2016-04-08 16:07 . 2016-04-08 16:07	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2016-04-08 16:07 . 2016-04-08 16:07	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2016-04-08 16:07 . 2016-04-08 16:07	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2016-04-08 16:07 . 2016-04-08 16:07	814080	----a-w-	c:\windows\system32\jscript9diag.dll
2016-04-08 16:07 . 2016-04-08 16:07	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2016-04-08 16:07 . 2016-04-08 16:07	633856	----a-w-	c:\windows\system32\ieui.dll
2016-04-08 16:07 . 2016-04-08 16:07	620032	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2016-04-08 16:07 . 2016-04-08 16:07	6026240	----a-w-	c:\windows\system32\jscript9.dll
2016-04-08 16:07 . 2016-04-08 16:07	54784	----a-w-	c:\windows\system32\jsproxy.dll
2016-04-08 16:07 . 2016-04-08 16:07	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2016-04-08 16:07 . 2016-04-08 16:07	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2016-04-08 16:07 . 2016-04-08 16:07	48640	----a-w-	c:\windows\system32\mshtmler.dll
2016-04-08 16:07 . 2016-04-08 16:07	4305920	----a-w-	c:\windows\SysWow64\jscript9.dll
2016-04-08 16:07 . 2016-04-08 16:07	2885632	----a-w-	c:\windows\system32\iertutil.dll
2016-04-08 16:07 . 2016-04-08 16:07	247808	----a-w-	c:\windows\system32\msls31.dll
2016-04-08 16:07 . 2016-04-08 16:07	2426880	----a-w-	c:\windows\system32\wininet.dll
2016-04-08 16:07 . 2016-04-08 16:07	199680	----a-w-	c:\windows\system32\msrating.dll
2016-04-08 16:07 . 2016-04-08 16:07	1545728	----a-w-	c:\windows\system32\urlmon.dll
2016-04-08 16:07 . 2016-04-08 16:07	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2016-04-08 16:07 . 2016-04-08 16:07	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2016-04-08 16:07 . 2016-04-08 16:07	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2016-04-08 16:07 . 2016-04-08 16:07	105984	----a-w-	c:\windows\system32\iesysprep.dll
2016-04-08 16:07 . 2016-04-08 16:07	14404096	----a-w-	c:\windows\system32\ieframe.dll
2016-04-08 16:07 . 2016-04-08 16:07	92160	----a-w-	c:\windows\system32\mshtmled.dll
2016-04-08 16:07 . 2016-04-08 16:07	88064	----a-w-	c:\windows\system32\MshtmlDac.dll
2016-04-08 16:07 . 2016-04-08 16:07	816640	----a-w-	c:\windows\system32\jscript.dll
2016-04-08 16:07 . 2016-04-08 16:07	81408	----a-w-	c:\windows\system32\icardie.dll
2016-04-08 16:07 . 2016-04-08 16:07	801280	----a-w-	c:\windows\system32\msfeeds.dll
2016-04-08 16:07 . 2016-04-08 16:07	800768	----a-w-	c:\windows\system32\ieapfltr.dll
2016-04-08 16:07 . 2016-04-08 16:07	77824	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2016-04-08 16:07 . 2016-04-08 16:07	77312	----a-w-	c:\windows\system32\tdc.ocx
2016-04-08 16:07 . 2016-04-08 16:07	720384	----a-w-	c:\windows\system32\ie4uinit.exe
2016-04-08 16:07 . 2016-04-08 16:07	66560	----a-w-	c:\windows\system32\iesetup.dll
2016-04-08 16:07 . 2016-04-08 16:07	62464	----a-w-	c:\windows\system32\pngfilt.dll
2016-04-08 16:07 . 2016-04-08 16:07	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2016-04-08 16:07 . 2016-04-08 16:07	584192	----a-w-	c:\windows\system32\vbscript.dll
2016-04-08 16:07 . 2016-04-08 16:07	490496	----a-w-	c:\windows\system32\dxtmsft.dll
2016-04-08 16:07 . 2016-04-08 16:07	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2016-04-08 16:07 . 2016-04-08 16:07	48128	----a-w-	c:\windows\system32\imgutil.dll
2016-04-08 16:07 . 2016-04-08 16:07	417792	----a-w-	c:\windows\system32\html.iec
2016-04-08 16:07 . 2016-04-08 16:07	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2016-04-08 16:07 . 2016-04-08 16:07	389840	----a-w-	c:\windows\system32\iedkcs32.dll
2016-04-08 16:07 . 2016-04-08 16:07	34304	----a-w-	c:\windows\system32\iernonce.dll
2016-04-08 16:07 . 2016-04-08 16:07	316928	----a-w-	c:\windows\system32\dxtrans.dll
2016-04-08 16:07 . 2016-04-08 16:07	30208	----a-w-	c:\windows\system32\licmgr10.dll
2016-04-08 16:07 . 2016-04-08 16:07	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2016-04-08 16:07 . 2016-04-08 16:07	24917504	----a-w-	c:\windows\system32\mshtml.dll
2016-04-08 16:07 . 2016-04-08 16:07	243200	----a-w-	c:\windows\system32\webcheck.dll
2016-04-08 16:07 . 2016-04-08 16:07	235520	----a-w-	c:\windows\system32\url.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2016-04-17 18:18	1587912	----a-w-	c:\users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2016-04-17 18:18	1587912	----a-w-	c:\users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2016-04-17 18:18	1587912	----a-w-	c:\users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2016-04-17 18:18	1587912	----a-w-	c:\users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2016-04-17 18:18	1587912	----a-w-	c:\users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-05-02 12:19	1538864	----a-w-	c:\program files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-05-02 12:19	1538864	----a-w-	c:\program files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-05-02 12:19	1538864	----a-w-	c:\program files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\Thomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2016-05-11 1525360]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2016-04-30 3077712]
"f.lux"="c:\users\Thomas\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-23 1017224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SPEEDLINK KUDOS"="c:\program files (x86)\SPEEDLINK\SPEEDLINK PRIME Gaming Mouse\Gaming Mouse.exe" [2012-03-08 1470464]
"Skiller PRO"="c:\program files (x86)\Skiller PRO\Monitor.exe" [2015-07-17 475136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 amdacpksd;ACP Kernel Service Driver;c:\windows\system32\drivers\amdacpksd.sys;c:\windows\SYSNATIVE\drivers\amdacpksd.sys [x]
S2 amdacpusrsvc;ACP User Service;c:\program files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe;c:\program files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 AODDriver4.3.0;AODDriver4.3.0;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys;c:\program files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DigitalWave.Update.Service;Digital Wave Update Service;c:\program files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe;c:\program files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
S3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\DRIVERS\ViaHub3.sys;c:\windows\SYSNATIVE\DRIVERS\ViaHub3.sys [x]
S3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\DRIVERS\xhcdrv.sys;c:\windows\SYSNATIVE\DRIVERS\xhcdrv.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation	REG_MULTI_SZ   	SSDPSRV upnphost SCardSvr QWAVE wcncsvc
iissvcs	REG_MULTI_SZ   	w3svc was
apphost	REG_MULTI_SZ   	apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-05-12 23:14	1186968	----a-w-	c:\program files (x86)\Google\Chrome\Application\50.0.2661.102\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2016-05-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-09 23:08]
.
2016-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17 13:03]
.
2016-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17 13:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2016-04-17 18:18	1641664	----a-w-	c:\users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2016-04-17 18:18	1641664	----a-w-	c:\users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2016-04-17 18:18	1641664	----a-w-	c:\users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2016-04-17 18:18	1641664	----a-w-	c:\users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2016-04-17 18:18	1641664	----a-w-	c:\users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-05-02 11:01	2096432	----a-w-	c:\program files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-05-02 11:01	2096432	----a-w-	c:\program files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-05-02 11:01	2096432	----a-w-	c:\program files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2016-01-29 1340192]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2016-05-11 176952]
"StartCN"="c:\program files\AMD\CNext\CNext\RadeonSettings.exe" [2016-05-20 6564552]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\program files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.2.1
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
FF - ProfilePath - c:\users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.reddit.com/
FF - prefs.js: network.proxy.type - 0
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2016-05-30  22:12:13
ComboFix-quarantined-files.txt  2016-05-30 20:12
.
Vor Suchlauf: 14 Verzeichnis(se), 343.760.642.048 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 344.521.256.960 Bytes frei
.
- - End Of File - - 736A75C334EE3F94C3D941140EE2A2EA
A36C5E4F47E84449FF07ED3517B43A31

Alt 31.05.2016, 18:04   #9
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
PC führt Programme zT wahllos aus/nicht aus - Standard

PC führt Programme zT wahllos aus/nicht aus


Hi,

Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 2

  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass Deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3



Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 31.05.2016, 21:39   #10
Zoidbarg
 
PC führt Programme zT wahllos aus/nicht aus - Standard

PC führt Programme zT wahllos aus/nicht aus


Hier gabs keinen Neustart des PCs.

Code:
ATTFilter
# AdwCleaner v5.119 - Bericht erstellt am 31/05/2016 um 22:09:14
# Aktualisiert am 30/05/2016 von Xplode
# Datenbank : 2016-05-30.3 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Thomas - THOMAS-PC
# Gestartet von : C:\Users\Thomas\Downloads\AdwCleaner_5.119.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLL ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel gefunden : HKCU\Software\OCS
Schlüssel gefunden : HKU\S-1-5-21-758422454-1604163277-2610386603-1000\Software\OCS

***** [ Internetbrowser ] *****


*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [435 Bytes] - [11/05/2016 12:16:52]
C:\AdwCleaner\AdwCleaner[S2].txt - [1049 Bytes] - [11/05/2016 12:17:55]
C:\AdwCleaner\AdwCleaner[S3].txt - [380 Bytes] - [11/05/2016 12:44:56]
C:\AdwCleaner\AdwCleaner[S4].txt - [1044 Bytes] - [31/05/2016 22:09:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1117 Bytes] ##########
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 31.05.2016
Suchlaufzeit: 22:27
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.05.31.04
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Thomas

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 310073
Abgelaufene Zeit: 8 Min., 4 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-05-2016 02
durchgeführt von Thomas (Administrator) auf THOMAS-PC (31-05-2016 22:38:24)
Gestartet von C:\Users\Thomas\Downloads
Geladene Profile: Thomas (Verfügbare Profile: Thomas)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
() C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Spotify Ltd) C:\Users\Thomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Flux Software LLC) C:\Users\Thomas\AppData\Local\FluxSoftware\Flux\flux.exe
() C:\Program Files (x86)\SPEEDLINK\SPEEDLINK PRIME Gaming Mouse\Gaming Mouse.exe
(Sharkoon Technologies) C:\Program Files (x86)\Skiller PRO\Monitor.EXE
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Thomas\Downloads\FRST64(1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-05-11] (Apple Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6564552 2016-05-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SPEEDLINK KUDOS] => C:\Program Files (x86)\SPEEDLINK\SPEEDLINK PRIME Gaming Mouse\Gaming Mouse.exe [1470464 2012-03-08] ()
HKLM-x32\...\Run: [Skiller PRO] => C:\Program Files (x86)\Skiller PRO\Monitor.exe [475136 2015-07-17] (Sharkoon Technologies)
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Run: [Spotify Web Helper] => C:\Users\Thomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-05-11] (Spotify Ltd)
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Run: [f.lux] => C:\Users\Thomas\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{7F44B7C4-C23C-4E67-B9AC-3F19997CD50C}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-05-02] (Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-05-02] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-02] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-05-02] (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-05-02] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-02] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)

FireFox:
========
FF ProfilePath: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default
FF Homepage: hxxps://www.reddit.com/
FF NetworkProxy: "proxy_over_tls", false
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-05-02] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-05-02] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Extension: Reddit Enhancement Suite - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2016-04-06]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2016-05-18]
FF Extension: Adblock Plus - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-01]

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.twitch.tv/directory/following
CHR StartupUrls: Default -> "hxxps://www.twitch.tv/directory/following"
CHR Profile: C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-17]
CHR Extension: (YouTube) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17]
CHR Extension: (Google Mail) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-17]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-05-20] (Advanced Micro Devices) [Datei ist nicht signiert]
R2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-01-08] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2911472 2016-05-02] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-29] (Digital Wave Ltd.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [296648 2016-05-20] (Advanced Micro Devices)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [59624 2014-01-08] (Advanced Micro Devices)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2014-10-31] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [305664 2014-10-31] (VIA Technologies, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-31 22:37 - 2016-05-31 22:37 - 00001207 _____ C:\Users\Thomas\Desktop\mbam.txt
2016-05-31 22:26 - 2016-05-31 22:27 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-31 22:26 - 2016-05-31 22:26 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-05-31 22:26 - 2016-05-31 22:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-05-31 22:26 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-05-31 22:26 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-05-31 22:26 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-05-31 22:08 - 2016-05-31 22:08 - 02383872 _____ (Farbar) C:\Users\Thomas\Downloads\FRST64(1).exe
2016-05-31 22:07 - 2016-05-31 22:08 - 22851472 _____ (Malwarebytes ) C:\Users\Thomas\Downloads\mbam-setup-2.2.1.1043.exe
2016-05-31 22:07 - 2016-05-31 22:07 - 03677248 _____ C:\Users\Thomas\Downloads\AdwCleaner_5.119.exe
2016-05-30 22:12 - 2016-05-30 22:12 - 00036647 _____ C:\ComboFix.txt
2016-05-30 22:04 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2016-05-30 22:04 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2016-05-30 22:04 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-05-30 22:04 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-05-30 22:04 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-05-30 22:04 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2016-05-30 22:04 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2016-05-30 22:04 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2016-05-30 21:59 - 2016-05-30 22:12 - 00000000 ____D C:\Qoobox
2016-05-30 21:59 - 2016-05-30 22:10 - 00000000 ____D C:\Windows\erdnt
2016-05-30 21:58 - 2016-05-30 21:58 - 05659529 ____R (Swearware) C:\Users\Thomas\Downloads\ComboFix.exe
2016-05-30 21:24 - 2016-05-30 21:24 - 27650032 _____ (pdfforge GmbH ) C:\Users\Thomas\Downloads\PDFCreator-2_3_0-Setup.exe
2016-05-30 18:52 - 2016-05-31 22:38 - 00014528 _____ C:\Users\Thomas\Downloads\FRST.txt
2016-05-30 18:52 - 2016-05-30 18:53 - 00039986 _____ C:\Users\Thomas\Downloads\Addition.txt
2016-05-30 18:51 - 2016-05-30 18:51 - 02383872 _____ (Farbar) C:\Users\Thomas\Downloads\FRST64.exe
2016-05-29 23:03 - 2016-05-29 23:03 - 00000000 ____D C:\Users\Thomas\Documents\League of Legends
2016-05-28 13:57 - 2016-05-28 13:57 - 00006663 _____ C:\Users\Thomas\Downloads\Muster-Anschreiben-Naturwissenschaftler.pdf
2016-05-28 13:48 - 2016-05-28 13:48 - 00013077 _____ C:\Users\Thomas\Downloads\studentenjob_musteranschreiben.pdf
2016-05-27 15:23 - 2016-05-27 15:23 - 00003011 _____ C:\Users\Thomas\Downloads\TwitchHTML5-master.zip
2016-05-27 10:55 - 2016-05-27 10:58 - 00203436 _____ C:\TDSSKiller.3.1.0.9_27.05.2016_10.55.22_log.txt
2016-05-27 10:54 - 2016-05-27 10:55 - 00202236 _____ C:\TDSSKiller.3.1.0.9_27.05.2016_10.54.18_log.txt
2016-05-27 10:42 - 2016-05-27 10:42 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Thomas\Downloads\tdsskiller.exe
2016-05-24 16:48 - 2016-05-24 16:48 - 02684989 _____ C:\Users\Thomas\Downloads\Proteine.zip
2016-05-24 16:48 - 2016-05-24 16:48 - 00012930 _____ C:\Users\Thomas\Downloads\Aminosauren.zip
2016-05-24 16:47 - 2016-05-24 16:48 - 00051960 _____ C:\Users\Thomas\Downloads\DNA.zip
2016-05-24 16:15 - 2016-05-24 21:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-05-20 23:48 - 2016-05-20 23:48 - 00141280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2016-05-20 23:48 - 2016-05-20 23:48 - 00122704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00150544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00141280 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00125288 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2016-05-20 23:46 - 2016-05-20 23:46 - 09798560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2016-05-20 23:46 - 2016-05-20 23:46 - 08577456 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2016-05-20 23:44 - 2016-05-20 23:44 - 00296648 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2016-05-20 23:41 - 2016-05-20 23:41 - 27015680 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2016-05-20 23:35 - 2016-05-20 23:35 - 48616960 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2016-05-20 23:35 - 2016-05-20 23:35 - 00252928 _____ C:\Windows\system32\clinfo.exe
2016-05-20 23:34 - 2016-05-20 23:34 - 38098432 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2016-05-20 23:33 - 2016-05-20 23:33 - 00096256 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-05-20 23:33 - 2016-05-20 23:33 - 00087040 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-05-20 23:32 - 2016-05-20 23:32 - 27433472 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2016-05-20 23:31 - 2016-05-20 23:31 - 21600768 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2016-05-20 23:30 - 2016-05-20 23:30 - 08699392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2016-05-20 23:26 - 2016-05-20 23:26 - 06951424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2016-05-20 23:14 - 2016-05-20 23:14 - 30188032 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2016-05-20 23:13 - 2016-05-20 23:13 - 00730112 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2016-05-20 23:13 - 2016-05-20 23:13 - 00605696 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2016-05-20 23:12 - 2016-05-20 23:12 - 06965248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2016-05-20 23:12 - 2016-05-20 23:12 - 00142336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2016-05-20 23:12 - 2016-05-20 23:12 - 00117760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 05643776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 00716128 _____ C:\Windows\SysWOW64\atiapfxx.blb
2016-05-20 23:09 - 2016-05-20 23:09 - 00716128 _____ C:\Windows\system32\atiapfxx.blb
2016-05-20 23:09 - 2016-05-20 23:09 - 00385536 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2016-05-20 23:09 - 2016-05-20 23:09 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2016-05-20 23:08 - 2016-05-20 23:08 - 15711744 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2016-05-20 23:08 - 2016-05-20 23:08 - 14302720 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 24836096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 00113152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 00092160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 00038400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2016-05-20 23:04 - 2016-05-20 23:04 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2016-05-20 23:02 - 2016-05-20 23:02 - 00588288 _____ (AMD) C:\Windows\system32\atieclxx.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2016-05-20 23:02 - 2016-05-20 23:02 - 00306688 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00274432 _____ C:\Windows\system32\dgtrayicon.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00258560 _____ C:\Windows\system32\GameManager64.dll
2016-05-20 23:02 - 2016-05-20 23:02 - 00230912 _____ C:\Windows\system32\amdgfxinfo64.dll
2016-05-20 23:02 - 2016-05-20 23:02 - 00212480 _____ C:\Windows\system32\atieah64.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00202752 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2016-05-20 23:02 - 2016-05-20 23:02 - 00190464 _____ C:\Windows\SysWOW64\atieah32.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00093696 _____ (AMD) C:\Windows\system32\atimuixx.dll
2016-05-20 23:01 - 2016-05-20 23:01 - 00270336 _____ (AMD) C:\Windows\system32\atitmm64.dll
2016-05-20 22:59 - 2016-05-20 22:59 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2016-05-20 22:57 - 2016-05-20 22:57 - 01304576 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00973824 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00973824 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00498176 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2016-05-20 22:57 - 2016-05-20 22:57 - 00185344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00159232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00119808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00106496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00101376 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2016-05-20 22:56 - 2016-05-20 22:56 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2016-05-20 22:55 - 2016-05-20 22:55 - 00251392 _____ C:\Windows\system32\hsa-thunk64.dll
2016-05-20 22:55 - 2016-05-20 22:55 - 00217088 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2016-05-20 17:21 - 2016-05-20 17:21 - 02412544 _____ C:\Windows\system32\amdacpusl.pdb
2016-05-20 17:12 - 2016-05-20 17:12 - 00364544 _____ (Advanced Micro Devices) C:\Windows\system32\amdacpusl.dll
2016-05-20 17:12 - 2016-05-20 17:12 - 00306176 _____ C:\Windows\system32\amdacpusl.pdb.pub
2016-05-20 17:12 - 2016-05-20 17:12 - 00248832 _____ (Advanced Micro Devices) C:\Windows\SysWOW64\amdacpusl.dll
2016-05-18 20:03 - 2016-04-14 18:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-05-18 20:03 - 2016-04-14 18:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-05-18 20:03 - 2016-04-14 18:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-05-18 20:03 - 2016-04-14 18:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-05-18 20:03 - 2016-04-14 18:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-05-18 20:03 - 2016-04-14 18:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-05-18 20:03 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-05-18 20:03 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-05-18 20:03 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-05-18 20:03 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-05-18 20:03 - 2016-04-14 17:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-05-18 20:03 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-05-18 20:03 - 2016-04-12 03:23 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-05-18 20:03 - 2016-04-12 03:23 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-05-18 20:03 - 2016-04-12 03:20 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-05-18 20:03 - 2016-04-12 03:20 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-05-18 20:03 - 2016-04-12 03:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-05-18 20:03 - 2016-04-12 03:01 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-05-18 20:03 - 2016-04-12 03:01 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-05-18 20:03 - 2016-04-12 03:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-05-18 20:03 - 2016-04-12 02:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-05-18 20:03 - 2016-04-12 02:43 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-05-18 20:03 - 2016-04-12 02:43 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-05-18 20:03 - 2016-04-12 02:43 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-05-18 20:03 - 2016-04-12 02:42 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-05-18 20:03 - 2016-04-12 02:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-05-18 20:03 - 2016-04-12 02:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-05-18 20:03 - 2016-04-09 08:58 - 14186496 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-05-18 20:03 - 2016-04-09 08:57 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-05-18 20:03 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-05-18 20:03 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-05-18 20:03 - 2016-04-09 07:53 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-05-18 20:03 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-05-18 18:32 - 2016-05-18 18:32 - 00000000 ____D C:\Users\Thomas\Documents\UnrealTournament
2016-05-18 18:32 - 2016-05-18 18:32 - 00000000 ____D C:\Users\Thomas\AppData\Local\UnrealTournament
2016-05-18 17:14 - 2016-05-18 18:48 - 00000000 ____D C:\Program Files\Epic Games
2016-05-18 17:04 - 2016-05-18 17:04 - 00000000 ____D C:\Users\Thomas\AppData\Local\UnrealEngineLauncher
2016-05-18 17:03 - 2016-05-18 17:03 - 00000000 ____D C:\Users\Thomas\AppData\Local\UnrealEngine
2016-05-18 17:03 - 2016-05-18 17:03 - 00000000 ____D C:\Users\Thomas\AppData\Local\EpicGamesLauncher
2016-05-18 17:02 - 2016-05-18 17:05 - 00002517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2016-05-18 17:02 - 2016-05-18 17:05 - 00002505 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2016-05-18 17:02 - 2016-05-18 17:04 - 00000000 ____D C:\ProgramData\Epic
2016-05-18 17:02 - 2016-05-18 17:02 - 00000000 ____D C:\Program Files (x86)\Epic Games
2016-05-18 17:01 - 2016-05-18 17:01 - 33619968 _____ C:\Users\Thomas\Downloads\EpicGamesLauncherInstaller-2.11.9-2970807.msi
2016-05-17 20:38 - 2016-05-17 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-05-17 20:38 - 2016-05-17 20:38 - 00000000 ____D C:\Program Files\iTunes
2016-05-17 20:38 - 2016-05-17 20:38 - 00000000 ____D C:\Program Files\iPod
2016-05-17 20:38 - 2016-05-17 20:38 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-05-16 20:25 - 2016-05-16 20:27 - 63261230 _____ C:\Users\Thomas\Downloads\Fest & Flauschig - Aufbau West mit Olli Schulz und Jan Böhmermann.m4a
2016-05-15 00:14 - 2016-05-15 00:14 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-15 00:07 - 2016-05-15 00:08 - 22851472 _____ (Malwarebytes ) C:\Users\Thomas\Downloads\mbam-setup-computerbild.8000-2.2.1.1043.exe
2016-05-15 00:02 - 2016-05-15 00:02 - 00985600 _____ C:\Users\Thomas\Downloads\MicrosoftFixit50123.msi
2016-05-14 18:41 - 2016-05-14 18:41 - 01622481 _____ C:\Users\Thomas\Downloads\Dissertation_R_Nobis_ThULB.pdf
2016-05-14 13:18 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-14 13:18 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-14 13:18 - 2015-12-20 20:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-05-14 13:18 - 2015-12-20 20:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-05-14 13:18 - 2015-12-20 16:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-05-14 13:18 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-05-14 13:18 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2016-05-14 13:18 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2016-05-14 13:18 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-05-14 13:18 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2016-05-14 13:18 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2016-05-14 13:18 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2016-05-14 13:18 - 2014-12-11 19:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2016-05-14 13:18 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-05-14 13:18 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-05-14 13:18 - 2012-06-01 07:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wamregps.dll
2016-05-14 13:18 - 2012-06-01 07:36 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\iisRtl.dll
2016-05-14 13:18 - 2012-06-01 07:36 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\iisrstap.dll
2016-05-14 13:18 - 2012-06-01 07:35 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ahadmin.dll
2016-05-14 13:18 - 2012-06-01 07:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\admwprox.dll
2016-05-14 13:18 - 2012-06-01 07:33 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\iisreset.exe
2016-05-14 13:18 - 2012-06-01 06:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wamregps.dll
2016-05-14 13:18 - 2012-06-01 06:37 - 00154624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisRtl.dll
2016-05-14 13:18 - 2012-06-01 06:37 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisrstap.dll
2016-05-14 13:18 - 2012-06-01 06:35 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admwprox.dll
2016-05-14 13:18 - 2012-06-01 06:35 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ahadmin.dll
2016-05-14 13:18 - 2012-06-01 06:34 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iisreset.exe
2016-05-14 13:17 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-14 13:17 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-14 00:33 - 2015-11-10 20:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-05-14 00:33 - 2015-11-10 20:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-05-14 00:33 - 2015-11-10 20:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-05-14 00:33 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-05-14 00:33 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-05-14 00:28 - 2015-12-08 23:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-05-14 00:28 - 2015-12-08 21:07 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-05-14 00:28 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-05-14 00:28 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-05-14 00:01 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2016-05-14 00:01 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-05-14 00:01 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-05-14 00:01 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2016-05-14 00:01 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2016-05-14 00:01 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2016-05-14 00:01 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2016-05-14 00:01 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2016-05-14 00:01 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2016-05-14 00:01 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2016-05-14 00:00 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2016-05-14 00:00 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2016-05-14 00:00 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2016-05-14 00:00 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2016-05-13 23:59 - 2016-05-13 23:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-05-13 23:59 - 2016-05-13 23:59 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-05-13 23:59 - 2016-05-13 23:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-05-13 23:56 - 2015-12-16 20:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-05-13 23:56 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-05-13 23:56 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-05-13 23:56 - 2015-12-16 20:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-05-13 23:56 - 2015-12-16 20:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-05-13 23:56 - 2015-12-16 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-05-13 23:56 - 2015-12-16 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-05-13 23:56 - 2015-12-16 20:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-05-13 23:56 - 2015-12-16 16:38 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2016-05-13 23:56 - 2015-12-16 16:37 - 00419928 _____ C:\Windows\system32\locale.nls
2016-05-13 23:56 - 2015-08-05 19:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2016-05-13 23:56 - 2015-08-05 19:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-05-13 23:54 - 2016-03-09 21:00 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-05-13 23:54 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-05-13 23:54 - 2016-03-09 20:40 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-05-13 23:54 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-05-13 23:49 - 2016-05-13 23:53 - 00000000 ____D C:\Windows\system32\MRT
2016-05-13 23:49 - 2016-05-13 23:49 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-13 23:28 - 2016-05-13 23:28 - 00000000 ____D C:\Windows\SysWOW64\BestPractices
2016-05-13 23:28 - 2016-05-13 23:28 - 00000000 ____D C:\Windows\system32\BestPractices
2016-05-13 23:28 - 2016-05-13 23:28 - 00000000 ____D C:\inetpub
2016-05-13 11:35 - 2016-05-26 17:58 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-13 11:35 - 2016-05-26 17:58 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-11 23:37 - 2016-05-11 23:37 - 00000000 ____D C:\Users\Thomas\AppData\Local\GWX
2016-05-11 14:13 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-05-11 14:13 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-11 14:13 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-11 14:13 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-05-11 14:13 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-11 14:13 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-05-11 14:13 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-05-11 14:13 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-05-11 14:13 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-05-11 14:13 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-05-11 14:13 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-05-11 14:13 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-05-11 14:13 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-05-11 14:13 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-05-11 14:13 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-05-11 14:13 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-05-11 14:13 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-05-11 14:13 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-05-11 14:13 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-05-11 14:13 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-05-11 14:13 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 14:13 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-11 14:13 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-05-11 14:13 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-05-11 13:27 - 2016-05-11 13:27 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\library_dir
2016-05-11 12:47 - 2016-05-31 22:38 - 00000000 ____D C:\FRST
2016-05-11 12:18 - 2016-05-11 12:45 - 00001536 _____ C:\Users\Thomas\Desktop\JRT.txt
2016-05-11 12:16 - 2016-05-31 22:09 - 00000000 ____D C:\AdwCleaner
2016-05-11 11:03 - 2016-05-11 11:03 - 00000000 ____D C:\Program Files (x86)\ESET
2016-05-11 00:41 - 2016-05-11 00:41 - 00096256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2016-05-11 00:40 - 2016-05-11 00:40 - 00103424 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2016-05-11 00:36 - 2016-05-20 23:12 - 00865280 _____ (AMD) C:\Windows\system32\coinst_16.20.dll
2016-05-11 00:36 - 2016-05-11 00:36 - 00865280 _____ (AMD) C:\Windows\system32\SETE622.tmp
2016-05-10 23:37 - 2016-05-31 22:26 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-05-10 23:06 - 2016-05-13 23:13 - 00967006 _____ C:\Windows\ntbtlog.txt
2016-05-09 07:05 - 2016-05-09 07:05 - 00874790 _____ C:\Windows\system32\amdicdxx.dat
2016-05-08 12:49 - 2016-05-08 12:49 - 00000000 ___HD C:\ProgramData\CanonIJETV
2016-05-08 12:49 - 2016-05-08 12:49 - 00000000 ____D C:\Program Files (x86)\Canon
2016-05-08 12:14 - 2016-05-08 12:14 - 00000000 ____H C:\Users\Thomas\Documents\Default.rdp
2016-05-07 13:23 - 2016-05-07 13:23 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\WinRAR
2016-05-07 12:51 - 2016-05-11 11:04 - 00000000 ___RD C:\Users\Thomas\Documents\Scanned Documents
2016-05-07 12:51 - 2016-05-07 12:51 - 00000000 ____D C:\Users\Thomas\Documents\Fax
2016-05-06 22:45 - 2016-05-06 22:45 - 00368416 _____ C:\Windows\system32\ativvaxy_el_nd.dat
2016-05-06 16:11 - 2016-05-07 11:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-01 15:50 - 2016-05-24 22:07 - 00000000 ____D C:\Users\Thomas\Desktop\Rea

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-31 22:14 - 2016-04-17 15:03 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-31 22:08 - 2016-04-10 00:44 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-31 22:08 - 2009-07-14 06:45 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-31 22:08 - 2009-07-14 06:45 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-31 21:34 - 2016-04-06 20:55 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\TS3Client
2016-05-31 19:11 - 2016-04-17 20:58 - 00000000 ____D C:\Users\Thomas\AppData\LocalLow\Temp
2016-05-31 16:24 - 2011-04-12 09:43 - 01364946 _____ C:\Windows\system32\perfh007.dat
2016-05-31 16:24 - 2011-04-12 09:43 - 00353018 _____ C:\Windows\system32\perfc007.dat
2016-05-31 16:24 - 2009-07-14 07:13 - 00006408 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-31 16:19 - 2016-04-06 21:40 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-31 16:18 - 2016-04-17 15:03 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-31 16:18 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-30 22:33 - 2016-04-07 15:20 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-05-30 22:10 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2016-05-30 20:55 - 2016-04-06 19:37 - 00000000 ____D C:\Users\Thomas\AppData\Local\VirtualStore
2016-05-29 22:36 - 2016-04-06 22:57 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Skype
2016-05-28 11:45 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-05-25 17:21 - 2016-04-06 21:49 - 00004230 _____ C:\Windows\System32\Tasks\AMD Updater
2016-05-25 17:02 - 2016-04-06 21:43 - 00000000 ____D C:\Program Files (x86)\AMD
2016-05-25 17:02 - 2016-04-06 21:42 - 00000000 ____D C:\Program Files\AMD
2016-05-25 17:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-25 17:00 - 2016-04-06 21:40 - 00000000 ____D C:\AMD
2016-05-25 16:18 - 2016-04-06 20:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-23 19:53 - 2016-04-06 21:29 - 00000000 ____D C:\Users\Thomas\AppData\Local\Spotify
2016-05-23 19:53 - 2016-04-06 21:28 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Spotify
2016-05-22 22:05 - 2016-04-07 16:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-20 23:47 - 2016-04-04 06:16 - 00166488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2016-05-20 23:47 - 2016-04-04 06:16 - 00137136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 10694160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 08876704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 08865344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 01511680 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 01242832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2016-05-20 23:47 - 2016-04-04 06:15 - 00123776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2016-05-20 23:46 - 2016-04-04 06:15 - 06999496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2016-05-20 23:02 - 2016-04-04 03:57 - 00223744 _____ C:\Windows\SysWOW64\GameManager32.dll
2016-05-19 14:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-05-18 17:04 - 2016-04-06 21:14 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-18 14:11 - 2016-04-17 19:59 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-18 14:10 - 2016-04-17 19:56 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-05-17 21:05 - 2014-01-11 18:52 - 00000000 ____D C:\Users\Thomas\Desktop\#I so'n Shit
2016-05-17 20:38 - 2016-04-06 21:21 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-05-17 14:19 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-05-16 20:25 - 2016-04-16 17:36 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\DVDVideoSoft
2016-05-14 23:29 - 2009-07-14 06:45 - 00424696 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-14 23:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2016-05-14 23:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2016-05-14 02:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-05-13 23:28 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-05-13 23:18 - 2014-08-09 16:19 - 00000000 ___RD C:\Users\Thomas\Dropbox
2016-05-13 23:14 - 2016-04-06 21:53 - 00000000 ____D C:\Users\Thomas\AppData\Local\ElevatedDiagnostics
2016-05-13 11:35 - 2016-04-10 15:23 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-13 01:15 - 2016-04-17 15:04 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-13 01:08 - 2016-04-10 00:44 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 01:08 - 2016-04-10 00:44 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 01:08 - 2016-04-10 00:44 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-12 22:54 - 2016-04-06 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-05-11 14:09 - 2016-04-17 15:03 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 14:09 - 2016-04-17 15:03 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-11 11:46 - 2016-04-08 16:36 - 00000000 ____D C:\Users\Thomas\AppData\Local\Apps\2.0
2016-05-11 11:45 - 2016-04-09 11:54 - 00000000 ____D C:\Users\Thomas\AppData\Local\Downloaded Installations
2016-05-11 11:42 - 2016-04-06 21:00 - 00000000 ____D C:\60123cffff02c322a6
2016-05-11 01:09 - 2016-04-04 06:16 - 00166488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETDE39.tmp
2016-05-11 01:09 - 2016-04-04 06:15 - 01510144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\SETDEAA.tmp
2016-05-10 20:25 - 2016-04-07 16:27 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-08 12:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-04-06 21:12 - 2016-04-06 21:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-28 19:50

==================== Ende von FRST.txt ============================
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-05-2016 02
durchgeführt von Thomas (2016-05-31 22:38:42)
Gestartet von C:\Users\Thomas\Downloads
Windows 7 Professional Service Pack 1 (X64) (2016-04-06 17:37:00)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-758422454-1604163277-2610386603-500 - Administrator - Disabled)
Gast (S-1-5-21-758422454-1604163277-2610386603-501 - Limited - Disabled)
Thomas (S-1-5-21-758422454-1604163277-2610386603-1000 - Administrator - Enabled) => C:\Users\Thomas

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACD/Labs Freeware in C:\ACD2015FREE\ (HKLM-x32\...\ACDLabs in C__ACD2015FREE_) (Version: v14.00, FREE - ACD/Labs)
ACP Application (Version: 2016.0520.1712.17 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{34D5220A-58D0-473C-90E4-15136C3FB0E3}) (Version: 4.3.1.0690 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Epic Games Launcher (HKLM-x32\...\{CA4F7840-CC89-451D-8453-392F2EDAA605}) (Version: 1.1.70.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
f.lux (HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Flux) (Version:  - )
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.6.328 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
iTunes (HKLM\...\{58D7E5F7-BAD1-49C5-93C8-B655736EDA00}) (Version: 12.4.0.119 - Apple Inc.)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.6868.2062 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Mozilla Thunderbird 45.1.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.0 (x86 de)) (Version: 45.1.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6828.1016 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Skiller PRO (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 2.1.15.6 - Sharkoon Technologies)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
SPEEDLINK PRIME Gaming Mouse (HKLM-x32\...\SPEEDLINK KUDOS) (Version:  - )
Spotify (HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-758422454-1604163277-2610386603-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-758422454-1604163277-2610386603-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {15FE0B6C-6F9D-4CE1-98EF-E2F5F33A4845} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-02] (Microsoft Corporation)
Task: {27D6393D-4FA7-49C0-BE3D-07B63F1744C5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {29C10ED2-A5DB-47E4-90CB-64F2328E12F5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {2B3D71FA-7E23-4D26-825C-F593771E4CD8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {49C0D252-62E5-45C7-9C09-CDD4CEDA94DA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-05] (Microsoft Corporation)
Task: {80B348DC-5F01-49E8-BC90-AD93FFCEEA62} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-05] (Microsoft Corporation)
Task: {9304EBB5-82CD-4F09-B853-E07F96DD2FAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17] (Google Inc.)
Task: {D122ABCC-35C0-4196-9705-4C9E5608F49A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-05-05] (Microsoft Corporation)
Task: {DAF3A632-9FB4-418A-9FFA-AE2B117D2E43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17] (Google Inc.)
Task: {E81E985F-3881-447F-B0A0-40F0625F0B5B} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-05-20] (Advanced Micro Devices, Inc.)
Task: {FF1C5EBB-E5CD-4FA8-A11A-41021CA2DD57} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-02] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-08-30 19:47 - 2013-08-30 19:47 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-22 14:41 - 2012-10-22 14:41 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-22 14:42 - 2012-10-22 14:42 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-01-08 06:46 - 2014-01-08 06:46 - 00137584 _____ () C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-17 19:56 - 2016-05-02 04:01 - 00417472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2012-03-08 05:12 - 2012-03-08 05:12 - 01470464 _____ () C:\Program Files (x86)\SPEEDLINK\SPEEDLINK PRIME Gaming Mouse\Gaming Mouse.exe
2014-01-08 06:47 - 2014-01-08 06:47 - 00625000 _____ () C:\Program Files (x86)\AMD\OverDrive\Device.dll
2014-01-08 06:48 - 2014-01-08 06:48 - 03860848 _____ () C:\Program Files (x86)\AMD\OverDrive\Platform.dll
2014-01-08 06:49 - 2014-01-08 06:49 - 01587560 _____ () C:\Program Files (x86)\AMD\OverDrive\QtCore4.dll
2014-01-08 06:49 - 2014-01-08 06:49 - 06441320 _____ () C:\Program Files (x86)\AMD\OverDrive\QtGui4.dll
2014-01-08 06:50 - 2014-01-08 06:50 - 00362856 _____ () C:\Program Files (x86)\AMD\OverDrive\QtXml4.dll
2016-04-16 17:36 - 2016-03-29 00:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-04-16 17:36 - 2016-03-29 00:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-04-16 17:36 - 2016-03-29 00:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-04-16 17:36 - 2016-03-29 00:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-04-16 17:36 - 2016-03-29 00:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-04-16 17:36 - 2016-03-29 00:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-04-04 03:57 - 2016-05-20 23:02 - 00223744 _____ () C:\Windows\SysWOW64\GameManager32.dll
2016-04-06 21:42 - 2016-04-29 22:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-04-06 21:42 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-04-06 21:42 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-04-06 21:42 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-04-06 21:42 - 2016-04-30 02:10 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2016-04-06 21:42 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-04-06 21:42 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-04-06 21:42 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-04-06 21:42 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-04-06 21:42 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-04-06 21:42 - 2016-04-30 02:10 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-04-06 21:42 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-04-24 12:18 - 2015-07-20 17:15 - 00057344 _____ () C:\Program Files (x86)\Skiller PRO\lan.dll
2016-04-24 12:18 - 2012-08-14 22:41 - 00061440 _____ () C:\Program Files (x86)\Skiller PRO\hiddriver.dll
2016-04-06 21:42 - 2016-04-28 03:00 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-06 21:42 - 2015-09-25 01:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2016-05-13 01:15 - 2016-05-11 13:48 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-13 01:15 - 2016-05-11 13:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll
2016-05-13 01:15 - 2016-05-11 13:48 - 17565848 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-05-30 22:09 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-758422454-1604163277-2610386603-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{1BCAC893-CFF5-4B9B-B850-44B7676B9E6C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7111D390-46B3-475F-80D1-301F5CDBB677}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A4AB2E0E-53C0-4177-9A3E-20002042C1D7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C4571AB8-9671-4363-B564-69DB43825264}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2FAD3544-A9CF-429F-BBC3-0A9ABF814914}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{36A774A3-45F8-474F-A081-87A5A9C1E404}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5AACE038-93F5-4799-9AE6-F166A1ADCEC0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D17EAD2D-00F5-4473-9873-7CBF0C0914D2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E76E4D58-B87C-4CED-9F5B-711B2906D389}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AC3BC60B-C4A3-4230-BDA5-4AD011A42F8C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{93B56332-F08C-4B6B-93F4-A3F34F9C5A36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{200E9D49-D84B-4235-A117-7685E9F00AD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6867D683-685D-4382-9E43-7C6CDDB4BE9D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{25B354C7-1BA0-4185-B445-EC8D1A210A17}C:\users\thomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E44951C8-D687-4754-8D0B-8AB1B23EF7F4}C:\users\thomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9C60BA12-94B0-4E54-BF18-5AB6F5E4C1F3}] => (Block) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{39537144-DD55-4166-9463-33EF7C683842}] => (Block) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9EDC795F-272A-4EB3-AD00-1A91DCDE93CA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{BBA74933-FA30-4DA3-B21A-25D571817B41}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{B012F289-0C94-4CA8-AB32-1DA7A4B769E8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{0E1C8AF4-9E36-458A-9836-A67DE07796CD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{04A0DEE9-698B-445C-951D-BD6AA2D243AA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{9B4A8547-A8A2-43E3-8D3E-DDFA4F740689}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{4413B138-BB2B-4F17-80EE-0A27F117B626}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{040FD958-5701-424B-97AD-F962EEC8BA2D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{372EBF4E-BDA0-41FF-AD6C-53B78DC18B73}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{38C4DFE6-9166-4F9E-AE16-FF8F0FE2A98D}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{84C52CDD-7C66-403F-BE49-BDEA926B5BF2}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{FC285D08-4A1A-4901-9CC9-CB28AF2F5DF1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{99DFCD0E-F2CD-4A9E-B724-E5E25AFD6C69}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{740FCBC3-A4D3-4A3D-B3CC-5E656DCC5FE9}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{799231B6-3B0E-4909-B188-F152276B6C49}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{A038B329-29C2-4041-A19D-56B47D5FAAA1}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{45A133EC-4E01-4B76-8709-DCCA7F6B7F2A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{3CF14EA0-D892-424E-9C74-BA1EFD3D93D6}C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{902BD277-E7B5-441E-9F6F-C61AF6AF7FA9}C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Allow) C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [TCP Query User{047EECAB-C51C-4DED-BDDF-29B8FB1CA506}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{AD5FA729-B796-401F-BC28-C4ED603C9B9A}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{9B9F5C7C-6F5B-4058-BE3C-79408F2C3002}C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Block) C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe
FirewallRules: [UDP Query User{7ECDD799-55F7-4B0D-B7FF-8ECB77C4038B}C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe] => (Block) C:\program files\epic games\unrealtournament\engine\binaries\win64\ue4-win64-shipping.exe

==================== Wiederherstellungspunkte =========================

22-05-2016 22:04:55 Windows Update
25-05-2016 17:01:36 Gerätetreiber-Paketinstallation: Advanced Micro Devices, Inc. Grafikkarte
26-05-2016 17:20:16 Windows Update
26-05-2016 17:58:52 Windows Update
30-05-2016 18:51:48 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/31/2016 04:24:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (05/31/2016 04:24:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (05/31/2016 04:24:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (05/31/2016 04:19:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/31/2016 04:18:06 PM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description: ATI EEU Client event error

Error: (05/31/2016 01:48:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (05/31/2016 01:48:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (05/31/2016 01:48:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (05/31/2016 01:44:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/31/2016 01:42:24 PM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description: ATI EEU Client event error


Systemfehler:
=============
Error: (05/31/2016 04:18:05 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎31.‎05.‎2016 um 16:05:12 unerwartet heruntergefahren.

Error: (05/30/2016 10:13:32 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (05/30/2016 10:10:02 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/30/2016 10:09:34 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\ComboFix\catchme.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (05/30/2016 10:07:19 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/30/2016 06:50:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.

Error: (05/29/2016 09:47:48 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.

Error: (05/29/2016 07:20:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.

Error: (05/29/2016 12:27:01 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Server" wurde nicht richtig gestartet.

Error: (05/28/2016 08:09:59 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.


CodeIntegrity:
===================================
  Date: 2016-05-30 22:09:34.734
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-05-30 22:09:34.703
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: AMD FX-8320E Eight-Core Processor 
Prozentuale Nutzung des RAM: 19%
Installierter physikalischer RAM: 16350.65 MB
Verfügbarer physikalischer RAM: 13159.19 MB
Summe virtueller Speicher: 32699.48 MB
Verfügbarer virtueller Speicher: 28958.03 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:320.67 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 85DD657B)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Alt 01.06.2016, 17:14   #11
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
PC führt Programme zT wahllos aus/nicht aus - Standard

PC führt Programme zT wahllos aus/nicht aus


Jetzt bitte Suchscan durchführen:

Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 01.06.2016, 21:15   #12
Zoidbarg
 
PC führt Programme zT wahllos aus/nicht aus - Standard

PC führt Programme zT wahllos aus/nicht aus


Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=081b7b8b569ba142843906a309371537
# end=init
# utc_time=2016-06-01 07:19:56
# local_time=2016-06-01 09:19:56 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 29663
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=081b7b8b569ba142843906a309371537
# end=updated
# utc_time=2016-06-01 07:24:42
# local_time=2016-06-01 09:24:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=081b7b8b569ba142843906a309371537
# engine=29663
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-06-01 08:11:49
# local_time=2016-06-01 10:11:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 4774473 87795903 0 0
# scanned=189366
# found=2
# cleaned=0
# scan_time=2826
sh=552464E3A61B57248E7ABBB9E78047923105E150 ft=1 fh=8e19f37ab9b5e3fe vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Thomas\Downloads\PDFCreator-2_3_0-Setup.exe"
sh=EF0D95CF84D486678CAA0D206D92A2609F7E316A ft=0 fh=0000000000000000 vn="Variante von Android/TrojanSMS.Agent.AFO Trojaner" ac=I fn="C:\Users\Thomas\Dropbox\.dropbox.cache\2015-09-09\DHL (deleted 1d503688f8133ecab530754041072695).apk"

Alt 02.06.2016, 11:02   #13
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
PC führt Programme zT wahllos aus/nicht aus - Standard

PC führt Programme zT wahllos aus/nicht aus


Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 02.06.2016, 16:46   #14
Zoidbarg
 
PC führt Programme zT wahllos aus/nicht aus - Standard

PC führt Programme zT wahllos aus/nicht aus


Die Probleme haben sich gelegt.

Alt 02.06.2016, 18:13   #15
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
PC führt Programme zT wahllos aus/nicht aus - Standard

PC führt Programme zT wahllos aus/nicht aus


OK, bitte noch ein frisches Log...

Schritt 1



Bitte starte FRST erneut, und drücke auf Untersuchen.
Bitte poste mir den Inhalt des Logs.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Antwort

Themen zu PC führt Programme zT wahllos aus/nicht aus
administrator, cs:go, defender, desktop, dnsapi.dll, explorer, firefox, firewall, flash player, homepage, langsam, mozilla, mp3, office 365, programme, prozesse, registry, scan, security, services.exe, svchost.exe, system, taskleiste, teamspeak, udp, updates, windows, winlogon.exe


« Windows 10; Avira meldet Trojaner-Fund: TR/Crypt.XPACK.Gen | Zip-datei DirectPay »


Ähnliche Themen: PC führt Programme zT wahllos aus/nicht aus


  1. PC führt Programme zT wahllos aus/nicht aus
    Log-Analyse und Auswertung - 29.05.2016 (4)
  2. Steam Chatlink der zu einem nicht löschbaren ,,Bildschirmschoner führt
    Plagegeister aller Art und deren Bekämpfung - 02.04.2015 (6)
  3. Laptop fährt nicht mehr herunter und führt sich selbst wieder aus
    Alles rund um Windows - 16.03.2015 (43)
  4. Laptop läd Programme sehr langsam, Programme-Fehlermeldung (keine Rückmeldung) & im Chrome Seiten laden nicht
    Plagegeister aller Art und deren Bekämpfung - 06.10.2014 (5)
  5. Windows 7 Pro: Programme Öffnen sich wahllos
    Log-Analyse und Auswertung - 10.08.2014 (13)
  6. Windows 8.1: Bei zugeklapptem Bildschirm öffnen sich wahllos Dateien vom Desktop
    Log-Analyse und Auswertung - 19.05.2014 (11)
  7. Server mit DCOM nicht registiert werden / führt zu Pc-Absturz bei Windows XP
    Plagegeister aller Art und deren Bekämpfung - 01.02.2014 (61)
  8. Adware nervt mit popups und wahllos markierten Wörtern zu Links
    Log-Analyse und Auswertung - 07.01.2014 (8)
  9. windows 7 - programme schließen nicht, surfen unmöglich wegen ständigen Popups und Weiterleitungen, lange Ladezeiten der Programme -Virus?
    Plagegeister aller Art und deren Bekämpfung - 22.12.2013 (9)
  10. Laptop lahm, hängt oft, führt Sachen nicht aus oder fährt runter (Windows XP)
    Log-Analyse und Auswertung - 22.11.2013 (21)
  11. Werbung auf allen Webseiten und Verlinkung von wahllos markierten Wörtern auf Werbeseiten
    Log-Analyse und Auswertung - 24.09.2013 (15)
  12. Computer bootet und führt Programme langsam aus (evtl. Virus?)
    Log-Analyse und Auswertung - 13.02.2012 (8)
  13. Internet Explorer öffnet wahllos Pop Ups...
    Log-Analyse und Auswertung - 06.07.2010 (6)
  14. Explorer öffnet wahllos Internetseiten
    Log-Analyse und Auswertung - 23.05.2010 (8)
  15. Windows führt Setup nicht mehr aus.
    Plagegeister aller Art und deren Bekämpfung - 26.10.2009 (1)
  16. Firefox öffnet Wahllos Werbefenster
    Plagegeister aller Art und deren Bekämpfung - 01.04.2009 (23)
  17. Windows führt Programme nicht aus
    Alles rund um Windows - 11.06.2005 (13)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema PC führt Programme zT wahllos aus/nicht aus - Moin! Ich bin neu auf diesem Forum, deswegen bitte ich um Entschuldigung, sollte ich viel nachfragen (kenne mich mit der Materie schlecht aus). Seit gestern führt mein PC Programme nicht - PC führt Programme zT wahllos aus/nicht aus...
Archiv
Du betrachtest: PC führt Programme zT wahllos aus/nicht aus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54